On 14 July 2015, the Indonesian government published the Draft Regulation of the Minister of Communication and Information (RPM) of the Protection of Personal Data in Electronic Systems (‘Draft Regulation’). Pursuant to Article 7(2) of Government Regulation No. 82 of 2012 and currently only available in Indonesian, the Draft Regulation addresses the protection of personal data collected by a number of government agencies, sets out the rights of individuals whose data is collected, and publicises the obligations of those who use information communication technology.
Specifically, it will apply to the:
- Financial Services Authority, which regulates financial sector data
- Indonesian Consumers Foundation, which is tasked with the protection of consumer data
- Bank Indonesia, which handles banking data
- Ministry of Health, which handles health data and archives
- Directorate General of Immigration, which deals with passport data
- National Archives
The Indonesian government also proposed guidelines which set out the registration rules when software is to be used in ‘public services’. These guidelines require such software to be registered with the Ministry of Communications and Information Technology, as well as administrative and technical requirements for reliability and security.
The period for public comments has now expired, and the Regulation is expected to come into force later this year.