The Jakarta Post
A government plan to revise a regulation on data management has caused concern, with policymakers and business players raising contrasting opinions about the issue.
The proposed revision would replace Government Regulation No. 82/2012 on the management of electronic transactions and system.
It will ease the requirement to set up data centers in Indonesia, especially for foreign entities operating in the country.
Ombudsman member Alamsyah Saragih, who mediates with stakeholders on the matter, said the current requirement to establish a local data center was a concern for foreign investors as they would have to invest more money to manage their data domestically.
On the other hand, he said, Indonesian players opposed the revision as they feared it would make their clients less eager to use local data management services.
“Data management is a very strategic issue, but the government has not classified its proper placement,” Alamsyah said in Jakarta recently.
“We need to stipulate the points regarding [data] safeguarding in a presidential or ministerial regulation so that it will settle the debate.”
The draft of the revision classifies data sensitivity into three categories: strategic, high-risk and low-risk data.
Should President Joko “Jokowi” Widodo approve the current draft, the only data required to be stored in a domestic data center will be that classified as strategic, which includes people's personal information and bank transaction details, among other things.
However, Coordinating Political, Legal and Security Minister Wiranto has suggested Jokowi delay the signing of the draft as it would compromise his electability ahead of the presidential election in April.
In a letter to the State Secretariat dated Jan. 31, Wiranto expressed concern regarding Jokowi’s presidential bid, saying the revision would “become political in the 2019 election if it is signed before the election [and] will corner President Jokowi with the ‘pro-foreigner issue’ for giving up data sovereignty to foreign entities.”
Furthermore, Wiranto pointed out in the letter that law enforcement officers would find it difficult to retrieve data managed overseas for official inquiries because of different jurisdiction policies. Also, Indonesia could not hire foreigners to do so as it would be against the principles of state security, he said.
Sigit Priyono, a deputy assistant at the Coordinating Political, Legal and Security Ministry, said his side was encouraging Jokowi to consider the timing of the revision and other related regulations, such as the bill on personal data protection, as it had not been approved by lawmakers.
Previously, Trade Ministry officials revealed that mandatory data localization was one of the reasons why the United States had considered revoking Indonesia’s access to its Generalized System of Preferences (GSP). The GSP allows some Indonesian products to enter the US without import tariffs.
However, in an earlier meeting with the ombudsman, Muhammad Salahuddin, chief technology officer of Indonesia Internet Domain Registry (PANDI), said the GSP was not comparable to the benefits of data localization.
Salahuddin estimated that the domestic data center business was valued at US$20 billion, whereas the GSP had only benefited Indonesia $2 billion in 2017.
He also claimed that data localization would not be a setback for US e-commerce giant Amazon Web Service to invest in Indonesia. It is rumored that Amazon may expand to the Indonesian market with a whopping $14 billion investment.
The draft is currently under final revision by the Communications and Information Ministry before it is submitted to Jokowi, said the ministry’s Applications and Information Director General Semuel A. Pangerapan.
“We should keep in mind that we do not have the luxury of arranging data placement entirely to our own [design] because the data is intertwined with so many components,” Semuel said.
“Therefore, we can only maximize ourselves as the ‘house’ of these data and fix the front door key so that no one can go in and out easily.”