Commission I: Indonesia-US Data Transfer Must Be Balanced with Sovereignty and Protection

Jakarta (ANTARA) - Deputy Chairman of House of Representatives Commission I, Sukamta, has stated that the data transfer agreement signed under the reciprocal trade agreement (ART) between Indonesia and the United States must be balanced with the strengthening of digital sovereignty and public data protection.

In a statement received in Jakarta on Monday, Sukamta said that protecting individual rights is a state obligation. Accordingly, policies are needed to ensure that every Indonesian citizen’s data is safeguarded by the legal system.

“Cross-border data transfer is an inevitability of the modern digital economy. However, the ease of data flow must be balanced with the strengthening of digital sovereignty and the protection of citizens’ rights,” he said.

He argued that this momentum must be used to accelerate the development of a national data governance framework that is credible, transparent, globally competitive, and aligned with national interests.

The approach required, he said, is neither data protectionism nor unbounded liberalisation, but rather a balance between smooth data flows for economic growth and legal certainty in protecting citizens.

In this regard, he identified several matters that must be prepared and followed up by multiple stakeholders. Among them is the establishment of an independent personal data protection authority.

“The establishment of an independent body with investigative and technical capacity, as well as adequate sanctioning powers, must be a priority. Without effective oversight, data protection remains merely normative,” he said.

On this matter, the government is known to be drafting a Presidential Regulation mandated by Article 58 of Law No. 27/2022 on Personal Data Protection (PDP).

“I urge the Government to immediately finalise deliberations on this draft presidential regulation,” he said.

The drafting of comprehensive derivative regulations is equally important. Government regulations mandated by the PDP Law must clarify the criteria for countries with adequate protection, periodic evaluation mechanisms, and standards for cross-border data protection contracts.

Furthermore, he highlighted the importance of strategic data classification. According to him, categories of sensitive strategic data requiring additional safeguards need to be established, such as health, biometric, and critical infrastructure data.

Cross-border complaint and remediation mechanisms also need attention. In this context, the state must provide clear and accessible complaint channels for all citizens in the event of data misuse abroad.

He also stressed the urgency of periodic evaluation of adequacy status. According to him, the recognition of a country as “adequate” should be dynamic and evaluated periodically based on regulatory developments and practices in partner countries.

Additionally, the strengthening of domestic data infrastructure must not be overlooked. Cross-border data transfer, he said, must not impede the development of national data centres and the domestic cloud computing industry. Both must proceed in parallel.

“This is a momentum to accelerate the consolidation of national data governance so that Indonesia does not merely become a digital market, but is also capable of becoming a significant global player in the digital market,” he said.