technology

Trump Requests Indonesian Personal Data To Be Placed In The US, What Happens To Data Center Businesses?

Indonesian citizens' personal data is at risk of being "mortgaged" in a trade deal with the United States (US), particularly regarding reciprocal import tariffs. As is known, President Donald Trump announced a historic trade agreement between the US and Indonesia in various sectors, including the digital sector related to personal data processing. In this sector, Donald Trump, in an official White House statement, stated that the US and Indonesia are eliminating digital trade barriers by planning to finalize commitments regarding digital trade, services, and investment. 

Indonesia has made several commitments, one of which is providing certainty regarding the ability to transfer personal data from Indonesia to the US through an acknowledgement that the US provides adequate data protection under Indonesian law. 

However, the data protection promised by the US is questioned by many, including the Indonesian Cloud Computing Association (ACCI). ACCI Chairman Alex Budiyanto stated that the US differs from Europe, which has its own personal data protection regulations, known as the General Data Protection Regulation, as in Indonesia. The US does not yet have a definitive regulation governing this, so companies that sell or leak data cannot be sanctioned. 

"The US doesn't have a federal law for personal data protection. So, our data shouldn't be allowed there," Alex told Bisnis on Wednesday (July 23, 2025). He said the US currently doesn't have its own version of the Personal Data Protection Act (PDP). The US simply requests that Indonesian personal data be managed there without any guarantee of legal protection. 

This means that if a violation occurs in the US, Indonesia has no legal instruments to prosecute or punish. "Indonesia has the law, Europe has the GDPR. But in the US? Nothing. That's why this is a problem," Alex said. Meanwhile, Ardi Sutedja, Chairman of the Indonesia Cyber Security Forum (ICSF), reminded us that data protection is the core of national cybersecurity and resilience. In the digital era, personal data has become the backbone of almost all sectors – from banking to healthcare to energy. The ease of cross-border data transfer without clear regulations ultimately undermines the PDP Act and undermines Indonesia's digital sovereignty. "Who can guarantee that Indonesian citizens' data will be leaked to America? How can they sue?" Ardi asserted. Furthermore, ICT Institute Executive Director Heru Sutadi stated that the US's collection of personal data by individuals requires the consent of the data owner. "Consent is also required if the data is to be shared with other parties. If the individual, as the data owner, agrees, then the following rules apply: Data sharing must be reciprocal," Heru said. 

Tag: Digital Sector Indonesian Cloud Computing Association Indonesian Personal Data