Yes, scraping public data in Indonesia is generally permissible if it complies with data protection laws and does not violate platform terms of service. Public data accessible without authentication or technical barriers may be collected, but misuse risks penalties under PDP Law No. 27/2022. The Ministry of Communication and Informatics (Kominfo) monitors automated data extraction, particularly for sensitive datasets.
Key Regulations for Scraping Public Data in Indonesia
- PDP Law No. 27/2022: Mandates that even public data must be processed lawfully, with restrictions on automated collection if it risks privacy or security breaches. Non-compliance may trigger fines up to 2% of annual revenue or IDR 2 billion.
- Kominfo Circular (2024): Prohibits scraping personal data from government portals (e.g., Dukcapil, BPJS) without explicit consent, even if publicly listed. Automated tools accessing these systems require prior registration.
- Electronic Information and Transactions Law (UU ITE) No. 11/2008: Criminalizes unauthorized data extraction if it disrupts system integrity or breaches contractual terms, with potential imprisonment for up to 6 years.
Scraping publicly available corporate or non-personal data (e.g., company registries) is permitted, but aggregators must anonymize identifiers to avoid PDP violations. The 2026 PDP implementing regulations will further tighten automated data collection, requiring impact assessments for high-volume scraping. Always verify source legitimacy and consult Kominfo’s 2025 guidelines on “Responsible Data Scraping.”