Expertise: Data Privacy

Data Protection and Cybersecurity in Indonesia: General Requirements

|

Indonesia’s Electronic Information Law, Government Regulation 82 regarding the Implementation of Electronic Systems and Transactions, and MOCI Regulation 20 regarding the Pro­tection of Personal Data in Electronic Systems (jointly referred to as the PDP Regulations) require Electronic System Providers (ESPs) to adopt an internal policy related to the protection of personal data for the pur­pose Data Protection and Cybersecurity in Indonesia: General Requirements

A Lesson for Universities in Indonesia on IP and Data Protection

|

The need for robust protections for intellectual property (“IP“) and confidential data has become only more glaring as we stride fully into the digital era. This applies to companies and business sectors across the board, including the education sector. Universities generate a large amount of IP, whether generated by the universities themselves, including through research A Lesson for Universities in Indonesia on IP and Data Protection

Extraterritorial Scope of GDPR and Its Implications for Companies in Indonesia

|

The intention behind the issuance of the General Data Protection Regulation (GDPR) is commendable: to standardize and simplify data protection legislation across all European Union countries, so that both EU citizens and businesses (involving EU citizens) can benefit and thrive in our borderless digital era. The aim of the GDPR is to give EU citizens Extraterritorial Scope of GDPR and Its Implications for Companies in Indonesia

Data Protection in Indonesia: Processing Requirements

|

There are several main obligations that must be fulfilled by an electronic system provider (ESP) under Indonesian Minister of Communication and Informatics (MOCI) Regulation No. 20 of 2016 regarding Personal Data Protection in Electronic Systems (MOCI Regulation 20) to ensure personal data is processed properly. These obligations include:   Conducting certification of the electronic system Data Protection in Indonesia: Processing Requirements

Data Privacy by Sector in Indonesia

|

There are laws in a number of specific areas in Indonesia that deal indirectly with data privacy. These include: Employment There is no specific stipulation in Indonesian employment laws on the protection of personal data of employees. It would normally be considered sufficient for employers in Indonesia to regulate the protection of the personal data Data Privacy by Sector in Indonesia

Data Protection in Indonesia – Security Requirements

|

An electronic system provider (ESP) in Indonesia must maintain the correctness, validity, confidentiality, accuracy, relevance and compatibility with the purpose of the acquisition, collection, processing, analysis, retention, display, publication, transmission, dissemination and destruction of personal data. Additionally, an ESP must also carry out certification of its electronic system to ensure it is in accordance with Data Protection in Indonesia – Security Requirements

Protection of Privacy in Indonesia

|

With regard to private and family life in Indonesia, Article 28(G) of the 1945 Constitution provides that every person has the right to: (i) Protection of their personal selves, families, respect, dignity and possessions under their control; and (ii) Security and protection from threat of fear for doing, or not doing, something which constitutes a Protection of Privacy in Indonesia

SSEK Leads Legal Training on Data Protection

|

SSEK’s managing partner, Denny Rahmansyah, led a legal training session on data protection for the board of PT Indocement Tunggal Prakarsa Tbk, one of the largest cement producers in Indonesia. The training included Indonesian regulations on handling and transferring personal data, including the personal data of employees, and data localization requirements for companies in Indonesia. SSEK Leads Legal Training on Data Protection