Indonesia Government Regulation No. 71 (GR 71)

Indonesia's Government Regulation No. 71 of 2019 regarding Operation of Electronic System and Transactions ("GR 71") regulates the activities of Electronic System Operators (ESOs), generally defined as any person, government administrator, business entity, or member of society that provides, administers, and/or operates an electronic system individually or collectively for users. As of October 10, 2019, GR 71 amends Indonesia's previous Government Regulation No. 82 of 2012 to provide more clarity around data localization requirements, including additional flexibility for private-sector ESOs to store systems and data outside Indonesia, subject to certain restrictions. GR 71 also includes registration requirements for ESOs, general data protection and security requirements, erasure and delisting rights for data owners, and content prohibitions, among other requirements.

Google Cloud offers products and solutions that customers may utilize as part of their GR 71 compliance strategy:

• Data residency options with a growing list of locations around the world, including Jakarta;
• Security and privacy features that help you to comply with GR 71 and better protect and govern systems and data;
• Services and infrastructure built to ensure the security of data processing and employing appropriate privacy practices;
• Continuous evolution of our products and capabilities as the regulatory landscape changes;
• Strong data processing, privacy, and security commitments in our Cloud Data Processing Addendum (CDPA).

Google Cloud customers will need to evaluate their systems and data and determine if GR 71's requirements are applicable to them. We recommend that you consult with a legal expert to obtain guidance on GR 71 and other Indonesian laws and regulations applicable to your organization, as this site does not constitute legal advice.