The Urgency of Laws that Guarantee Personal Data Protection in Indonesia

With the increasing number of hacking and misuse of personal data, the Indonesian government decided to draft a Personal Data Protection Bill. Currently, the bill is being discussed by the Indonesian parliament. When the bill is finally ratified, it will be the legal basis to guarantee personal data protection in Indonesia.

However, protecting personal data is not an easy task. Cited by Kompas, 22 March 2021 edition with the title “Satpam-satpam Siber yang Bakal Jadi Rebutan”, M. Novel Ariyadi, Director of Cyber Security, BDO in Indonesia, said that his team must be on standby 24 hours to ensure the security of his client data is managed well. He illustrated that Data Protection Officer will act as a security officer. If in the real world a security officer carries a lock and safe key to protect important company assets, in cyberspace he and his team fortify management of information and data management with security control that align with business strategy of the company.

Unfortunately, despite the rising need for Data Protection Officer by many organisations, currently, the existence of DPO is still limited. Novel stated, "Finding people with DPO roles are not easy. In Indonesia, the undergraduate degree in cybersecurity is still very limited. Based on BDO's experience in complying with the GDPR, a DPO must have three competencies, namely cyber security, law, and the company-specific industry.  However, if your company is having trouble finding a trusted Data Protection Officer, BDO in Indonesia is ready to help you.