id igf 2016 - hukum 3 - kedaulatan dan ketahanan cyber nasional
TRANSCRIPT
Kedaulatan dan Ketahanan Cyber Nasional
(Cyber-Security and Resilience)
DR. Edmon Makarim S.Kom, S.H., LL.M
Dosen Hukum Telematika FHUI
Internet & CyberSecurity
Apa yang menjadi sumberdaya
Internet ?
• IP address
• Domain Name
• Aplikasi dan konten
• Data Pribadi ?
Siapa saja Actors di Internet ???
No Central Authorization:
• IAB (Internet Architectural Board)
• ISOC (Internet Society)
• IETF (Internet Engineering Task Force)
• IRTF (Internet Research Task Force)
• ISTF (Internet Societal Task Force)
• IANA (Internet Assigned Numbers Authority) => ICANN
(Internet Corporations for Assigned Name and Numbers)
Evolusi Bangsa: Identitas & Kultur
PEACEFUL
+
WELFAREWAR SOUVEREIGNTY vs SUPREMACY
Amanat Konstitusi dan Deklarasi InternetBahwa sesungguhnya kemerdekaan itu ialah hak segala bangsa
dan oleh sebab itu, maka penjajahan di atas dunia harus dihapuskan,
karena tidak sesuai dengan perikemanusiaan dan perikeadilan.
Dan perjuangan pergerakan kemerdekaan Indonesia telah
sampailah kepada saat yang berbahagia dengan selamat sentausa
mengantarkan rakyat Indonesia ke depan pintu gerbang kemerdekaan
Negara Indonesia, yang merdeka, bersatu, berdaulat, adil dan
makmur.
Atas berkat rakhmat Allah Yang Maha Kuasa dan dengan
didorongkan oleh keinginan luhur, supaya berkehidupan kebangsaan
yang bebas, maka rakyat Indonesia menyatakan dengan ini
kemerdekaannya.
Kemudian dari pada itu untuk membentuk suatu Pemerintah
Negara Indonesia yang melindungi segenap bangsa Indonesia dan
seluruh tumpah darah Indonesia dan untuk memajukan kesejahteraan
umum, mencerdaskan kehidupan bangsa, dan ikut melaksanakan
ketertiban dunia yang berdasarkan kemerdekaan, perdamaian abadi
dan keadilan sosial, maka disusunlah Kemerdekaan Kebangsaan
Indonesia itu dalam suatu UndangUndang Dasar Negara Indonesia,
yang terbentuk dalam suatu susunan Negara Republik Indonesia yang
berkedaulatan rakyat dengan berdasarkan kepada Ketuhanan Yang
Maha Esa, Kemanusiaan Yang Adil dan Beradab, Persatuan Indonesia
dan Kerakyatan yang dipimpin oleh hikmat kebijaksanaan dalam
Permusyawaratan/ Perwakilan, serta dengan mewujudkan suatu
Keadilan sosial bagi seluruh rakyat Indonesia.
Kedaulatan dalam Cyber ?• Internet (network of the networks) => adalah wujud konvergensi teknologi
informasi, media dan komunikasi dalam suatu bentuk jaringan
komunikasi global yang terbuka dan terdistribusi, menawarkan
kemudahan dan kecepatan namun sejak awal rentan akan keamanan,
dan warisan produk pertahanan Negara lain.
• Apakah yang menjadi kepentingan hukum bangsa dan Negara thp
keberadaan cyberspace (Hak Warga Negara dan Kewajiban pemerintah):• Akses warga Negara kepada internet sekarang diyakini sebagai bagian dari HAM
• Penyelenggaraan cyberspace nasional yang sesuai dengan cita-cita bangsa dan
tujuan nasional (merdeka, bersatu, berdaulat, adil & makmur).
• Hukum, manajemen dan teknis => Melindungi semua asset bangsa yang terhubung
dengan internet (pribadi, perusahaan dan Negara)
• Meningkatkan daya saing dan daya tahan => nilai manfaat harus lebih besar dari
biaya => pengaruh Indonesia keluar harus lebih kuat dari pada pengaruh luar yang
masuk kedalam
• Kedaulatan Bangsa dan Negara terhadap Kepentingan Nasional =>
Keamanan Nasional/Ketahanan Nasional
Ref: Michael Mac Neil
Kedaulatan & Yurisdiksi
• Ability of states to
exert control over
their territory
• Ability of states to
exclude other states
from exerting control
• Sovereignty exerted
through
• Legislative acts
• Executive acts
• Courts
• Sovereignty undermined?
Pressures towards common
denominators –eg. Data
havens / long-arm regulation
• Sovereignty Enhanced?
Increased opportunities for
monitoring and surveillance
• Sovereignty Transformed?
• Rise of supranational
institutions
• Privatization of regulation
• Lingkup Umum: => Perdata
atau Pidana
o Jurisdiction to
prescribe
o Jurisdiction to
adjudicate
o Jurisdiction to enforce
o Faktor2 yang diperhatikan:
• Territoriality => location
of acts, tools, persons,
results, etc.
• Personality =>
perpetrator or victim
• Interest => country
interest or universality
Hak Menentukan Nasib sendiri dan memberlakukan
sistem hukumnya => menjaga kepentingan
nasionalnya baik kedalam maupun keluar
Ketahanan Nasional
Landasan:
• Idiil => Pancasila
• Konstitusional => UUD Negara RI 1945
• Konseptual Wawasan NusantaraAsas:- Kesejahteraan dan
Keamanan
- Komperhensif, Integral,
Menyeluruh dan Terpadu
- Mawas Kedalam dan Mawas
Keluar
- Asas Kekeluargaan
Sifat:- Mandiri
- Dinamis
- Wibawa
- Konsultasi dan
Kerjasama
Asta Gatra:- Tri Gatra (geografi, kekayaan alam,
penduduk)
- Panca Gatra (Ideologi,Politik,
Ekonomi, Sosial Budaya, HanKam
• Apakah kita sudah punya sistem utk
digital object identifier utk orang, device
dan network serta sistem keautentikan
nasional (bgmn dgn crypto product ?)
• Apakah ada national proxy sendiri ?
Cyberwarfare & Int’l Humanitarian Law• Piagam PBB
All members shall refrain in their international relations
from the threat or use of force against the territorial
integrity or political independence of any state, or in any
other manner inconsistent with the Purposes of the
United Nations.
• Use of Force and Armed Attack: use of severity, immediacy,
directness, invasiveness, measurability, presumptive
legitimacy (Michael Schimitt) + Additional Protocol I
Geneva, acts of violence against the adversary, whether in
offence or in defence
• Combatttan
• Civilian
• Person yang dilarang untuk diserang
• Objek yang tidak boleh diserang
• Unnecessery Suffering
• Esensi dari Int’l Humanitarian Law adalah perlindungan
terhadap nilai2 kemanusiaan
Tallinn manual =>
• Secara hukum internasional Cyberspace tidak
menihilkan Kedaulatan setiap Negara, baik kedalam
maupun keluar: States are free to exercise control and jurisdiction (Rule X)
on the basis of sovereignty over objects, persons and
activities involving cyberspace, that is, over all three layers
(physical,logical and social layers). Therefore, to suggest
that cyberspace is excluded from the reach of sovereignty
is incorrect as a matter of law.
• manual yang dibuat oleh NATO dalam tataran
akademis bersama dengan berbagai macam Expert,
mencoba menafsirkan bagaimana hukum
Internasional berlaku (lex lata) dalam konflik di
cyberspace, (jus ad bellum, jus in bello)
• cyber warfare are cyber weapon and their
associated cyber system;
• cyber warfare are the cyber tactics, techniques
and procedures by which hostilities are conducted
• Attack => cyber operation, whether offensive or
defensive, that is reasonably expected to cause injury
or death to person or damage or destruction to object.
• Cyber Operations not Per Se Regulated by
International Law
• Due Diligence + Countermeasures
UN-GGE 2010-2015 => ICT & Int’l SecurityIn paragraph 3 of its resolution 64/25, the
General Assembly invited all Member
States to continue to inform the
Secretary-General of their views and
assessments on the following
questions:
(a) General appreciation of the issues of
information security;
(b) Efforts taken at the national level to
strengthen information security and
promote international cooperation in
this field;
(c) The content of the concepts
mentioned in paragraph 2 of the
resolution;
(d) Possible measures that could be
taken by the international community
to strengthen information security at
the global level.
• Peaceful
• Open
• Free
• Secure
• Stable
• Accessible
• Growth
=====
• Inclusive
• Tolerant
• Accountable
• Multilateral
Management of
the global
resources for the
Global Wealth
UN Charter:
Kedaulatan negara;
persamaan kedaulatan;
penyelesaian sengketa
dengan cara damai;
menahan diri dari
ancaman atau
penggunaan kekerasan
dalam hubungan
internasional;
non-intervensi dalam
urusan internal negara
lain;
menghormati hak asasi
manusia dan
kebebasan
fundamental.
Limiting norms Good practices & positive duties
1. states should not knowingly allow their
territory to be used for internationally
wrongful acts using ICTs;
2. states should not conduct or knowingly
support ICT activity that intentionally
damages critical infrastructure;
3. states should take steps to ensure supply
chain security, and should seek to prevent
the proliferation of malicious ICT and the
use of harmful hidden functions;
4. states should not conduct or knowingly
support activity to harm the information
systems of another state’s emergency
response teams (CERT/CSIRTS) and
should not use their own teams for
malicious international activity;
5. states should respect the UN resolutions
that are linked to human rights on the
internet and to the right to privacy in the
digital age.
• states should cooperate to increase
stability and security in the use of ICTs
and to prevent harmful practices;
• states should consider all relevant
information in case of ICT incidents;
• states should consider how best to
cooperate to exchange information, to
assist each other, and to prosecute
terrorist and criminal use of ICTs;
• states should take appropriate measures
to protect their critical infrastructure;
• states should respond to appropriate
requests for assistance by other states
whose critical infrastructure is subject to
malicious ICT acts;
• states should encourage responsible
reporting of ICT vulnerabilities and should
share remedies to these.
Kesimpulan1. Kedaulatan di cyberspace => cyberdiplomacy adalah 3C (coordination, cooperation,
collaboration) untuk Open, Free, Secure, Inclusive, Tolerant and Growth.
2. Kedaulatan Bangsa/Rakyat => Identitas Bangsa dan Budaya serta Kemandirian.
3. Kedaulatan hukum negara untuk melindungi bangsanya selayaknya keluar mengikuti
kemanapun data pribadi warga negaranya berada dan digunakan.
4. Kedaulatan Rakyat, tidak hanya tanggung jawab Pemerintah melainkan juga semua
komponen bangsa (multistake-holders), Namun tetap harus berpijak pada amanat
pembukaan konstitusi => Merdeka, Berdaulat, Adil dan Makmur + Ketertiban Dunia,
Perdamaian Abadi dan Keadilan Sosial.
5. Meskipun secara teknis kita terbukti tidak punya hajat/ kemampuan untuk “menguasai”
cyber, namun faktanya Indonesia adalah persilangan kepentingan. Oleh karena itu
“Netralitas, Inclusive, Tolerant, Accountable dan demi Kesejahteraan Bersama”
selayaknya adalah agenda diplomasi Indonesia di cyberspace.
6. Apakah bangsa Indonesia telah memiliki birokrasi, pelaku usaha, dan masyarakat
madani yang memegang amanat konstitusi ? Bukankah dengan Public Private
Partnership justru sistem pertahanan negara di cyberspace ternyata didominasi oleh
para pelaku usaha bukan pemerintah? Bagaimanakah komitmen kita sbg anak bangsa?
Terima Kasih
• Mata =>
wawasan
• Lampu => ide
intelektual
• Senyum =>
Optimisme
• IC/processor =>
TIK
• Web =>
geostrategis
Nusantara
LAMPIRAN
Int’l Relationship + Diplomacy • Vienna Convention (1961) on Diplomatic Relations dan Vienna
Convention (1963) on Consular Relation
• Diplomacy is a key concept in world politics. It refers to a process of
communication and negotiation between states and other international
actors.
• Diplomacy began in the ancient world but took on a recognizably modern
form from the fifteenth century onwards with the establishment of the
permanent embassies.
• The main function of diplomacy is negotiation which broadly means
discussion designed to identify common interest and areas of conflict
between parties.
• A ‘traditional’ diplomacy system developed thereafter had some
distinctive features which can be summarized under the headings of
structure, process, and agenda.
Ref: Mirko Tasic (I17025)
New diplomacy World War I was a ‘watershed’ in the history of diplomacy.
The perceived failure of diplomacy to prevent this war led
to a demand for a ‘new’ diplomacy that would be less
secretive and more subject of democratic control. The
outbreak of World War II revealed the limits of the ‘new’
diplomacy.
Two important changes:
1. State were no longer the only actors involved.
2. Governments themselves were beginning to change in terms of the scope of their activities and the extend to which they sought to regulate the lives of their citizens.
Structure Process Agenda
• The nature of new
diplomacy as a process of
negotiation was also
changed.
• State continued to negotiate
bilaterally with each other
on a state-to-state basis,
but groups of states
negotiated multilaterally
through the auspices of
intergovernmental
organizations.
• The agenda of the new diplomacy contained a number of new issues.
• Avoidance of war became a priority.
• However diplomatic activities also began to focus more on economic, social, and welfare issues relating to material wellbeing. These became known as ‘low politics’ issues.
Ref: Mirko Tasic (I17025)
The diplomatic environment of the 21st century is marked by change and
uncertainty. These are set by:
» The expansion in the number and variety of international actors
empowered by the ICT and social media. These actors now extend
beyond traditional NGOs to more amorphous civil society groups.
» The development of a new international security agenda focused on the
security of the individual within the state and including issues such as
climate change or pandemic disease (e.g. Ebola) that go well beyond
traditional concepts of international security.
» The resurgence of more traditional geopolitical agendas as states compete
for power, resources or territory.
» The expansion of regulatory diplomatic agendas, enhanced by the global
financial crisis and demands for more effective banking regulation.
» The progressive fragmentation of the rules and norms governing
international political and trade relations as more confident emerging
states increasingly assert their own values and rules. One consequence is
the continuing weakening of multilateral institutions.Resources: Joseph Mifsud, London Academy of Diplomacy
Catatan Perbandingan: China & US1. First, mutual appreciation instead of mutual negating.
2. Second, mutual respect instead of confrontation and accusation.
3. Third, mutual governance instead of self-interest.
President Xi has called for a multilateral, democratic and transparent international Internet
governance system that upholds peace, security, openness and cooperation of
cyberspace. That is the common consensus of international cyberspace governance.
"No country can achieve absolute security without the overall security of
international cyberspace."
4. Fourth, mutual trust instead of mutual suspicion.
As the nation with the most Internet users in the world, China knows all too well the value
of a peaceful cyberspace. As the main victim of hacking, China understands too well the
importance of security. Our government has always opposed all forms of Internet attack.
On the issue of cybersecurity, China and the U.S. should increase communication,
deepen mutual trust, fight cybercrime, terrorism, hacking and invasions of privacy
together, and jointly protect intellectual property rights, making the Internet as the treasure
trove of Alibaba rather than a Pandora' s box. With wisdom and courage, cybersecurity will
not become a source of conflict in Sino-U.S. relations, but a new bright spot of
cooperation.
5. Fifth, win-win instead of zero-sum. Ref:
ITU cybersecurity# ITEM ELEMENTS OF A NATIONAL CYBERSECURITY
PROGRAMME
1. Top Government Cybersecurity Accountability Top
government leaders are accountable for devising a national
strategy and fostering local, national and global cross-sector
cooperation.
2. National Cybersecurity Coordinator An office or individual
oversees cybersecurity activities across the country.
3. National Cybersecurity Focal Point A multi-agency body
serves as a focal point for all activities dealing with the
protection of a nation’s cyberspace against all types of cyber
threats.
4. Legal Measures Typically, a country reviews and, if necessary,
drafts new criminal law, procedures, and policy to deter, respond
to and prosecute cybercrime.
5. National Cybersecurity Framework Countries typically adopt
a Framework that defines minimum or mandatory security
requirements on issues such as risk management and
compliance.
6. Computer Incident Response Team (CIRT) A strategy-led
programme contains incident management capabilities with
national responsibility. The role analyses cyber threat trends,
coordinates response and disseminates information to all
relevant stakeholders.
7. Cybersecurity Awareness and Education A national
programme should exist to raise awareness about cyber threats.
8. Public-Private Sector Cybersecurity partnership
Governments should form meaningful partnership with the
private sector.
9. Cybersecurity Skills and Training Programme A programme
should help train cybersecurity professionals.
10. International Cooperation Global cooperation is vital due to
the transnational nature of cyber threats.
On top of the five Pillars, the GCA contains seven strategic goals.
These are:
1) Elaboration of strategies for the development of a model
cybercrime legislation that is globally applicable and
interoperable with existing national and regional legislative
measures;
2) Elaboration of global strategies for the creation of appropriate
national and regional organisational structures and policies on
cybercrime;
3) Development of a strategy for the establishment of globally
accepted minimum security criteria and accreditation schemes
for hardware and software applications and systems;
4) Development of strategies for the creation of a global
framework for watch, warning and incident response to ensure
cross-border coordination between new and existing
initiatives;
5) Development of global strategies for the creation and
endorsement of a generic and universal digital identity
system and the necessary organisational structures to
ensure the recognition of digital credentials across
geographical boundaries;
6) Development of a global strategy to facilitate human and
institutional capacity building to enhance knowledge and
know-how across sectors and in all the abovementioned
areas; and
7) Proposals on a framework for a global multi-stakeholder
strategy for international cooperation, dialogue and
coordination in all the above-mentioned areas.
ASEAN ICT Master Plan => 2015-2020VISION AIM 2020
• Digitally-enabled Programmes for continual education and
upgrading to equip ASEAN citizens with the
latest infrastructure, technology, digital skill
sets, information, applications and services.
• Secure.A safe and trusted ICT environment in
ASEAN, providing reassurance in the online
environment by building trust in online
transactions via a robust infrastructure.
• SustainableResponsible & environmentally friendly use
of ICT.
• TransformativeA progressive environment for the disruptive
use of technology for ASEAN's social and
economic benefits.
• InnovativeA supportive entrepreneurial environment
that encourages innovative and novel uses
of ICT.
• Inclusive and IntegratedEmpowered and connected citizens and
stakeholders.
OUTCOMES 2020
1. Economic
Development &
Transformation
2. People Integration &
Empowerment through
ICT
3. Innovation
4. ICT Infrastructure
Development
5. Human Capital
Development
6. ICT in the Single
Market
7. New Media & Content
8. Information Security &
Assurance
ASEAN will build a trusted
digital ecosystem, so that
transactions and information
exchanges will be safe, secure,
and trustworthy.
Models Regulations of PKI
Cross Recognition
• Self-Regulation
=>communities PKI
• “Mesh” PKI =>
Peer-to-peer
• “bridge” CSP.
Identity &
e-transaction
Reformasi Hukum
Pasal 30
(1) Tiaptiap warga negara berhak dan wajib ikut serta dalam usaha
pertahanan dan keamanan negara. **)
(2) Usaha pertahanan dan keamanan negara dilaksanakan melalui
sistem pertahanan dan keamanan rakyat semesta oleh Tentara
Nasional Indonesia dan Kepolisian Negara Indonesia Republik
Indonesia, sebagai kekuatan utama, dan rakyat, sebagai kekuatan
pendukung. **)
(3) Tentara Nasional Indonesia terdiri atas Angkatan Darat, Angkatan
Laut dan Angkatan Udara sebagai alat negara bertugas
mempertahankan, melindungi, dan memelihara keutuhan dan
kedaulatan negara. **)
(4) Kepolisian Negara Republik Indonesia sebagai alat negara yang
menjaga keamanan dan ketertiban masyarakat bertugas
melindungi, mengayomi, melayani masyarakat, serta menegakkan
hukum. **)
(5) Susunan dan kedudukan Tentara Nasional Indonesia, Kepolisian
Negara Republik Indonesia, hubungan kewenangan Tentara
Nasional Indonesia dan Kepolisian Negara Republik Indonesia di
dalam menjalankan tugasnya, syaratsyarat keikutsertaan warga
negara dalam usaha pertahanan dan keamanan diatur dengan
undangundang. **)
UU 2/2002
Kepolisian
UU 34/2004 TNI
UU 16/2004
Kejaksaan
UU 48/2009 Kekuasaan Kehakiman
UU 3/2002
Pertahanan
Pasal 1
(1) Negara Indonesia ialah Negara Kesatuan, yang berbentuk Republik.
(2) Kedaulatan berada di tangan rakyat dan dilaksanakan menurut
UndangUndang Dasar. ***)
(3) Negara Indonesia adalah negara hukum. ***)
Konstitusi:
UU 17/2011 Intelijen
UU 11/2008 ITE
UU 14/2008 KIP
UU 16/2012 Indust.Han
UU 5/2014 ASN
HAN KAM TIBMAS
UU 23/2014 PemDa
UU 39/2008
Kementrian
UU 30/2014 Adm Pemth
UU 25/2009
Pelayanan Publik
UU 43/2009 Kearsipan
UU 39/99
HAM
UU 40/99
Pers
UU 36/99 Telekomunikasi
UU 43/2008
Wilayah Negara
UU 32/2002 Penyiaran