
Research Article
The Challenges of Implementing the Personal Data Protection Law in Indonesia: Delays in Establishing a Regulatory Authority
@INPROCEEDINGS{10.4108/eai.11-11-2023.2351333, author={Bhimo Aji Hernowo}, title={The Challenges of Implementing the Personal Data Protection Law in Indonesia: Delays in Establishing a Regulatory Authority}, proceedings={Proceedings of the First International Cyber Law Conference, ICL-C 2023, 11 November 2023, Jakarta, Indonesia}, publisher={EAI}, proceedings_a={ICL-C}, year={2025}, month={5}, keywords={personal data protection regulatory authority personal data leakage}, doi={10.4108/eai.11-11-2023.2351333} }
- Bhimo Aji Hernowo
Year: 2025
The Challenges of Implementing the Personal Data Protection Law in Indonesia: Delays in Establishing a Regulatory Authority
ICL-C
EAI
DOI: 10.4108/eai.11-11-2023.2351333
Abstract
Indonesia is facing a significant problem related to serious personal data leaks. To overcome this problem, the Personal Data Protection Law (Law No. 27 of 2022) was passed. However, its role and function are still a matter of debate. According to the law, this authority is tasked with formulating and establishing PDP policies and strategies, which will serve as guidelines for Personal Data Subjects, Data Controllers and Data Processors. The Authority is also responsible for monitoring the implementation of the PDP, enforcing administrative laws, and facilitating the resolution of disputes regarding personal data. However, to date, this regulatory authority has not been established, neither a Presidential Decree nor a Government Regulation (PP) which further explains the function and authority of this authority has been determined. Implementation of the Personal Data Protection Law in Indonesia continues to face serious challenges in the form of the slow establishment of this important regulatory authority.