Good for Indonesia
How they are implementing it is interesting but immaterial.
The key is that Indonesia required foreign companies deemed “Private Electronic System Providers” must register. The registration requires a self-assessed (non-audited) certification that "they've complied with local security and privacy requirements."
That's it. Foreign companies that ignored it are being punished - as they should be. From another article, it appears Google and Amazon requested an extension before the deadline and that's why they weren't on the list.