Global Data and Cyber Handbook Lite

Indonesia

Select a Topic
Start Comparison
Key Data and Cybersecurity Laws
Jump to
Key Data and Cybersecurity Laws Start Comparison
What are the key data privacy laws and regulations?

Last review date: 30 December 2025

(Together, Data Protection Regulations)

Please note that all regulations are in the Indonesian language.

What are the key cybersecurity laws and regulations?

Last review date: 30 December 2025

Indonesia does not currently have a specific cybersecurity law. Provisions on cybersecurity are mainly covered in the EIT Law and GR 71. There are also some further implementing regulations issued by the National Cyber and Code Agency (Badan Siber dan Sandi Negara - BSSN).

The Indonesian government is currently preparing a law on cybersecurity and resilience. There is no clear timeline yet for when this law will be enacted. Based on the publicly available draft, the proposed regulation also covers AI-related provisions, primarily focus on general principles for the use of AI in Indonesia. The draft also includes a requirement to notify the government regarding AI development and deployment. It remains to be seen how this requirement will be implemented in practice.

What are the key laws and regulations relating to non-personal data?

Last review date: 30 December 2025

In general, there is no specific regulation on non-personal data in Indonesia. Consequently, the treatment of non-personal data largely depends on contractual arrangements between parties (e.g., confidentiality, sharing, and disclosure agreements).

That said, there are several regulations that touch upon non-personal data or cover general provisions that apply to non-personal data. For example:

In addition, sector-related regulations cover specific treatments or restrictions towards non-personal data, such as regulations in the e-commerce, financial, healthcare, and natural resources sectors.

{{ $store.state.loadingScreen.message }} ...