Indonesia’s new data protection law, which recognises a person’s rights to his or her data and specifies how institutions should use the data, has come as a ray of hope for consumers in the country’s burgeoning digital ecosystem but many are questioning whether it is enough to force organisations to improve their data-handling systems.
Under the new law, using other people’s private data without permission and falsifying data, among other things, are punishable crimes that carry a jail term and a penalty of almost $4 million (6 billion rupiah).