Indonesia’s Protection of Personal Data Bill introduced into the legislature

Indonesia’s draft Law on the Protection of Personal Data has been submitted by President Joko Widodo to the Chairperson of the Indonesian House of Representatives, it was announced on 28 January by Minister of Communication and Information, Johnny G. Plate.

This is significant news, since Indonesia is the fourth most populous country in the world. The law, when enacted, will become the national standard for protecting personal data, both in Indonesia and for personal data of Indonesian citizens who are abroad. The scope of this draft law will apply to the public sector and the private sector, covering both individuals and corporations including both legal and non-legal entities.

This law is on the one hand to maintain data sovereignty and protect data, and on the other hand also to ensure that opportunities open for innovation, business and investment. I hope that the political process in the DPR can take place quickly and openly, while opening wide opportunities for public participation, explained Johnny G. Plate.

The PDP Bill’s scope includes:

  1. the type of personal data;
  2. the rights of the owner of personal data;
  3. processing of personal data;
  4. exceptions to personal data protection;
  5. controllers and processors of personal data, including their obligations and responsibilities;
  6. the appointment and roles of Data Protection Officers;
  7. guidelines for controlling personal data;
  8. transfer of personal data;
  9. dispute resolution;
  10. prohibitions and criminal provisions;
  11. international cooperation;
  12. the role of government and society;
  13. administrative sanctions.

See PL&B International Report December 2019 p.17

We expect to publish an analysis of Indonesia’s Protection of Personal Data Bill by PL&B’s Asia-Pacific Editor, Professor Graham Greenleaf, in the April edition of PL&B International Report.