Across Europe, the Americas, Asia, and Africa, modern data protection regimes increasingly empower regulators to impose direct administrative financial penalties for non-compliance. ASEAN has followed the same trajectory. Regulators are no longer satisfied with guidance, warnings, or post-incident explanations…

The Indonesian Constitutional Court (Mahkamah Konstitusi) rendered judgment in Case No. 137/PUU-XXIII/2025 addressing Article 56 of Law No. 27 Year 2022 on Personal Data Protection (UU PDP) governing international data transfers…

U.S.–ASEAN bilateral Agreements on Reciprocal Tariffs (ART) commitments reveal that cross-border data flows are far more complex than many assume. These agreements vary significantly across countries, and domestic laws remain decisive…

A silent game-changer is emerging in Indonesia–U.S. data flows. As part of the U.S.–Indonesia Agreement on Reciprocal Tariffs (ART), a draft clause under discussion would allow: “Indonesia will provide certainty regarding the ability to move personal data out of its territory…

Let’s be honest — Indonesia’s PDP Law is already in force, yet many organisations are still scrambling, delaying, or simply “nominating” someone as DPO just to appear compliant. This is happening even though the law is unambiguous: certain organisations must appoint a capable Data Protection Officer (DPO), not a symbolic one…

Professor Dr Abu Bakar Munir, an internationally renowned scholar, expert, and consultant in Cyber Law and Data Protection Law, as well as Co-Founder of Asosiasi Profesional Privasi Data Indonesia (APPDI), explained that the Order represents Brunei’s decisive step toward establishing…