Indonesia passes much-anticipated data privacy law to put bad actors behind bars

·1-min read

Indonesia's parliament has introduced a data privacy law as its first motion months after encountering several breaches in the Southeast Asian country.

On Tuesday, the Indonesian legislators passed the personal data protection bill that had been deliberated for more than a year. With this law, data handlers could become liable for up to five years of jail for leaking or misusing private information. Individuals falsifying personal data for their gains could also be jailed for up to six years under the legislation.

Additionally, the law includes corporate fines that can be as high as 2% of the company's annual revenue in case of a data leak. Assets of the company leaking personal data could also be confiscated or auctioned off.

The new law comes following a number of data leaks and alleged breaches that have impacted not just individuals, but also various companies and the government in the country. Last year, a contact-tracing app leaked Indonesian President Joko Widodo's COVID vaccine records.

With the new move, Indonesia has become the fifth country in the Southeast Asian region to have specific legislation on personal data protection after Singapore, Malaysia, Thailand and the Philippines.

Similar to Indonesia, India is facing regular incidents related to personal data security. The country, however, has yet to introduce legislation around personal data protection. Last month, it withdrew its anticipated personal data protection bill that drew the attention of tech giants.