Information and communication technologies (ICTs) have enabled citizens to gain information quickly and in large quantities, to communicate with their networks through social media, and to convey political opinions freely. Indonesia, the third-largest democracy on earth, has not been an exception to this trend: more than half of its population actively uses social media. With the proliferation of ICTs, many Indonesians hope that the internet will energize their democracy. But the expansion of ICTs has created challenges to protecting digital privacy. Digital records of online behavior can broadcast an individual’s personal information in ways that they cannot anticipate or control, and this can pose a significant threat to democracy if not protected by enforceable privacy norms and legal frameworks.
Indonesia has at least thirty regulations relating to privacy, but the protection these offer is very minimal. The constitution, for example, does not even mention the word privacy. Indonesia’s regulations do not define the governing bodies responsible for authorizing surveillance measures, what constitutes legitimate justifications for surveillance, or the time period during which surveillance is permitted. There is no single authority charged with overseeing surveillance procedures or granting warrants; instead, various agencies can initiate surveillance actions at their own discretion. Under urgent circumstances, the government can even surveil communications without any kind of judicial authorization. Additionally, the patchwork of legislation opaquely allows a broad range of scenarios in which the government can surveil civilians. Indonesia also does not place strict limits on the length of a surveillance period: different authorities can arbitrarily prolong them from thirty days to six months, with the possibility of indefinite further extensions. This fragmented mandate frequently results in the denial of transparency and due process to citizens.
The unchecked surveillance powers of government institutions is exemplified by the weakening of a 2019 amendment to Indonesia’s anti-corruption law. The amendment established a governing board overseeing investigations of graft and mandated that the Corruption Eradication Commission apply for authorization to conduct wiretaps of its targets. Yet, the constitutional court upheld the commission’s right to conduct warrantless surveillance—weakening the amendment. Thus, even a small measure to curb the surveillance powers of a government agency was overruled by another branch of the government.
Indonesia’s lack of a unified framework for legal surveillance virtually ensures that citizens’ digital rights will be violated. And because there is no oversight mechanism for regulating surveillance operations and ensuring they remain within the bounds of the law, the prospects for abuse are heightened.
It is imperative that Indonesia’s authorities work to resolve these ambiguities and implement a precise and robust legal framework for conducting legitimate surveillance. Such legislation should standardize the process for warranted surveillance, regulate which type of data can be collected by the state, restrict the number of parties that can access data collected through surveillance, and limit the usage of intercepted material as evidence in a court of law. Citizens also require remediation options if they feel they have been illegally or arbitrarily surveilled. Without these protections, government surveillance in Indonesia will leave citizens vulnerable to further human rights abuses.