Policy Capacity of The Indonesian Government in Implementing Cross-Border Data Transfer Within Trade Agreements With The United States

Authors

  • Yuli Anitasari Universitas Indonesia
  • Agung Firman Sampurna Universitas Indonesia

DOI:

https://doi.org/10.59888/ajosh.v3i12.618

Keywords:

data transfer, digital sovereignty, public policy, digital economy liberalization, policy capacity

Abstract

The development of the global digital economy has encouraged the emergence of digital sovereignty issues, especially related to cross-border data transfer. In this context, the trade agreement between Indonesia and the United States announced in July 2025 includes Indonesia's commitment to open access to data transfer abroad. This commitment has strategic implications for national data governance and the protection of citizens' digital rights. This article aims to analyze Indonesia's readiness to implement these commitments using the policy capacity framework, which includes the government's technical, administrative, and political capacity. This study found significant limitations in all three dimensions of capacity, ranging from surveillance infrastructure to cross-agency coordination and political legitimacy. The analysis confirms the need for structured measures to strengthen institutions, procedures, and oversight so that the liberalization of data transfers does not come at the expense of digital sovereignty. This article contributes to the digital public policy literature by showing the application of the policy capacity framework in the issue of cross-border data transfer, which has been studied more from legal and economic perspectives.

References

Aaronson, S. A. (2018). Data Is Different: Why the World Needs a New Approach to Governing Cross-border Data Flows. CIGI Papers.

Alliance, G. D. (2025, July 23). Global Data Alliance. Retrieved from Global Data Alliance: https://globaldataalliance.org/news/gda-welcomes-us-indonesia-agreement-to-remove-indonesian-digital-customs-restrictions/

Arne Hintz, L. D.-J. (2019). Digital Citizenship in a Datafied Society. Florida: Polity Press.

Avram, A. (2023). International Data Transfer Challenges: Lack of Trust in U.S. Data Protection Mechanisms. Cornell International Law Journal.

Bigo, D. I. (2019). Data Politics. Oxford: Taylor & Francis.

Board, E. D. (2023, March 28). EDPB. Retrieved from EDPB: https://www.edpb.europa.eu/system/files/2023-04/edpb_guidelines_202209_personal_data_breach_notification_v2.0_en.pdf?utm_source=chatgpt.com

Chen, L. (2022). The Indo-Pacific Partnership and Digital Trade Rule Setting: Policy Proposals. Economic Research Institute for ASEAN and East Asia.

Commission, E. (2022). European Commission. Retrieved from European Commission: European Commission

Costa, G. D. (2025, July 24). Indonesia Business Post. Retrieved from Indonesia Business Post: https://indonesiabusinesspost.com/4823/society-environment-and-culture/indonesia-asked-to-reassess-data-privacy-terms-in-new-u-s-trade-deal?utm_source=chatgpt.com

Council, I. T. (2022). ITI's Comments Regarding Foreign Trade Barriers to U.S. Exports for 2023 Reporting. Information Technology Industry Council.

DCO. (2023). Enabling Cross-Border Data Flows Amongst the Digital Cooperation Organization Member States. Digital Cooperation Organization.

Erickson, A. (2019). Comparative Analysis of the EU's GDPR and Brazil's LGPD: Enforcement Challenges with the LGPD. Brooklyn Journal of International Law, 859.

European Commission. (2023). EU–US Data Privacy Framework: Questions & Answers. Retrieved from EU–US Data Privacy Framework: Questions & Answers: https://commission.europa.eu/

Executive Order. (2025). Regulating Imports with a Reciprocal Tariff to Rectify Trade Practices that Contribute to Large and Persistent Annual United States Goods Trade Deficits. Executive Order 14257.

GLBA. (n.d.). Gramm Leach Bliley Act of 1999, Pub. L. No. 106-102, 113 Stat. 1338 (1999). U.S..

Hijkman, H. (2016). The European Union as Guardian of Internet Privacy.

Huw Roberts, J. C. (2021). Safeguarding European values with digital sovereignty: An analysis of statements and policies. Internet Policy Review.

Indonesia, P. R. (2022). Law Number 27 of 2022 concerning Personal Data Protection.

Jakob Edler, K. B. (2023). Technology sovereignty as an emerging frame for innovation policy. Defining rationales, ends and means. Research Policy.

JonesDay. (n.d.). Brazil Amps Up Enforcement of Data Protection Law. Retrieved from JonesDay: https://www.jonesday.com/-/media/files/publications/2024/09/brazil-amps-up-enforcement-of-data-protection-law/files/brazil-amps-up-enforcement-of-data-protection-law/fileattachment/brazil-amps-up-enforcement-of-data-protection-law.pdf?rev=a8617d4aad5b403f

Kristina Irion, M. E. (2021). Privacy Peg, Trade Hole: Why We (Still) Shouldn't Put. The University of Chicago Law Review.

Lantz, A. (2016). The EU-US Privacy Shield An insufficient level of data protection under EU Fundamental Rights Standards. Stockholm University: Stockholm University.

Leblond, P. (2024). Trade Agreements and Data Governance. cigionline, 91.

M. Howlett, M. R. (2016). The two orders of governance failure: Design mismatches and policy capacity issues in modern governance. Policy and Society, 157–169.

Macievic, L. (2024). A Diversity of Adequacy: The European Commission's 11-Country Adequacy Review. American University Washington College of Law.

Mehmet. Kaya, H. S. (2025). Cross-Border Data Flows and Digital Sovereignty: Legal Dilemmas in Transnational Governance. Interdisciplinary Studies in Society, Law, and Politics, 219-233.

Milan & Treré. (2019). Big data from the South(s): Beyond data universalism. Television & New Media. Sage Journal, 319-335.

Ncheke, T. R. (2020). Cross-border data flows in the digital economy: an analysis between the European Union General Data Protection Regulation and the Southern African Development Community Data Protection Model law. South Africa: University of Pretoria.

Government Regulation Number 71 of 2019 concerning the Implementation of Electronic Systems and Transactions. (n.d.).

Rajmohan, K. (2025, January 23). TechPolicy.PRESS. Retrieved from TechPolicy.PRESS: https://www.techpolicy.press/data-localization-indias-tryst-with-data-sovereignty/

Reuters. (2016, June 26). Retrieved from Reuters: https://www.reuters.com/world/us/federal-data-privacy-laws-gain-support-us-congress-critics-remain-2024-06-26/?utm_source=chatgpt.com

Roberto Baldoni, G. D. (2025). Sovereignty in the Digital Era: The Quest for Continuous Access to Dependable Technological Capabilities. IEEE Security & Privacy, 91-96.

Rubinstein, I. S. (2010). Privacy and Regulatory Innovation Moving Beyond Voluntary Codes. A Journal of Law and Policy for the Information Society, 355.

Singapore, P. (n.d.). Data Protection Trustmark. Retrieved from PDPC Singapore: https://www.pdpc.gov.sg/overview-of-pdpa/data-protection/business-owner/data-protection-trustmark?utm_source=chatgpt.com

Treré, S. M. (2019). Big Data from the South Towards a Research Agenda. DATACTIVE Working Paper Series.

UNCDF. (2021). Cross-border data flows and development: For whom the data flow,. supra, 105.

Law Number 27 of 2022 concerning Personal Data Protection. (n.d.).

Union, E. (2016). General Data Protection Regulation (Regulation (EU) 2016/679).

Voss, W. G. (2020). Cross-Border Data Flows, the GDPR, and Data Governance. Washington International Law Journal, 485-532.

Wu, X. R. (2015). Policy capacity: A conceptual framework for understanding policy competences and capabilities. Policy and society, 165-171.

Ying Chen, Y. G. (2022). Comparative analysis of digital trade development strategies and governance approaches. Journal of Digital Economy, 227-238.

Zhixian Zhuang, X. L. (2024). CBCMS: A Compliance Management System for Cross-Border Data Transfer. IEEE International Conference on Big Data (BigData), (pp. 4789-4798).

Downloads

Published

2025-09-25

Issue

Vol. 3 No. 12 (2025): Asian Journal of Social and Humanities

Section

Articles

License

Copyright (c) 2025 Yuli Anitasari, Agung Firman Sampurna

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Authors who publish with this journal agree to the following terms:

  • Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution-ShareAlike 4.0 International. that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
  • Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
  • Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.