TheJakartaPost

Please Update your browser

Your browser is out of date, and may not be compatible with our website. A list of the most popular web browsers can be found below.
Just click on the icons to get to the download page.

Jakarta Post

House needs more time to discuss penalties in privacy bill

Nur Janti (The Jakarta Post)
Jakarta
Sat, July 9, 2022

Share This Article

Change Size

House needs more time to discuss penalties in privacy bill Illustration of data protection (Shutterstock.com/Boiko Y)

T

he House of Representatives went into a month-long recess on Friday, with no conclusion to the deliberation on the highly anticipated data protection bill.

House Commission I overseeing defense, foreign affairs, information and intelligence will continue deliberating the bill in the next sitting period instead, saying it needs more time to discuss penalties for privacy violations.

If passed into law, the bill will provide protection for internet users and ensure those collecting and processing personal data do not misuse it.

Abdul Kharis Almasyhari, deputy chairman of Commission I, said lawmakers and the government were still working on a few remaining crucial points regarding penalties, ranging from blocking access to fines and jail sentences.

"Later, we still have to synchronize and make it congruent [with other regulations] to prevent overlaps," he said, adding that lawmakers sought to pass the bill into law in the next sitting session in August.

Communications and Information Ministry Director General for Information Applications Semuel Abrijani Pangerapan said strict requirements would be enforced to eliminate unqualified institutions controlling personal data.

Morning Brief

Every Monday, Wednesday and Friday morning.

Delivered straight to your inbox three times weekly, this curated briefing provides a concise overview of the day's most important issues, covering a wide range of topics from politics to culture and society.

By registering, you agree with The Jakarta Post's

Thank You

for signing up our newsletter!

Please check your email for your newsletter subscription.

View More Newsletter

Those who fell victim to privacy violations could file complaints to a data protection oversight agency, a new institution that will be established if the bill passes into law.

"The bill provides protection for data subjects. If they know there is a violation, they can file reports," Semuel said.

Read also: Yearender 2021: Why passing a privacy law is urgent

A series of cyberattacks that happened during the coronavirus pandemic when people relied more on digital technology has underlined the urgent need for a privacy law. Among the worst of such incidents was the National Health Insurance (JKN) breach last year.

Cross-border data flows

The bill is also expected to provide Indonesia with a stronger footing in the transfer of information between servers across country borders.

Semuel said the bill would have "extraterritorial" power, meaning that if Indonesian citizens became victims of personal data violations abroad, the new agency could "at least push its counterparts in the foreign countries to solve the case".

He added Indonesia would only allow future international data transfers with countries that have equal or adequate provisions with data protection laws.

This is modeled on the European Union’s General Data Protection Regulation (GDPR) that only allows the transfer of personal data of EU data subjects to non-EU countries that have adequate data protection regulations. Currently, Japan and South Korea are the only Asian countries that are deemed to have enacted privacy standards equal to those of the EU.

“On the rights of data subjects, we follow the GDPR with some adjustments," Semuel said.

Carte blanche

Commission I has been fast-tracking the deliberation of the bill after lawmakers and the government in May agreed on a sticking point over the institutional design of the new data protection agency that had been stalling progress since 2014.

They came to a consensus that the agency would be set up to answer to the president, automatically leaving its institutional design to the discretion of the president, while the House only determines the scope of authority in a more general context.

The establishment of the agency will be regulated under a presidential regulation (Perpres), while details of its task will be stipulated under a government regulation (PP), said Commission I member Muhammad Farhan from the NasDem Party.

Previously, the government wanted the agency to be placed under the information ministry, while lawmakers wanted it to be independent to prevent any conflicting interests.

Read also: Personal data protection bill faces further delay despite progress

Institute for Policy Research and Advocacy (Elsam) executive director Wahyudi Djafar criticized the lawmakers and government for leaving the decision over the design of the data protection agency to the President.

He suspected the reason was that the policymakers simply wanted to quickly end the debate about the agency without looking into whether it could work effectively in implementing the future privacy law.

"It is like giving a blank check to the President since policymakers appear to only care about getting this law done without guaranteeing how effective its implementation will be," he said, urging them to review the decision and ensure that the agency had enough independence to carry out its duties.

{

Your Opinion Matters

Share your experiences, suggestions, and any issues you've encountered on The Jakarta Post. We're here to listen.

Enter at least 30 characters
0 / 30

Thank You

Thank you for sharing your thoughts. We appreciate your feedback.