Privacy International defends the right to privacy across the world, and fights surveillance and other intrusions into private life by governments and corporations. Read more »


III. Surveillance policies

Communications Surveillance

After the Bali and Jakarta bombing in 2002, the Indonesian government passed an anti-terrorism law.1 Several articles in this law raise concerns from a human rights perspective. For example, Article 26 states that investigations will be based on preliminary evidence to be submitted by the National Intelligence Agency (BIN) without any clear indication of the meaning of the term "preliminary evidence". Therefore, the intelligence agency has very broad authority and a strong legal basis to arrest suspects.2 The lack of a clear definition of "preliminary evidence" increases the likelihood of abuse or arbitrary arrests.

The Telecommunications Act 20093 prohibits the wiretapping of communications except when necessary for obtaining evidence for criminal investigation. Under this Act, the law enforcement agencies such as the Police and Prosecutor are legally allowed to intercept communications. However the Act requires a warrant from the Attorney General and the Chief Police of the Republic of Indonesia to authorize the interception. The warrant must provide all the information relating to the recorded object, total duration of the surveillance period, and period of the reporting. The service provider is not only required to assist the authorities in wiretapping but also obliged to deliver the intercepted information to law enforcement agencies. The service provider must conduct the wiretapping within 24 hours of receiving the warrant.

The Electronic Information and Transaction Law 20084 prohibits the interception of communications except when conducted by law enforcement officers such as police, prosecutors, and other agencies. In addition, article 31(4) provided that further methods of wiretapping and interception could be clarified by a government regulation. However, in the Anggara Case,5 the Constitutional Court annulled Article 31(4), declaring it unconstitutional. The Court ruled that this was contrary to the right to privacy under Article 28 G of the Constitution, and was also a violation of the requirement that any infringement upon human rights be mandated by law, not by subordinate or administrative regulations.

As a result of this annulment, the Ministry of Communication and Information Technology was not allowed to regulate the mechanism of legal wiretapping in the form of government regulation, but was required to submit legislation to do so.

In its verdict, the Court noted that there is no comprehensive law or regulation regarding wiretapping. The rules for communications surveillance are spread throughout several prevailing laws and regulations, with different mechanisms and procedures. For instance, the ITE  Law,  the Telecommunications Law, the Narcotics Law, and the Corruption Law all contain communications surveillance components.  In the judgement the Court reaffirmed two previous cases: KPKPN v KPK6, questioning one specific law on anti-corruption,7 where the court concluded that although privacy rights are derogable rights, to "prevent the abuse of authority through wiretapping and recording, laws and regulations on wiretapping and recording procedures are needed"; and Mulyana v KPK,8 where the courts concluded that human rights limitations by wiretapping have to be regulated by law to prevent human rights violations through the abuse of authority. Furthermore, the court recalled that tapping and recording conversations constitute infringements on human rights,  and therefore such infringements required both legal sanction by authorized individuals and adequate initial evidence.

Despite public opposition, in October 2011 the Parliament approved the National Intelligence Law, which establishes in legislation many of the aspects of surveillance law that gave rise to concerns from the court in the Anggara case. Many articles of the National Intelligence Law are extremely contentious, including those relating to the definition of a threat to the state and the leaking of intelligence secrets, but particularly concerning are the communications surveillance provisions set out in Article 32. The provisions are insufficiently clear and potentially violate the right to privacy, with only some provisions limiting the use of wiretapping and setting standards for intelligence agencies.

In addition to the above named laws, the Pyschotropic Law9 authorises the police to intercept a suspect's telephone conversations or other electronic telecommunications for a period of no longer than 30 days. The Narcotics Law10 allows the National Narcotics Agency to engage in communications interception once enough preliminary evidence has been collected. The maximum period is three months, which may be extended once for another three months. The interception must be authorised by prior written permission from the court. The Commission on Corruption Eradication Law (No. 30/2002) authorises the Corruption Eradication Commission to intercept and record suspects' communications.

Visual Surveillance

Like many other countries, private sector organisations such as banks, shopping centres, and hotels are using CCTV in the name of fighting crime.


The Law No.11/2008 on Information and Electronic Transactions also regulates several issues of cybercrime that arise in the 2001 Council of Europe Convention on Cybercrime, including illegal access, illegal interception, interference with data, devices, and systems, computer-related forgery, and computer-related fraud.11 The Law also sets several procedural requirements, also based on the Convention, such as the authority for law enforcers to intercept electronic systems, the obligation for law enforcers to have permit from the District Court before they arrest or seize suspects and the admission of electronic evidence.  Several other laws relate to cybercrime: (1) Law No. 44, 2008 on Pornography, including child pornography; (2) Law No. 19, 2002 concerning copyright infringement; and the Penal Code, which regulates general criminal law.12

Indonesia is also in the process of ratifying the CoE Cybercrime Convention. The main purposes are: (1) to complete the law of electronic information and transactions; (2) to enhance international cooperation in dealing with cybercrime. The government is now also preparing the draft cybercrime law, which has been listed in the national legislation programme.13 The rate of cybercrime is quite high in Indonesia. Accordingly, a joint programme is in place in which the Australian police provide the Indonesian police with tools and equipment to carry out investigations. The two forces have officially launched a joint Cybercrime Investigation Centre.14 Over the last four years, the arrangement has helped Indonesian police successfully investigate cybercrime and arrest the perpetrators.15


The Communications and Information Technology Ministry blocks access to up to 3,000 pornographic web sites a day,16 as part of their efforts to prevent access to pornography. The police also routinely control public Internet caf s.17