Indonesia needs to fix ‘authoritarian’ clauses in bill on cyber security before passing it into law

Indonesia needs to fix ‘authoritarian’ clauses in bill on cyber security before passing it into law


Play all audios:

Loading...

Indonesia, a country with the fifth-highest number of internet users in the world, plans to issue its first law on cyber security this month. Currently, Indonesia’s law enforcement


institutions are not equipped with adequate laws and tools to combat cyber threats. A law on cyber security is urgently needed as Indonesia deals with an increasingly high level of cyber


threats. But, before passing the bill into law, legislators must resolve some problematic articles in the legislation. The bill as it stands poses a serious threat to citizens’ freedom of


speech and will create a body that will be above law enforcement institutions. The law will arm the state in the fight against cyber threats. It will appoint the country’s cyber and


encryption agency as the implementing body to coordinate with the armed forces, police, attorney-general’s office, intelligence bodies and other government ministries and institutions. THE


URGENCY Indonesia was home to 150 million internet users in January 2019, a 13% increase in a year. The country’s poor cyber security system renders them prone to cyber attacks. At least


232.45 million cyber-attacks against Indonesia were recorded in 2018, compared to 205 million attacks in 2017. In May 2019 alone, 1.9 million cyber-attacks were recorded. It is estimated


these attacks can cause Rp478.8 trillion (US$33.7 billion) in losses. That’s equal to almost a fifth of Indonesia’s state budget next year. Once the bill is passed, Indonesia will be the


latest Southeast Asian country with a cybersecurity law after Singapore, Thailand and Malaysia. Indonesia urgently needs to pass this bill as the country still does not have a specific law


on cyber security. Indonesia only has two cyber-related regulations: Law on Electronic Information and Transactions and a Government Regulation on the Implementation of Electronic Systems


and Transactions. Neither deals with cyber threats. Therefore, Indonesia’s House of Representative took the initiative and drafted the cybersecurity bill in October 2018 with a target date


of September this year to pass it into law. THE CRITICISM However, many criticise the deliberation process as being rushed. Some fear the dominant role of the implementing body may turn it


into a super agency, placing it above other law enforcement institutions. This is problematic as the agency is not a law enforcement institution. The bill also gives authority to the agency


to determine the scope and advanced procedures in dealing with cases. But it provides no detail on how we can monitor the agency’s work. This creates the potential for abuses of power.


Others think the bill may violate human rights. Under the bill, the government, through the implementing body, can censor content deemed dangerous. But there are no detailed criteria on what


constitutes dangerous content. Critics fear this authority might endanger people’s freedom of speech as the government could use this law to censor content that might threaten the regime’s


interests. POSSIBLE SOLUTIONS Before passing it into law, the legislators must conduct more hearings with related stakeholders to receive more inputs. For example, they should involve human


rights activists to ensure the law protects human rights. In the end, these discussions will help the legislators resolve the challenges presented by the bill in its current form. The


government should also consider preparing supporting regulations to help with implementation of the law. Unless legislators revise the problematic clauses, Indonesia will be protected


against cyber threats, but to the detriment of citizens’ rights.