An Indonesian lawmaker is warning that a recent trade agreement with the United States may leave the nation’s digital borders dangerously porous, potentially compromising national security in exchange for economic liberalization.
Yulius Setiarto, a member of Commission I of the Indonesian House of Representatives (DPR), has called for an immediate reevaluation of the Agreement on Reciprocal Trade (ART). The pact, signed on February 19, 2026, by President Prabowo Subianto, and U.S. President Donald Trump, has come under fire for allegedly bypassing parliamentary scrutiny and lacking necessary safeguards for the country’s digital sovereignty.
At the heart of the dispute is the balance between attracting foreign investment and maintaining control over strategic data. Setiarto, a politician with the Indonesian Democratic Party of Struggle (PDI-P), argues that the ART contains loopholes that disproportionately benefit American technology conglomerates while leaving Indonesia vulnerable to external influence and cyber threats.
The concerns center on the concept of the US-Indonesia trade pact digital sovereignty, with Setiarto suggesting that Indonesia is stepping into a subtle trap by codifying a dependency on foreign digital infrastructure that it cannot yet independently manage or audit.
The Risks of Digital Liberalization
The primary point of contention lies in Article 3 of the ART, specifically Section 3.2, which governs data transfers. This provision promotes digital liberalization to facilitate smoother data flows, intended to spur innovation and trade between Jakarta and Washington. However, Setiarto contends that this arrangement is fundamentally unbalanced.
By obligating Indonesia to ensure cross-border data transfers through electronic systems designed to protect business operations, the lawmaker argues the state is essentially outsourcing its data governance to the remarkably companies the laws are meant to regulate. Because Indonesia still relies heavily on U.S.-dominated cloud services and digital architecture, the protection of citizen data becomes dependent on the policies of foreign entities.
This vulnerability is not merely theoretical. Setiarto pointed to the 2015 hacking of Ukrainian power plants by Russian actors as a stark reminder that vital national infrastructure can be crippled when digital sovereignty is compromised. In the current geopolitical climate, particularly with escalating tensions in the Middle East, the lawmaker warns that Indonesia’s cybersecurity resilience must be treated as a matter of national survival rather than a technicality of trade.
Constraints on Technological Autonomy
Beyond data flows, the ART imposes restrictions that could hinder Indonesia’s long-term technological growth. Article 3.4 on Market Access Requirements prohibits the Indonesian government from requiring U.S. Companies to transfer technology or provide access to source code and algorithms as a condition for operating within the country.
While such rules generally make a market more attractive to investors, Setiarto argues they strip the government of its ability to conduct credible audits. Without the ability to inspect algorithms, the state remains blind to potential algorithmic biases or hidden cybersecurity risks that could be leveraged to disrupt national interests or manipulate public perception.
The agreement also introduces a diplomatic constraint in Article 3.3. This clause requires Indonesia to consult with the United States before entering into new digital trade agreements with other nations if those deals are deemed to affect U.S. Interests. Setiarto warns that this effectively grants Washington a veto or a consultative role in Indonesia’s independent foreign digital policy, limiting Jakarta’s ability to diversify its partnerships.
An Infrastructure Gap
The urgency of these warnings is compounded by Indonesia’s current internal regulatory gaps. Despite the existence of the Personal Data Protection Law (UU PDP), the supervisory agency mandated by the law has yet to be fully established. The nation’s digital backbone, including the national data center, continues to rely on temporary facilities.
Setiarto suggests that without a robust domestic infrastructure, the data transfer mechanisms in the ART act as a one-way street, facilitating the extraction of citizen data without providing the state with the tools to monitor or control that flow.
This lack of oversight echoes President Prabowo’s own frequent warnings regarding the influence of foreign proxies. Setiarto argues that foreign control over personal data and algorithms could be weaponized to shape political preferences and disrupt national stability, turning a trade agreement into a tool for external political leverage.
Proposed Safeguards and Next Steps
To mitigate these risks, Setiarto is urging the government to prioritize the Cyber Security and Resilience Bill (CSRB). He believes this legislation would provide the necessary legal teeth to protect vital infrastructure and reduce the nation’s reliance on foreign entities by focusing on “resilience”—the ability of a digital ecosystem to recover quickly from external interventions.
Before the ART is fully implemented, the lawmaker has proposed four strategic interventions:
- Technical Regulation: Accelerating the classification of data to define exactly which categories of information are prohibited from cross-border transfer.
- Institutional Oversight: Creating cross-institutional task forces to monitor data transfers in real-time.
- Regulatory Optimization: Fully implementing the Personal Data Protection Law to ensure fair verification of transfer requirements.
- Legislative Action: Rapidly ratifying the CSRB to establish a legal basis for safeguarding civil data and vital infrastructure.
| ART Provision | Intended Benefit | Lawmaker’s Concern |
|---|---|---|
| Article 3.2 (Data Transfer) | Smoother digital trade flows | Loss of control over strategic assets |
| Article 3.3 (Trade Agreements) | US-Indonesia alignment | Limited autonomy in foreign partnerships |
| Article 3.4 (Market Access) | Increased investor appeal | Inability to audit source code/algorithms |
The debate now shifts to the Indonesian House of Representatives, where Commission I is expected to determine whether the ART will be ratified in its current form or sent back for renegotiation to include stronger sovereignty protections.
This article is provided for informational purposes. Legal interpretations of trade agreements and pending legislation are subject to change based on official government decrees and parliamentary votes.
We invite readers to share their perspectives on the balance between digital trade and national sovereignty in the comments below.
