Art. 20 of Regulation No. 71 provides that public electronic system operators (ESOs) are required to manage, process, and/or store electronic systems and electronic data in the territory of Indonesia, except if the technology is not yet available. Private ESOs can manage, process, and/or store electronic systems and electronic data in Indonesia and/or outside the country (Art. 21). However if management is carried out outside, it must ensure the effectiveness of supervision by the ministry, etc.
Art. 1 contains several key definitions:
- Electronic system: a set of electronic equipment and procedures that have the function of preparing, collecting, processing, analysing, storing, displaying, announcing, delivering, and/or disseminating electronic information.
- ESO: any persons, state administrators, business entities and the public that provide, manage and/or operate an electronic system individually or jointly to electronic system users for its own interests and/or the interests of another party.
- Public ESO: an electronic system operation by a state administrator agency or institutions appointed by a state administrator agency.
- Private ESO: an electronic system operated by a person, business entity, and the public.
With the entry into force of Regulation No. 71, Regulation No. 82 was repealed and declared null and void. Under Art. 17 of Regulation No. 82, ESOs for public services had to establish data centres and a disaster recovery centre in Indonesia, impacting many private sector companies.

Art. 21 of Government Regulation No. 46/2020 mandates that the health data should be stored in Indonesia.

Under Art. 23 Regulation No. 4/05/2021, non-bank financial institutions are obligated to place their data centre and/or disaster recovery centre within the territory of Indonesia. An exemption of this obligation may only be applicable after obtaining prior approval from the Financial Services Authority (Otoritas Jasa Keuangan, OJK) and only for certain purposes of the electronic system.

Under Arts. 7, 11, 14 and 18 of Bappebti Regulation No. 8/2021, the stakeholders of crypto asset trade (i.e., futures market, futures clearing institution, crypto asset physical trader, and crypto asset depository manager) are obligated to place their disaster recovery centre as well as a server or cloud server within Indonesia. The disaster recovery centre must be located within a maximum distance of 20 km from the main server. A crypto asset is defined as a digital, intangible commodity that utilises cryptography, information technology networks, and distributed ledgers to create new units, verify transactions, and secure them without third-party intervention.

Indonesia has ratified the World Intellectual Property Organization (WIPO) Copyright Treaty.

Indonesia has ratified the World Intellectual Property Organization (WIPO) Performances and Phonograms Treaty.

Government Regulation No. 71/2019 mandates that providers of bespoke software must either provide or escrow the source code associated with their services. This requirement has been in effect since the introduction of Government Regulation No. 82/2012, which was later replaced by Regulation No. 71/2019.

The Ministry of Industry Regulation No. 02/M-IND/PER/1/2014, issued on 13 January 2014, replaced Regulation No. 15/M-IND/PER/2/2011 and introduced restrictions on public procurement to promote the use of domestic products. The regulation establishes a framework for categorising public goods and services based on the Domestic Component Level (TKDN) and the Company Utilization Point Rating (BMP), which evaluates suppliers' investments in Indonesia. The BMP considers factors such as support for micro and small enterprises, compliance with work, health, and environmental safety standards, and possession of a quality management certificate (Art. 1(8) of the regulation).
According to Art. 6, goods are classified into three categories based on the cumulative scores of TKDN and BMP:
- Obligatory Goods: These must have a cumulative score of over 40%, including at least 25% of TKDN.
- Maximised Goods: These must have a cumulative score of over 40%, including at least 15% of TKDN.
- Empowered Goods: These must achieve a TKDN score of at least 10%.

Law of the Republic of Indonesia No. 30 of 2000 on Trade Secrets provides a framework for effective protection of trade secrets. According to Art. 1 of the law, trade Secrets are legally defined as information in the field of technology and/or business that is not known by the public and has economic value as it is useful in business activities, and the confidentiality of which is maintained by its owner. Any person who deliberately and without rights uses the Trade Secret of another party or conducts any acts as referred to in Arts. 13 and 14 shall be sentenced to imprisonment of at most two years and a fine.
However, it is reported that it is necessary to prove that the suspected party has unlawfully obtained the trade secret. Proving this may be difficult as the litigation procedure is not equipped with a discovery procedure to uncover relevant evidence of the suspected party. It may help if the trade secret holder can prove that the local company had some form of relationship previously with it or was previously given access to the trade secret.

Art. 67 of Presidential Regulation No. 16/2018 provides that a price preference applies to goods procurement with a maximum of 25%. For construction works under the international tender selection method, the price preference is given to a maximum of 7.5% to national business entities above the lowest bid price of foreign business entities. The price preference applies to procurement having a value of more than Rp one billion (approx. USD 67,000).

It is reported that there is an obligation for passive infrastructure sharing in Indonesia to deliver telecom services to end users.

The Ministry of Industry Regulation No. 49/2009 requires the use of domestic products and services in 558 sub-sectors for public procurement. The mandate to use domestic products in these sub-sectors applies if there are goods and services with minimum local content requirements ranging from 15% up to 96%. Domestic products and services are defined as goods or services produced or prepared by a company investing and producing in Indonesia, with the possibility to use imported raw materials or components in the production or working process.

According to Presidential Regulation No. 10/2021, the telecommunications sector was liberalised, allowing full foreign ownership of telecommunication service providers and telecommunication towers. However, according to Art. 1.2 and 77 of the State-owned Enterprises Act 19/2003, there is a limit of 49% on the shares that can be acquired by foreign investors in government-controlled firms. This includes foreign participation in state-owned entreprisese (SOEs) in the telecommunication sector, as regulated in Government Regulation No. 15/2013, amended by Government Regulation No. 41/2021.

The Ministry of Communications and Informatics Regulation No. 12/2019, which replaces Regulation No. 41/PER/M.KOMINFO/10/2009 by the Ministry of Communication and Information Technology mandates that Indonesian telecommunication operators allocate at least 50% of their total capital expenditures for network development to locally sourced components or services. The regulation also stipulated that any telecommunication device/material which contains a minimum of 50% local component will be considered to have 100% local component (Art. 6). The regulation also requires companies to report the percentage of local content procured annually and have that information “authenticated” by the government or a survey institute appointed by the government. These requirements have been in place since 2009.

It is reported that the Indonesian Government holds a 52% stake in Telkom Indonesia, the largest telecommunications company in Indonesia. It provides an extensive range of services, including fixed-line and mobile telecommunications, broadband internet, digital television, and IT solutions. As a state-owned enterprise with a majority government stake, Telkom Indonesia operates under the regulatory framework set by the Ministry of Communication and Information Technology (Kominfo).