+44 (0) 121 582 0192 [email protected]


October 2022 marked a significant milestone in data privacy with the enactment of Indonesia’s Personal Data Protection Law. This legislation, set to take effect in October 2024, heralds a new era in protecting personal data within the country. As the Owner and CEO of Formiti Data International Ltd, a leading data privacy consultancy, I understand the profound implications of such laws on not just local organizations but also global businesses, given Indonesia’s huge emerging economy.


The Indonesian Context

The PDP law represents a pivotal shift in Indonesia’s approach to data privacy. The legislation authorizes the creation of a regulatory body empowered to enforce data protection and impose sanctions for non-compliance. These sanctions range from substantial fines—up to two per cent of a company’s annual revenue—to prison sentences. Moreover, the law empowers individuals to access, rectify, and delete their data, aligning with global privacy standards.


Global Data Privacy Landscape

Indonesia’s move coincides with significant developments in data privacy worldwide. In the United States, President Joe Biden’s executive order on “Enhancing Safeguards for United States Signals Intelligence Activities” laid the groundwork for the EU-US Data Privacy Framework (2023). This initiative replaced the invalidated EU-US Data Privacy Shield and navigated the complexities following the landmark Schrems II decision by the EU Court of Justice. These international efforts underscore the increasingly intricate web of data privacy regulations impacting global businesses.


Indonesia’s Unique Position

Unique to Indonesia is the absence of a Fourth Amendment-equivalent right to privacy. Yet, the PDP law acknowledges privacy as a fundamental right, rooted in the 1945 Constitution of the Republic of Indonesia. This approach mirrors global trends, drawing inspiration from US and EU jurisdictions. Influenced by international privacy rights developments, the law’s formulation signifies Indonesia’s commitment to aligning with global standards.


Implications for Businesses

For multinational corporations and regional enterprises, navigating this evolving landscape of data privacy laws is challenging. Compliance requires an understanding of local laws and an appreciation of their interplay with international standards. Businesses must be agile, adapting their data handling practices to ensure compliance with these varying regulations. Developing a flexible, elastic privacy framework strategy has become the trend for global businesses searching for growth in emerging markets.


Formiti Data International Ltd: Your Guide in the Privacy Landscape

At Formiti Data International Ltd, we specialize in guiding businesses through these complex legal terrains. Our expertise spans six regions and over 120 countries, ensuring our clients comply with global data protection laws. We understand the nuances of the Indonesian PDP law and its implications for your local and international business operations.

Our services are tailored to meet each client’s specific needs, offering strategic insights and practical solutions to achieve and maintain compliance. Whether navigating the intricacies of the Indonesian PDP law or aligning with the EU-US Data Privacy Framework, Formiti is equipped to assist. Our team stays abreast of the latest developments in data privacy, ensuring that our clients are always a step ahead.



The enactment of Indonesia’s Personal Data Protection law is a significant development in global data privacy. It reflects a broader trend towards more stringent data protection laws worldwide, impacting businesses across the globe. Navigating these laws can be daunting, but with Formiti Data International Ltd, you have a knowledgeable and experienced partner. Discover more about our services and how we can help your business stay compliant in this dynamic environment by visiting Formiti’s Services.