Indonesia parliament passes long-awaited data protection bill

By Stanley Widianto

FILE PHOTO: A woman uses her phone while waiting for a commuter train at a platform of station in Jakarta, Indonesia, January 3, 2022. REUTERS/Willy Kurniawan/File Photo

JAKARTA (Reuters) - Indonesia's parliament passed into law on Tuesday a personal data protection bill that includes corporate fines and up to six years imprisonment for those found to have mishandled data in the world's fourth most populous country.

The bill's passage comes after a series of data leaks and probes into alleged breaches at government firms and institutions in Indonesia, from a state insurer, telecoms company and public utility to a contact-tracing COVID-19 app that revealed President Joko Widodo's vaccine records.

Lawmakers overwhelmingly approved the bill, which authorises the president to form an oversight body to fine data handlers for breaching rules on distributing or gathering personal data.

The biggest fine is 2% of a corporation's annual revenue and could see their assets confiscated or auctioned off. The law includes a two-year "adjustment" period, but does not specify how violations would be addressed during that phase.

The legislation stipulates individuals can be jailed for up to six years for falsifying personal data for personal gain or up to five years for gathering personal data illegally.

Users are entitled to compensation for data breaches and can withdraw consent to use their data.

Abdul Kharis Almasyhari, a member of the commission overseeing the law, said it would mean the state was ensuring protection of the personal data of its people.

Communications minister, Johnny G. Plate, said the bill's passage "marks a new era in the management of personal data in Indonesia."

"One of the obligations for electronic data organisers, whether public or private, is to ensure protection of personal data in their system," he told reporters.

The law will also ease data transfers between Indonesia and countries with similar legislation, lawmaker Nico Siahaan said.

The law has been in the works since 2016 and was held up by debate about financial penalties and control of the oversight body, lawmakers said. Authorities have said the law was based on the European Union legislation https://gdpr-info.eu.

Wahyudi Djafar, who researches data protection for the Institute for Policy Research and Advocacy, questioned whether the penalties were strict enough to force government bodies to improve their data handling.

(Reporting by Stanley Widianto; Editing by Ed Davies and Martin Petty)

×
Follow us on our official WhatsApp channel for breaking news alerts and key updates!

   

Report it to us.

Next In Tech News
This exoskeleton can boost your physical capabilities
This AI-focused chip is powered by light
Study warns users about health information on TikTok
Apple renews talks with OpenAI for iPhone generative AI features, Bloomberg News reports
Google plans $3 billion data center investment in Indiana, Virginia
X tells Brazil court 'operational faults' allowed blocked users to remain active
TikTok general counsel to step down, will focus on fighting US law
Google asks court to throw out US advertising case
Apollo, KKR and Stonepeak to invest in JV to fund Intel's Ireland facility, Bloomberg reports
Televisa to merge its satellite TV, cable units 'as soon as possible'

Trending in Tech

Others Also Read

Load more

Copyright © 1995- Star Media Group Berhad [197101000523 (10894-D)]

Best viewed on Chrome browsers.