Personal Data Protection Authority Institute
Lembaga Pelindungan Data Pribadi | |
Agency overview | |
---|---|
Formed | TBA |
Jurisdiction | Indonesia |
Agency executive |
|
The Personal Data Protection Authority (Indonesian: Lembaga Pelindungan Data Pribadi) is a future executive agency formed by the Indonesian government, working directly under the President of Indonesia. The agency will be tasked with information privacy safeguarding, personal data protection, and enforcing laws related/regarding to the personal data protection.[1]
History
[edit]The call for establishment of an institution to protect data privacy had been sounded since 2016.[2] Establishment of such institution deemed very needed to protect the constitutional rights of Indonesian citizens for information privacy protection and safeguarding national interests over the personal data protection.[3][4]
During the formulation of the Bill of Personal Data Protection, there is an issue regarding to whom will be vested with power to safeguard and enforce the law regarding the personal data protection. There was discussed whether the Ministry of Communication and Information Technology, National Cyber and Crypto Agency, or a separate independent agency under the office of the President of Indonesia that will be vested with such power.[5]
On 20 September 2022, the Bill of Personal Data Protection passed by the People's Representative Council and signed into law by Joko Widodo on 17 October 2022 as Law No. 27/2022 (Law on Personal Data Protection).[6] When the bill passed into law, it later known that the third option is chosen instead giving such powers to the pre-existing agencies/ministries. Article 58, 59, and 60 of the Law No. 27/2022 detailed the agency establishment, mandate, and authorities.[7]
On 26 January 2024, Ministry of Communication and Information Technology confirmed that the agency targeted to be established on Mid 2024. The agency expected to be a spin-off of the ministry body.[8]
Powers
[edit]As mandated by Article 59 Law No. 27/2022, the agency mandated to:[9]
- Formulate and establish the policies and strategies for personal data protection, which will be used as standards and guide to the personal data subject, controller, and processor.
- Supervise of the personal data protection implementation.
- Law enforcing administrative violation of the personal data protection laws, including the violations against the Law No. 27/2022 itself and its derivative regulations.
- Facilitate dispute resolution outside the court.
As mandated by Article 60 Law No. 27/2022, the agency possessed authorities as follows:[10]
- Formulation and establishment of policies and strategies for personal data protection, which will be used as standards and guide to the personal data subject, controller, and processor.
- Supervision of the personal data protection implementation.
- Administrative law enforcement for the violation of the personal data protection laws, including the violations against the Law No. 27/2022 itself and its derivative regulations.
- Assisting the preexisting law enforcement agencies in Indonesia in handling alleged criminal acts against the laws.
- Establishing cooperation with other countries' data protection authorities.
- Assessing compliance requirements for transfer of personal data outside the region the laws of the Republic of Indonesia.
- Issuing orders in order to follow up the supervisory results of the Personal Data Controller and/or Personal Data Processors.
- Publishing the results of the implementation of supervision.
- Protection of Personal Data in accordance with the laws.
- Receiving complaints and/or reports regarding allegations there is a violation of Personal Data Protection
- Investigating over complaints, reports, and/or monitoring results against allegations of violations of the personal data protection laws.
- Summoning and presenting Everyone and/or public bodies related to alleged violations of the personal data protection laws.
- Requesting information, data, and documents from every related person and/or public Body alleged to violate personal data protection laws
- Summoning and presenting the necessary experts in investigations and investigations related to allegations of violations of personal data protection laws.
References
[edit]- ^ Pelindungan Data Pribadi [Personal Data Protection] (PDF) (Law 27, 58) (in Indonesian). Dewan Perwakilan Rakyat of Indonesia. 2022.
- ^ Finaka, Andrean W. "Perjalanan UU Perlindungan Data Pribadi". indonesiabaik.id (in Indonesian). Retrieved 2022-11-26.
- ^ DA, Ady Thea. "LBH Jakarta Beberkan 3 Alasan Lembaga Pelindungan Data Pribadi Harus Independen". hukumonline.com (in Indonesian). Retrieved 2022-11-26.
- ^ Sambas. "Lembaga Otoritas Perlindungan Data Pribadi sudah mendesak". ANTARA News Banten (in Indonesian). Retrieved 2022-11-26.
- ^ Toewoeh, Titah Arum M. R. (2022-10-22). "Teguh: Amanat UU, Presiden Tetapkan Lembaga Otoritas PDP". Ditjen Aptika Kementerian Komunikasi dan Informatika (in Indonesian). Retrieved 2022-11-26.
- ^ Asyari, Haekal Al. "Langkah Konkret Setelah UU Perlindungan Data Pribadi Disahkan". detiknews (in Indonesian). Retrieved 2022-11-26.
- ^ Susanto, Vendy Yulia (2022-09-20). "Lembaga Otoritas Perlindungan Data Pribadi Berada di Bawah Presiden". kontan.co.id (in Indonesian). Retrieved 2022-11-26.
- ^ Iradat, Damar. "Kominfo Sebut Lembaga Pengawas PDP Bakal Dibentuk Pertengahan 2024". teknologi (in Indonesian). Retrieved 2024-02-17.
- ^ Pelindungan Data Pribadi (Law 27, 59). 2022.
- ^ Pelindungan Data Pribadi (Law 27, 60). 2022.