Indonesian-German exchange on data protection policy
Germany and Indonesia recognise data protection as a fundamental framework condition for digitalisation. In October 2022, Indonesia issued the new Personal Data Protection (PDP) law which is the countrie’s first comprehensive law on data protection affecting businesses, the public sector as well as civil society. Germany’s data policy framework includes the General Data Protection Regulation (GDPR) of the European Union (EU), data sovereignty initiatives, data ethics guidelines and strategies for promoting data sharing and interoperability, among others.
Heiko Wildner from the German Federal Ministry for Digital and Transport (BMDV) opened the meeting and emphasised the crucial role of data protection for cross-border data flow. Ichwan Makmur Nasution from the Indonesian Ministry of Communications and Informatics (MCI) highlighted in his opening remarks that data protection can help to prevent data leakages and data breeches. According to Ichwan, the new PDP law will also lead to greater civil data sovereignty, meaning more control by citizens over their personal data.
Germany’s federal data protection policy and Indonesia’s Personal Data Protection Law
Hessen’s Deputy Data Protection Commissioner Lisa-Marie Lange shined light on data protection policy within Germany and the EU. She outlined the structure and different roles of the supervising data protection authorities, as well as the monitoring function and interplay of the supranational GDPR regulation and federal data protection regulation of Germany. Lange explained that there is no direct hierarchy between the EU and the federal government of Germany as participating agents.
Ulfah Diah, policy analyst at MCI, gave a comprehensive update on the newly issued Personal Data Protection (PDP) law in Indonesia. The law clearly regulates the processing of personal data by the public and private sector, both nationally and internationally. According to Diah, the law also promotes a new culture of data protection, as organisations are obliged to start good governance processes for reducing, assessing and monitoring personal data.
Discussing practical implications of data protection regulation
Following the presentations, a range of experts discussed the implementation of the data protection policies in both countries. The panel included representatives from government, business and academia. The discussion focused, among other topics, on the effects of data protection regulation on small and medium-sized enterprises (SMEs), the role of data protection officers and cross-border data flow.
From an Indonesian perspective, it was stressed that the implementation of the new data protection policy increases compliance costs and the lack of professional talent poses difficulties to handle the complex tasks of a data protection officer. However, both sides agreed that it is important to promote a data protection culture and to raise awareness within the industry, among employees and in civil society.
Data protection in evolving digital ecosystems
Industry stakeholders highlighted the need to innovate regulative approaches as the ecosystem evolves. They also underlined the importance of enabling transnational cross-border data flows. Indonesia is currently moving towards an approach of open transfer, which was identified as a positive sign. Nonetheless, cross-border data flows remain challenging: There are concerns about the need to obtain consent and assurance on data localisation and residency.
We thank all participants for this interesting discussion. The Indonesian-German Digital Dialogue will continue to provide a multi-stakeholder platform for the exchange of common challenges and opportunities for the digital transformation of both countries.
More interesting news
On 31 August 2023, the first stakeholder exchange of the Indonesian-German Digital Dialogue took place. The German Federal Ministry for Digital and Transport (BMDV) and the Indonesian Ministry of Communication and Information Technology (MCI) jointly hosted the virtual event and informed about the national digital strategies of both countries. More than 80 representatives from politics, academia, business and civil society joined the exchange.
On 19 April 2023, the first Annual Meeting of the Indonesian-German Digital Dialogue took place at Hannover Messe. The German Federal Ministry for Digital and Transport (BMDV) and the Indonesian Ministry of Communications and Informatics (MCI) exchanged the Joint Declaration of Intent, which was signed by both ministers, and agreed on the Work Plan for the Digital Dialogue. More than 40 representatives from politics, business and civil society took part on site to exchange on the digital policy cooperation.
Until September this year, personal data regulations in Indonesia were scattered across finance, telecommunications and labour law. This made it difficult for businesses and consumers to account for data misuse and malpractice. With a new data protection law, Indonesia now holds both local and international businesses liable for handling personal data.
Stay informed! To subscribe to the Digital Dialogues newsletter, enter your e-mail address here. Please also refer to our privacy notice.