Single title
Politics around data regulations, however, have remained fitful in both countries. India has been hurtling toward creating a new policy framework and law to manage data, with differences around what data is, how organisations should handle it, and how the government should regulate this divide. So far, Indonesia has governed data through a patchwork of different sectoral regulations issued by separate agencies. This fragmented landscape could soon give way to a new, comprehensive law on personal data protection. Once operational, the remit and writ of legislations in both countries will likely be deep and so will the impact it will have on privacy and citizen’s rights, the state’s role in governing data, and digital innovation trends in India and Indonesia.
In both countries, draft legislations have been influenced by the European Union’s General Data Protection Regulation (GDPR) framework, a user-centred data protection approach imbued with notions of consent and accountability. These user-centric data governance ideas are balanced by a preference for a statist approach toward data regulation in both countries that underscores sovereignty at the expense of privacy. The critical challenge will be to see how new data laws in both countries will balance these two irreconcilable objectives.
Another key challenge concerns the implementation and enforcement of these data laws once enacted. Provisions call for a new regulator(s) to manage and oversee issues under the burgeoning data remit. But questions remain on the independence of the future data regulators and whether they will be able to exercise judgment and mediate conflicts, keeping in mind various public and private interests. There are also questions concerning coordination and capacity – will firms and public organisations have the necessary staff to manage queries concerning data and be responsible for compliance? Both countries will have to manage and overcome expected institutional deficits once their data legislations are enacted, and regulators created. Finally, the politics around data in both countries will complicate effective regulation and enforcement – privacy activists and related civil society organisations will likely pressure governments to enact strong laws that balance both privacy and accountability without sacrificing these priorities at the altar of state control.
The Report is available in both English and Bahasa Indonesia.
Media library
#11: Hannah Lim on Legal Technology in South East Asia
As Head of Rule of Law and Emerging Markets at LexisNexis in Singapore, Hannah identifies areas where LexisNexis can, leveraging on technology, support the rule of law.
read now
#6: Lee San Natalie Pang on the General Data Protection Regulation & its influence in Southeast Asia
For the last episode of our first series “Data Protection” we go to Asia and take a closer look at the Southeast with Dr Lee San Natalie Pang, our expert on Data Protection.
read now
#5: Ridwan Oloyede about the GDPR and its influence in African legal framework
Ridwan Oloyede is co-founder of a Nigerian start-up, that helps businesses to achieve operational excellence through the reliable and efficient application of technology.
read now
#4: Nadim Gemayel on the General Data Protection Regulation and its influence in Middle East
Nadim Gemayel is a politician and lawyer based in Lebanon and Qatar. He was a member of the Lebanese Parliament between 2009 and 2020.
read now
#3: Eduardo Magrani on Data Protection in Latin America
We speak with Eduardo Magrani about the General Data Protection Regulation and its influence in Brazilian and Latin American legal framework.
read now
#2: Ioana Stupariu on the GDPR's influence in South East Europe
Ioana Stupariu works with tech and healthcare start-ups and companies across Central and Eastern Europe. And she researches on Data protection & Privacy.
read now