Indonesia’s parliament enacted a data privacy law in its first month of launch after encountering several breaches in the Southeast Asian country.
On Tuesday, Indonesian lawmakers through the The personal data protection bill has been under consideration for more than a year. With this law, data processors can face up to 5 years in prison for leaking or misusing personal information. Individuals who falsify personal data for profit can also be jailed for up to six years under the law.
In addition, the law includes corporate fines that can be up to 2% of a company’s annual revenue in the event of a data leak. Company assets that have leaked personal data may also be confiscated or auctioned.
The new law comes in the wake of a number of data leaks and alleged breaches that have affected not only individuals, but also many companies and governments in the country. Last year, a contact tracing app leaked Indonesian President Joko Widodo’s COVID vaccine profile.
With the new move, Indonesia has become the fifth country in Southeast Asia to have specific laws on personal data protection after Singapore, Malaysia, Thailand and the Philippines.
Similar to Indonesia, India is facing frequent incidents related to the security of personal data. However, the country has not yet enacted a law on the protection of personal data. Last month, it withdraw the personal data protection bill has attracted the attention of tech giants.