INTRODUCTION

The legal landscape in Indonesia has undergone a significant transformation with the enactment of the Second Amendment of the Information and Electronic Transactions (IET) Law, officiated as Law Number 1 of 2024 (“IET Law 1/2024”). This amendment, signed into law by President Joko Widodo on January 2, 2024, marks a shift in the regulatory framework governing electronic information and transactions. It revises and supersedes provisions from the initial Law Number 11 of 2008 and its subsequent amendment, Law Number 19 of 2016.

Central to this legislative reform are the adjustments to controversial clauses that have persisted through the law's evolution. Notably, the amendment addresses critical areas such as defamation, personal threats, online child protection, and the abolition of foreign electronic certification providers. Furthermore, it introduces stringent measures against the dissemination of false information, incorporating clauses that can impact the usage of social media accounts and other digital assets.

KEY REQUIREMENTS

The Second Amendment of Indonesia's Information and Electronic Transactions (IET) Law, Law Number 1 of 2024, introduces significant revisions and additions to the existing legal framework. These changes reflect a progressive and comprehensive approach to managing electronic system operations and electronic transactions, including criminal regulations.

  1. Defamation and Personal Threats: The amendment provides revision on defamation by effectively compressing Article 27 from four clauses into two clauses. In addition, two extra clauses were added between Articles 27 and 28 to further address defamation and electronic threats, respectively.1 The amendment also eliminates the nature of personal threats, broadening the scope to include all electronic threats and intimidation.2
  2. Child Protection: A new focus on child safety online mandates electronic system providers to offer specific information regarding child users. This includes age limits, verification mechanisms, and reporting mechanisms for violations of children's rights. Non-compliance attracts sanctions, ranging from written warnings to access termination.3
  3. Elimination of Foreign Electronic Certification: This amendment removes the provision for foreign electronic certifications, consolidating electronic certification within Indonesia. It adds new services under electronic certification, such as electronic signatures, time stamps, and digital identity services.4
  4. Misinformation and Hoaxes: The amendment introduces criminal penalties for spreading false information leading to societal unrest.5 It also sets a maximum imprisonment of 6 years and/or a fine of Rp 1 billion for spreading misinformation, causing material loss in electronic transactions, or false information leading to public unrest.6
  5. Governmental Intervention in Electronic Systems: The government can instruct electronic system operators to adjust or take specific actions to promote a fair, accountable, safe, and innovative digital ecosystem—failure to comply results in administrative sanctions.7
  6. Sanction Exceptions: Exceptions to sanctions are specified for offences related to information decency and defamation if actions are in the public interest, for self-defence, or if the electronic information/document is an artistic, cultural, sports, health, or scientific work.8
  7. Electronic Signature and High-Risk Transactions: The amendment imposes a legal entity requirement on electronic certification providers and recognises mutual certification in international agreements.9 The amendment also emphasises the use of digital signatures which will be further secured with an electronic certificate in high-risk transactions.10
  8. Government's Role in Access Termination: The government's role is to protect public interests by terminating access to electronic information/documents that violate legal norms, including pornography and gambling.11
  9. Authority of Investigative Officials: The amendment extends the authority of police investigators and certain government officials in the field of IET to order the temporary closure of social media accounts, bank accounts, electronic money, and digital assets for investigation purposes.12
  10. Additional Provisions for Electronic Contracting and Certification Services: New articles introduce provisions for electronic certification services, protection of children in electronic transactions, application of Indonesian law in standard clause international electronic contracts, and government responsibilities in fostering a fair digital ecosystem.13

These amendments and additions illustrate Indonesia's commitment to adapting its legal system to meet the evolving needs of society and the global legal landscape, particularly in the digital domain.

IMPLICATIONS

  1. Compliance with Enhanced Regulations: Businesses must rigorously adhere to the updated provisions of IET Law 1/2024, particularly regarding electronic threats, defamation, and misinformation. The broadened definitions and increased penalties necessitate a comprehensive review and possible overhaul of digital communication policies. Organisations should implement robust mechanisms for monitoring and managing content to avoid legal repercussions, especially in social media and digital marketing strategies.
  2. Adaptation to Revised Electronic Certification Standards: Organisations must understand the new certification landscape, ensuring all electronic transactions comply with the updated legal framework to avoid disruptions in operations.
  3. Enhanced Child Protection Measures: Companies operating online platforms or services that children may access must implement stringent age verification processes and child safety protocols. Non-compliance with these measures could lead to severe penalties, including access termination. Businesses should invest in technology and training to meet these requirements, prioritising child safety in their digital offerings.

CONSIDER

Businesses and organisations must carefully consider the implications of IET Law 1/2024 on their operations, particularly in digital conduct and compliance. Conducting a thorough legal review of current electronic transaction processes, data handling, and content dissemination practices is essential to ensure alignment with the new legal standards. Given the stringent penalties for misinformation and the focus on child protection, companies should prioritise establishing robust internal policies and training programs.

CONCLUSION

In conclusion, enacting IET Law 1/2024 in Indonesia is pivotal for businesses and organisations, urging them to reassess and fortify their digital practices. Compliance with these new regulations is a legal necessity and a strategic imperative to maintain operational integrity and public trust. As the digital landscape continues to evolve, staying informed and adaptable to legal changes is essential for sustained success and responsible digital citizenship in the modern era.

Footnotes

1. Article 27A and 27B of IET Law 1/2024.

2. Article 29 of IET Law 1/2024.

3. Article 16A of IET Law 1/2024.

4. Article 13 of IET Law 1/2024.

5. Article 28 of IET Law 1/2024.

6. Article 45A of IET Law 1/2024.

7. Article 40A of IET Law 1/2024.

8. Article 45 of IET Law 1/2024.

9. Article 13 of IET Law 1/2024.

10. Article 17 of IET Law 1/2024.

11. Article 40 of IET Law 1/2024.

12. Article 43 of IET Law 1/2024.

13. Article 13A, 16A, 18A, and 40A of IET Law 1/2024.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.