In this #BILLawFact, our Partner Eddy Isworo and Associate Samuel Joviandre highlight Constitutional Court Decision No. 151/PUU-XXII/2024, which reshapes the obligation to appoint a Data Protection Officer (“DPO”) under Indonesia’s PDP Law.
The Decision shifts the requirement from cumulative to alternative criteria—meaning a DPO must be appointed if any one condition is met. This brings Indonesia closer to global standards like the GDPR and strengthens accountability for high-risk data processing.
Non-compliance may result in administrative sanctions, including suspension of data processing and fines of up to 2% of annual revenue.
For legal advice on data protection compliance, contact us at [email protected]
The author acknowledges the contribution of our Apprentice, David Nathanael Maruhawa, in preparing this BILLawFact.