According to the Minister of Communication and Informatics Regulation No. 5 of 2020 on Private Electronic System Operators, foreign Private Electronic System Operators (ESOs) are required to register their businesses with the relevant ministry through the online single submission system. ESOs should also appoint liaison officers, who have to be domiciled in Indonesia. The duty of the liaison officer is to facilitate any access request by government authorities and takedown requests. According to the regulation, ESOs are persons, business entities, or communities that operate an electronic system. ESOs include electronic system operators that are supervised by ministers or institutions in accordance with laws and regulations and electronic system operators that have an online portal, site, or application through the Internet. The requirement was first enacted with Government Regulation No. 71/2019 regarding the Provision of Electronic Systems and Transaction which repealed the Government Regulation No. 82 of 2012.

Regulation 17/2018 establishes five HS lines at the eight-digit level (with import duty rates currently set at zero per cent) for software and other digital products transmitted electronically, including applications, software, video, and audio. Despite zero tariffs, it is reported that companies have expressed concern over the potential administrative burden of this new regulation, including potential customs documentation or reporting requirements. MOF has indicated that any data reporting under this system will be voluntary.

According to Ministry of Communication and Information Technology (MOCI) Regulation No. 12/2019, Indonesian telecommunication operators are required to expend a minimum of 50% of their total capital expenditures for network development on locally sourced components or services. The regulation also requires companies to annually report the percentage of local content procured and have that information “authenticated” by the government or a survey institute appointed by the government.

According to Art. 4 of the Ministry of Communication and Information Technology (MCIT) Regulation 13/2021, all 4G-LTE and 5G-enabled devices since April 2022 to contain 35% local content (while previously it was set at 30% in the Ministry of Communication and Information Technology (MOCI) Regulation No. 27/2015) and all 4G-LTE and 5G base stations to contain 40% local content. Ministry of Information's Regulation 29/2017 provides a formula for calculating “local content".

According to the Ministry of Communication and Information Technology Regulation No. 6/2017 , IPTV providers shall prioritise and are required to provide Internet Protocol Set-Top-Boxes with a minimum local content requirement of 20%, with the amount rising to 50% within five years of starting operations in Indonesia. Furthermore, the IPTV operator shall provide at least 10% of domestic content during its broadcasting services, 30% during its multimedia services, and "the number of domestic, independent content providers contributing to the implementation of IPTV services shall be at least 10% of the number of content providers in the content library of the organiser and gradually increase to 50% within five years.

Ministry of Communications and Information Technology Regulations No. 7/2009 and No. 19/2011 require that equipment used in certain wireless broadband services contain local content of at least 30% for subscriber stations and 40% for base stations and that all wireless equipment contains 50% local content. Although there are reports about the regulations, it was not possible to find the regulatory text.

It is reported that, according to Ministry of Communications and Information Technology (MCIT) Regulation 4/2019, all TV and set-top boxes based on digital video broadcasting-terrestrial second generation and internet protocol set-top boxes must contain at least 20% local content. Despite reports about these regulations, the regulatory text could not be located online.

It is reported that Ministry of Communications and Information Technology (MCIT) Regulations 9/2019 and 10/2019 mandate that wavelength division multiplexing and internet protocol network devices adhere to local content requirements. Industry stakeholders have expressed ongoing concerns regarding the Ministry of Information's (MOI) reluctance to engage in dialogue on local content requirement (LCR) policies with stakeholders. Despite reports about these regulations, the regulatory text could not be located online.

Government Regulation No. 46/2021, which replaces Government Regulation No.52/2000, stipulates that a certificate of approval is required for IT and telecommunication equipment to be sold or imported into the Indonesian market. The certificate of approval is issued by the Directorate General of Resources and Equipment for Post and Information Technology (SDPPI). The SDPPI Kepdiejen Postel No. 3/2020 allows third-party certification from Conformity Assessment Bodies (CABs) from a number of countries.
In-country testing at an SDPPI laboratory of two randomly selected equipment samples is required for radio frequency and telecommunications equipment before the SDPPI issuance of the certificate SDPPI Decision No. 36 issued in January 2020 includes a list of the 150 international test labs that it recognises.

The Government Regulation (GR) No. 28 of 2021 on the Implementation of the Industrial Sector includes requirements governing conformity assessment to Indonesian national standards (“SNI”) for a wide variety of consumer goods, including electronics. It has been reported that testing laboratories and conformity assessment bodies have been told to halt certification until the Minister of Industry issues implementing guidance for GR 28/2021. This standstill has resulted in the halting of imports that use the SNI scheme, which requires testing per shipment. Additionally, GR 28/2021 requires that all steps of product testing be conducted by an Indonesian national residing in Indonesia, further complicating product sample collection amid ongoing travel restrictions.

There is a limit of 49% on the shares that can be acquired by foreign investors in government-controlled firms. This includes foreign participation express delivery services SOEs sector as regulated in the Government Regulation No. 15/2013 as amended by the Government Regulation No. 46/2021.

The Ministry of Trade Regulation 38/2013 imposes requirements on importers of mobile phones, handheld computers, and tablets to prove previous import activities and local aftersales activity, as well as requirements regarding the distribution and the establishment of industrial activity in Indonesia. In addition, the Ministry of Industry Regulation 68/M-IND/PER/9/2016 includes new licensing requirements for different types of importers of tablets, cellular phones, and handheld computers. These differ depending on:
- whether the importer is working with an Indonesian producer,
- whether the importer is also the producer of the goods,
- whether the imports are conducted with a specific purpose (i.e., specialised orders) or concerning after-sales services.

Indonesia has implemented stringent measures that affect the importation of cellular and Wi-Fi-equipped products. In support of its Commodity Balance policy, the Ministry of Trade (MOT) issued Regulation 20/2021 (amended by MOT Regulation 25/2022), which consolidated import regulations under a unified framework, including the revocation of MOT Regulation 82/2012. These regulations mandate that all import license applications be processed through the national single window system, maintaining rigorous import requirements. Importers must now be registered and demonstrate engagement with at least three distributors, as well as contribute to the domestic device industry or collaborate with local manufacturing, design, or research entities. Importation of 4G and beyond technology devices requires a producer's license (API-P), typically held by importers of unfinished goods, further restricting foreign producers' access to the Indonesian market. Additionally, importers must provide product identification numbers and a corresponding certificate from the Ministry of Communications and Information Technology (MCIT), leading to prolonged decision-making processes and industry uncertainty. Despite reports about this regulation, the regulatory text could not be located online.

Under MOT Regulation 68/2020, Indonesia requires import approvals and stringent reporting requirements for electronic devices (except such products imported for market testing or after-sales service purposes) with the stated goal of reducing the volume of consumer goods entering Indonesia in favour of local production.

Art. 53 of Law No. 27 introduces the requirement for controllers and processors to appoint a data protection officer (DPO) in certain circumstances, namely where:
- the data processing is carried out for the benefit of public services;
- the nature, scope, and/or purposes of the main activity of the controller require organised and systematic supervision on a large scale; and
- the main activity of the controller consists of large-scale processing that is specific in nature and/or related to criminal conduct.
Additionally, while Regulation No. 20 do not stipulate the requirement of a DPO, Art. 28(i) requires electronic system operators to provide a point of contact who can be easily contacted by the data subject relating to the management of their personal data.