Hi everyone, [1]Human Rights Watch has sent a letter asking Indonesian government to suspend the enforcement of MR 5/2020, in which the deadline for the PSEs to register with the Ministry would be next Monday, May 24th.To answer your question, Dimi: SAFENet has recommended the Indonesian Parliament to pass the now-stalled Data Privacy Law; although I personally did not see that happening in the current parliamentary term and I am not really sure how even with the legislation's passage we could prevent a mass block of PSEs by the government after next Monday's deadline. I have not seen any digital rights group preparing or planning for an immediate reaction.---[1] dwf² on my personal account here.On Mon, 22 Mar 2021 at 17:28, Dimitar Parvanov Dimitrov <dimitar.parvanov.dimitrov@gmail.com> wrote:Hi David,Thanks for explaining this. I sometimes struggle to filter out the activist noise in EFF articles.As you seem quite knowledgeable with the national situation and the activities of other groups on digital rights, do you have actions in mind that would make sense for us? And how can we, as a global community, help you?In Europe we'd basically analyse the law, draft amendments (if it is "fixable") and reach out to policy makers, other stakeholders plus the media. But not sure what actions could make sense in Indonesia.Cheers,Dimi_______________________________________________На пт, 19.03.2021 г. в 12:06 ч. DW Fisher-Freberg <dwfisherfreberg@gmail.com> написа:Hi Dimitar,Thank you for your reply. Ministerial Regulation No. 5/2020 repealed two existing regulations:
- The Ministerial Regulation on "Supervision of Internet Sites with Negative Contents" (No. 19/2014): primarily oriented towards sites containing contents of child pornography, incitement of violence, and two vaguely-worded standings: "ethnicity, religion, race, and other groups" and "other illegal activities based on the provisions of laws and regulations". It allowed ISPs to block contents on those two sites under two-mechanisms: self-block or using third-party "blocking services".
- The Ministerial Regulation on "Electronic System Operator Registration Procedures" (No. 36/2014): specified what kind of Internet provider that has to register with the government. Under this one, it was mandatory to register for "providers of Internet services for public necessities" (which covered government agencies, state-owned corporations, and courts), but it was optional for those not providing Internet services for public necessities, which are the commercial, non-profit, and/or UGC Internet enterprises. There was no specified mechanism for IP unmasking or any other form of online identity unmasking in this regulation. Therefore, Wikimedia project sites were never subject to any kind of registration to the government under this regulation
MR No. 5/2020 expanded the mandatory registration for all providers of Internet services and enterprises (public or private, providing services for public necessities or not, registered in Indonesia or in abroad, UGC or not) with the government, and introduced a whole new set of mechanism that would inevitably force them to share the online identity of their users upon request of the government, law enforcement agencies, and/or the court without having to establish any form of reasonable suspicion. No court order is needed for the request to be executed, nor any form of appeal are provided to challenge the legality of such request. There is no reason why the government includes UGC sites, either. Reasons to request an unmasking of users identity including terrorism, child pornography, gambling, and two vaguely-worded reasons: "content which is prohibited under its authority" and "content that disrupts public order".There is no explicit threat of criminal or civil punishment if a PSE under MR 5/2020 refuses to register; but refusal to cooperate with the government, law enforcement agencies, and/or the court upon a request of user identity unmasking may subject to written warning, temporary or permanent block of access to the site, de-registration of the PSE, and up 2 to 5 years of imprisonment.I could imagine a request to unmask the identity of a registered user at a Wikimedia project which had contributed or edited an article that was viewed as contrary to the government's official narrative of an event or subject to increasing public controversy. Such requests would inevitably go to the CheckUser, which is subject to the said penalties if they refuse to cooperate. That being said, the Indonesian affiliate of Wikimedia and sysops of Indonesia's Wikimedia projects are the ones with the greatest exposure to criminal charges under this regulation; adding more burden to their already vulnerable positions due to an incident that happened as recently as June 2020, when users and sysops of Indonesian Wikipedia are doxxed and cyber attacked for historical articles that do not present the government-friendly narrative [id].On the question of what event triggered MR No. 5/2020: a combination of political and security situation, social situation, and other issues; as well the increasingly illiberal and anti-open Internet digital policies [pdf] of the current administration. For better understanding, please find SAFEnet's full report on the state of digital rights in Indonesia here._______________________________________________On Fri, Mar 19, 2021 at 12:51 PM Dimitar Parvanov Dimitrov <dimitar.parvanov.dimitrov@gmail.com> wrote:Hi David,Thank you for reaching out to the list and I hope we can help. I definitely think we should put our heads together on this!One thing that I am struggling to understand is the following: "unmask IP addresses of websites that are user-generated". What is the current system? Who and under which circumstances can unmask IP addresses right now? Why would it in this case only target user-generated sites and not all sites hosting (allegedly) illegal activities?Generally there are two strategies: Either you try to stop the entire law/paragraph or to get an exception for what you care. Stopping a paragraph could also mean replacing it with something else.Has there been some concrete event that triggered the Ministry to move in this direction?Thank you again and sorry for asking more questions right now than I have answers for you!Cheers,Dimi_______________________________________________На сб, 13.03.2021 г. в 4:52 ч. DW Fisher-Freberg <dwfisherfreberg@gmail.com> написа:_______________________________________________Hello everyone,In November 2020, Indonesian Ministry of ICT passed a new regulation (Permenkominfo 5/2020) on "Private Electronic System''. Among others, the regulation would allow the government to force ISPs and basically any web operator to unmask IP addresses of websites that are user-generated for a very broad set of reasons, including but not limited to "inflammatory contents" and "public disorder". The Electronic Frontier Foundation has discussed this new regulation at length here.At Indonesian Wikipedia village pump, we concluded that this regulation will invariably make Wikimedia projects and affiliates in Indonesia subject to it. We are very concerned about the possibility of a broad interpretation of this regulation by the government and its effect on Wikimedia projects here, especially observing the increasingly illiberal attitude of the current government on Internet and data policy.We would very much welcome suggestions, warning tales, and/or practical experiences that we could learn in anticipating this regulation's incoming enforcement.Best,
Publicpolicy mailing list
Publicpolicy@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/publicpolicy
Publicpolicy mailing list
Publicpolicy@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/publicpolicy
Publicpolicy mailing list
Publicpolicy@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/publicpolicy
Publicpolicy mailing list
Publicpolicy@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/publicpolicy
--Ramzy Muliawan Q106762396Pekanbaru, Riau, Indonesia