Indonesia Passes Privacy Bill

September 20, 2022

Indonesia’s parliament has passed a new personal data protection law after a series of data leaks and breaches. The law carries heavy penalties for data misuse or leaks, including up to 5 years of jail time and 2% of a company’s annual revenue. Falsifying personal data carries a potential 6 years of jail time. The new law authorizes the president to form a data protection oversight body, entitles individuals to compensation for data breaches, and includes a two year “adjustment” period.

Indonesia is now the fifth Southeast Asian country to pass a data protection law, joining Singapore, Malaysia, Thailand, and the Philippines.

Support Our Work

EPIC's work is funded by the support of individuals like you, who allow us to continue to protect privacy, open government, and democratic values in the information age.