logo-ahplogo-ahplogo-ahplogo-ahp
  • Home
  • Firm
    • About Us
    • Careers
  • Solutions
      • Banking & Finance
      • Capital Markets
      • Competition Law
      • Debt & Corporate Restructuring
      • Dispute Resolution
      • Energy, Oil & Gas
      • Foreign Direct Investment
      • Fraud & Forensics Investigation
      • Intellectual Property
      • Islamic Finance
      • Labor Law
      • Mergers & Acquisitions
      • Projects & Natural Resources
      • Real Estate & Property
      • Shipping & Aviation
      • Tax & Customs Services
      • Telecommunications & Media
  • Members
  • News & Events
    • News & Insights
  • Rajah Tann Asia
✕
            No results See all results

            More Details on the New Electronic Systems and Transactions Regulation

            Following up on our previous alert on the relaxation of data localisation requirement under Government Regulation No. 71 of 2019 on Electronic Systems and Transactions (“Regulation“) (click here to read), below are other key requirements that electronic system operators must comply with, including mandatory registration and obligation to remove prohibited contents from their platform.

            Mandatory Registration

            Unlike previous regulation that only requires mandatory registration for electronic system operators (“operators“) providing public services, under the Regulation, both public and private operators must register themselves to the Ministry of Communications and Informatics (“Ministry“). It is important to note that the latter category of private operators is quite broad and covers foreign operators who use or operate an electronic system within the Indonesian jurisdiction. But the Ministry has verbally confirmed that not all foreign operators are required to register. Mandatory registration only applies to foreign operators with a significant number of customers or which conduct active marketing efforts in Indonesia.

            While registration is free, an operator must also obtain an IT security certificate, e.g. 27001 ISO certificate, ‘KAMI’ Index Ranking (Pemeringkatan Indeks Keamanan Informasi), or a similar certificate. The absence of an IT security certificate would not prevent an operator from registering, but such operator will have to submit a letter to the Ministry stating its commitment to obtain the necessary certificates within one year as of the registration date.

            Registration must be done prior to operating the electronic system. However, for existing operators that are already operating their electronic systems but have yet to register with the Ministry, the Regulation requires them to register themselves within one year as of 10 October 2019. Pending the transfer of the registration to the OSS portal, the registration is still carried out online via the Ministry’s website.

            Removal of Prohibited Contents

            Besides registration, the Regulation requires an operator to ensure that its platform is free from prohibited contents. Under the Regulation, prohibited contents are classified into three major groups:

            1. contents that are prohibited under the prevailing laws and regulations;
            2. contents that are unsettling for the public and disturb the public order; and
            3. contents that allow access to other prohibited contents.

            Under the Regulation, an operator is expressly required to immediately ‘terminate access’ to any prohibited content on its platform upon becoming aware of its existence. ‘Terminate access’ could mean blocking of access, closing of the account that posted the prohibited content and/or removing content (takedown). This removal obligation only applies to operators who provide internet service, telecommunication network or service, content and web hosting service.

            While an operator is responsible to take certain measures against prohibited contents, it is also required to terminate access to prohibited contents if requested by the Ministry. The Ministry could base its request on a report from the public, another ministry and/or institution and law enforcement officers. Until the Ministry issues follow-up implementing regulations, we have to rely on the previous implementing regulations, especially on the timeline for termination of access, where internet service providers are required to block access to websites listed in TRUST+1 within one week or even 24 hours in urgent situations.

            In parallel, adopting the approach from the European Union’s E-Commerce Directive, operators can utilise the safe harbour provision under the new e-commerce regulation (click here to read our alert on the e-commerce regulation, which expressly exempts an operator from legal consequences of disseminating or storing prohibited contents if such operator only acts as a mere conduit).

            Sanctions

            If an operator fails to register or take down the prohibited content, it may be subject to various administrative penalties, ranging from fines to termination of access.

            Although not specifically mentioned in the Regulation, a senior officer of the Ministry has verbally indicated that the amount of fine for failure to terminate access to prohibited contents may be as high as IDR 100 million per each prohibited content that has not been removed from an operator’s platform if an operator has become aware of the existence of the prohibited content or has received a takedown instruction from the Ministry.

            Conclusion

            Through the Regulation, the government has finally laid to rest the debate on registration. Nevertheless, and despite the Ministry’s verbal confirmation, there is still some debate on which foreign operators are subject to this registration requirement. Further, although registration can be done for free, the requirement to obtain an IT security certificate may create a financial burden for small operators.

            Meanwhile, the clarity provided under the Regulation on the responsibility of operators with regards to prohibited contents in their platforms is certainly welcomed.

            As the Regulation does not address the technical aspects of both the registration process and the termination of access to prohibited contents, we expect that the government would issue further implementing regulations in the near future.

            1. TRUST+ is a list maintained by the Ministry of websites containing negative contents.

            ***

            AHP Client Alert is a publication of Assegaf Hamzah & Partners. It brings an overview of selected Indonesian laws and regulations to the attention of clients but is not intended to be viewed or relied upon as legal advice. Clients should seek advice of qualified Indonesian legal practitioners with respect to the precise effect of the laws and regulations referred to in AHP Client Alert. Whilst care has been taken in the preparation of  AHP  Client Alert, no warranty is given as to the accuracy of the information it contains and no liability is accepted for any statement, opinion, error or omission.

            More Articles

            • Managing Greenwashing Risk: A Southeast Asian Lens
              May 31, 2023
            • Resolving Construction Disputes through Dispute Adjudication Boards under Indonesian Law
              May 31, 2023
            • BUMN Omnibus Regulations Highlights Special Assignment and Environmental Social Responsibility Programs
              May 25, 2023
            • Regional Competition Bites Q1 2023
              May 24, 2023
            • How KPPU’S New Guidelines Use Data and Quantitative Approach to Enforce Antitrust Measures
              May 17, 2023
            • Assegaf Hamzah & Partners Takes Top Honours at Three Prestigious Legal Awards
              May 15, 2023
            • Constitutional Court Rulings Illuminate Certain Provisions of the PDP Law
              May 4, 2023
            • New KPPU Case Handling Procedure May Allow Dismissal of Anti-Competition Investigation Based on Change of Behaviour
              April 17, 2023
            • New Regulations Relax Criteria for Foreign-To-Foreign Merger and Charge Filing Fees for Merger Notification
              April 12, 2023
            • OJK Sets New Cyber Security Best Practices for the Banking Industry
              April 6, 2023
            By Practice Area
            • Projects & Energy
            • Technology Media & Telecommunications
            • Intellectual Property
            • Real Property
            • Banking & Finance
            • Capital Markets
            • Competition
            • Mergers & Acquisitions
            • Dispute Resolution
            • Tax and Customs

            Jakarta Office

            Capital Place, Level 36 & 37
            Jalan Jenderal Gatot Subroto Kav. 18
            Jakarta 12710,
            Indonesia

            Phone: +62 21 2555 7800
            Fax: +62 21 2555 7899
            Email: info@ahp.id


            Subcribe

            Surabaya Office

            Pakuwon Center, Superblok Tunjungan City
            Lantai 11, Unit 08
            Jalan Embong Malang No. 1, 3, 5,
            Surabaya 60261
            Indonesia

            Phone: +62 31 5116 4550
            Fax: +62 31 5116 4560
            Assegaf Hamzah & Partners


            © 2001 - 2023 Assegaf Hamzah & Partners. All rights reserved.

            Rajah & Tann Asia is a network of legal practices based in Asia.

            Member firms are independently constituted and regulated in accordance with relevant local legal requirements. Services provided by a member firm are governed by the terms of engagement between the member firm and the client.

            This website is solely intended to provide general information and does not provide any advice or create any relationship, whether legally binding or otherwise. Rajah & Tann Asia and its member firms do not accept and fully disclaim, responsibility for any loss or damage which may result from accessing or relying on this website.