Dani Aswara, Jakarta – Cybersecurity expert Pratama Persadha from the Communication and Information System Security Research Center (CISSReC) views the White House's official statement on the transfer of personal data from Indonesia to the United States as a strategic opportunity rather than a threat.
He believes it presents a chance for Indonesia to accelerate the development of a sovereign and adaptive data governance system.
"This moment can instead be used as a strategic opportunity to accelerate the strengthening of national data governance that is sovereign, modern, and responsive to global challenges," Pratama said in a written statement on Thursday, July 24, 2025.
He emphasized that Indonesia's openness to global data flows must be grounded in the principle of digital sovereignty, which is the state's authority to regulate and protect its citizens' personal data under national law.
In this context, Law Number 27 of 2022 concerning Personal Data Protection (PDP Law) provides a vital legal foundation.
Pratama explained that the PDP Law allows cross-border data transfers under certain conditions. These include situations where the receiving country has equivalent or higher standards of personal data protection or when such transfers are supported by binding international agreements.
Therefore, he stressed the urgency of establishing the Personal Data Protection Supervisory Agency (LPPDP) and issuing government regulations derived from the PDP Law.
"Without technical instruments and an independent oversight body, the commitment to protecting citizens' digital rights will remain rhetorical," he said.
However, Pratama also warned of potential risks associated with data transfers to countries that lack comprehensive federal data protection laws, such as the United States.
He cautioned that citizens' personal data might be accessed by foreign tech companies or intelligence agencies.
To address this concern, he called on Indonesia to take a proactive approach by developing clear and objective standards for evaluating the data protection regimes of destination countries.
He also suggested that bilateral agreements might be necessary to ensure that the digital rights of Indonesian citizens remain safeguarded even when their data is processed overseas.
"Indonesia must show normative leadership. We cannot simply follow global trends. We also have to help shape them," he said.
Pratama underlined the importance of maintaining Indonesia's digital non-alignment in the face of growing technological rivalry between the United States and China.
He argued that Indonesia must serve as a stabilizing force for digital governance within the Association of Southeast Asian Nations (ASEAN) and strengthen its influence in global forums such as the G20 and the United Nations Internet Governance Forum (UN IGF).
He also noted that data governance extends beyond privacy issues. Citizens' personal data, he explained, is the primary resource for artificial intelligence systems and digital algorithms.
"If we do not manage our data properly, it will simply become a raw commodity, processed by foreign entities and sold back to us," said Pratama.
He emphasized the importance of building strong national digital infrastructure, supporting domestic research, and investing in the development of local digital talent.
According to him, data transfer agreements should not be viewed as the final goal but rather as the starting point for a national effort to build a robust data governance framework
He concluded by saying that Indonesia must play an active role in shaping a fair and sustainable global data architecture.