Gov’t assures public that all cross-border data flows are secure and consent-based

Indonesia has firmly denied allegations that it sold citizens’ personal data to the United States as part of a tariff negotiation deal. Top officials clarified that any data transfers occurring are commercial in nature and regulated under national privacy laws.

No Government-to-Government Data Deal

On July 24, 2025, Coordinating Minister for Economic Affairs Airlangga Hartarto dismissed rumors that Indonesia sold citizens’ personal data to the United States amid trade negotiations. He stressed that no government-to-government data exchange had taken place. Instead, he explained, personal data accessed by U.S. firms originates from individual user activity on platforms like Google and Bing.

“These platforms gather data through voluntary user actions—such as signing up or transacting—under consent agreements,” Airlangga said during a press conference at his office in Jakarta.

Data Flows Through Commercial Channels

According to Airlangga, data flows to the U.S. largely occur through existing digital ecosystems. When Indonesians register for services like Gmail or make online purchases via Mastercard or Visa, their data is stored in servers, often located abroad.

He emphasized that while the U.S. still lacks a federal Personal Data Protection (PDP) law, Indonesian users’ data remains under the oversight of the country’s authorities. This includes monitoring by the Ministry of Communication and Digital (Komdigi).

Protocols Under Development

In light of increasing cross-border digital activity, Indonesia is drafting formal protocols to regulate international data transfers. These agreements aim to ensure legal certainty and accountability in protecting Indonesian citizens’ personal information when used by foreign entities.

“These protocols are expected to serve as a legal foundation for future digital cooperation, not just with the U.S. but with other nations as well,” Airlangga explained, citing the importance of secure governance.

Nongsa Digital Park Sets the Standard

Indonesia has already taken tangible steps toward building data resilience. The Nongsa Digital Park in Batam serves as a national digital hub, complete with advanced physical and cyber safeguards. From encrypted data cables to restricted access to servers, the facility showcases how the government is protecting sensitive digital infrastructure.

“Nongsa is more than just a data center—it’s a model for secure data management,” said Airlangga, adding that its security protocols exceed international best practices.

Addressing Public Concerns

The rumor, which suggested that Indonesia exchanged personal data for better tariff terms with the U.S., had sparked public backlash. Presidential Communications Office Head Hasan Nasbi clarified that data flow discussions were focused solely on enabling smoother digital trade.

“This is about empowering digital commerce—not compromising privacy,” Nasbi reiterated.

Airlangga also reassured the public that any cross-border data handling is done based on user consent and national law, making unauthorized data transfer legally and practically implausible.

Indonesia’s firm denial of the alleged data-for-tariff deal reflects the country’s broader commitment to data sovereignty and user privacy in an increasingly connected digital economy. As the government works to strengthen legal frameworks for cross-border data transfers and build trusted digital infrastructure like Nongsa Digital Park, it sends a clear message: digital growth must be rooted in transparency, user consent, and national oversight. This approach positions Indonesia to play a leading role in shaping ethical and secure digital governance across Southeast Asia.

Sources: Tirto.id (2025) , Berita Satu (2025)

Keywords: Airlangga Hartarto, Personal Data, U.S. Indonesia Agreement, Data Transfer Protocol, Privacy Law