Asset Publisher

Single title

Regulating Data in India & Indonesia

Report

The policy report covers how India and Indonesia have sought to regulate data. Booming digital economies in both countries have created demands to develop legislative frameworks to regulate data – how data is collected, processed, stored, and shared. Rules governing data will significantly influence the development course and growth of India and Indonesia’s digital economies.

Asset Publisher

Politics around data regulations, however, have remained fitful in both countries. India has been hurtling toward creating a new policy framework and law to manage data, with differences around what data is, how organisations should handle it, and how the government should regulate this divide. So far, Indonesia has governed data through a patchwork of different sectoral regulations issued by separate agencies. This fragmented landscape could soon give way to a new, comprehensive law on personal data protection. Once operational, the remit and writ of legislations in both countries will likely be deep and so will the impact it will have on privacy and citizen’s rights, the state’s role in governing data, and digital innovation trends in India and Indonesia.


In both countries, draft legislations have been influenced by the European Union’s General Data Protection Regulation (GDPR) framework, a user-centred data protection approach imbued with notions of consent and accountability. These user-centric data governance ideas are balanced by a preference for a statist approach toward data regulation in both countries that underscores sovereignty at the expense of privacy. The critical challenge will be to see how new data laws in both countries will balance these two irreconcilable objectives.


Another key challenge concerns the implementation and enforcement of these data laws once enacted. Provisions call for a new regulator(s) to manage and oversee issues under the burgeoning data remit. But questions remain on the independence of the future data regulators and whether they will be able to exercise judgment and mediate conflicts, keeping in mind various public and private interests. There are also questions concerning coordination and capacity – will firms and public organisations have the necessary staff to manage queries concerning data and be responsible for compliance? Both countries will have to manage and overcome expected institutional deficits once their data legislations are enacted, and regulators created. Finally, the politics around data in both countries will complicate effective regulation and enforcement – privacy activists and related civil society organisations will likely pressure governments to enact strong laws that balance both privacy and accountability without sacrificing these priorities at the altar of state control.

The Report is available in both English and Bahasa Indonesia.

 

Asset Publisher

Contact

Aishwarya Natarajan

comment-portlet

Asset Publisher

Media library

Rule of Law Rules Podcast

#11: Hannah Lim on Legal Technology in South East Asia

As Head of Rule of Law and Emerging Markets at LexisNexis in Singapore, Hannah identifies areas where LexisNexis can, leveraging on technology, support the rule of law.

read now
Rule of Law Rules Podcast

#6: Lee San Natalie Pang on the General Data Protection Regulation & its influence in Southeast Asia

For the last episode of our first series “Data Protection” we go to Asia and take a closer look at the Southeast with Dr Lee San Natalie Pang, our expert on Data Protection.

read now
Rule of Law Rules Podcast

#5: Ridwan Oloyede about the GDPR and its influence in African legal framework

Ridwan Oloyede is co-founder of a Nigerian start-up, that helps businesses to achieve operational excellence through the reliable and efficient application of technology.

read now
Rule of Law Rules Podcast

#4: Nadim Gemayel on the General Data Protection Regulation and its influence in Middle East

Nadim Gemayel is a politician and lawyer based in Lebanon and Qatar. He was a member of the Lebanese Parliament between 2009 and 2020.

read now
Rule of Law Rules Podcast

#3: Eduardo Magrani on Data Protection in Latin America

We speak with Eduardo Magrani about the General Data Protection Regulation and its influence in Brazilian and Latin American legal framework.

read now
Rule of Law Rules Podcast

#2: Ioana Stupariu on the GDPR's influence in South East Europe

Ioana Stupariu works with tech and healthcare start-ups and companies across Central and Eastern Europe. And she researches on Data protection & Privacy.

read now
Rule of Law Rules Podcast

#1: Frederick Richter on the the EU’s GDPR and data protection worldwide

We look at the EU’s GDPR: How is data protection handled in other parts of the world? How can we establish international standards? And what will happen next?

read now

Asset Publisher

Asset Publisher