19 Dec 2019
Government Acts to Regulate Booming E-commerce Sector and Foreign Providers Operating in Indonesian Market
A. Introduction
Despite being mandated by Article 66 of the Trade Law,[1] which entered into force on 11 March 2014, a government regulation specifically focused on e-commerce has only recently been issued after having been under discussion since 2015.
The new regulation (Government Regulation No. 80 of 2019 on Electronic Commerce / “GR 80/2019”[2]) entered into force on 25 November 2019. However, a grace period of two years (running to 25 November 2021) is provided to allow existing e-commerce operators to bring themselves into compliance with the legislation’s provisions.
GR 80/2019 comes hard on the heels of the issuance of Government Regulation No. 71 of 2019 (“GR 71/2019,”[3] effective 10 October 2019), which is also of relevance to e-commerce as it regulates electronic systems and transactions in general (for an analysis of GR 71/2019, see our ABNR Legal Update published on 30 October 2019 (click here)).
Overall, GR 80/2019 attempts to provide a comprehensive framework for the regulation of e-commerce, encompassing such aspects as the licensing requirements and procedures applicable to e-commerce providers; obligations related to the provision of e-commerce services; e-commerce implementation, consumer rights, personal-data protection, payment, delivery, advertising, dispute resolution, etc.
As with GR 71/2019, GR 80/2019 incorporates quite detailed provisions on electronic contracts that build on the rather skeletal framework set out in the Electronic Information and Transactions Law (as amended)[4] and its implementing regulations. Given the practical importance of the new rules on electronic contracts in GR 71/2019 and GR 80/2019, we shall analyze them in a separate ABNR Legal Update, while confining our discussion in this update to brief descriptions of other key aspects of GR 80/2019 that directly affect e-commerce operators and consumers.
B. Some Key Definitions in GR 80/2019
Commerce” (Perdagangan) refers to activities related to transactions in goods and / or services, whether on a domestic or cross-border basis, that are conducted for the purpose of transferring title to or ownership of a good and / or service in return for remuneration or compensation (same definition as in the Trade Law).
As regards the scope of a good / service, GR 80/2019 introduces two definitions that are new to Indonesian law and which will be important going ahead for, among other things, the taxing of e-commerce transactions, namely:
Digital good (barang digital): an intangible good that takes the form of electronic or digital information, whether resulting from conversion / transformation or originally in digital format, including but not limited to software, multimedia and / or electronic data;
Digital service (jasa digital): a service that is delivered through the Internet or an electronic network, which is automatic in nature or only involves a limited amount of human intervention, and which cannot be ensured without the use of information technology, including but not limited to software-based services.
E-commerce” (Perdagangan Melalui Sistem Elektronik) is a form of commerce where transactions are conducted using electronic equipment and procedures (same definition as in the Trade Law). Unfortunately, this definition appears rather inadequate as it could conceivably be construed as encompassing, for example, a transaction involving a medical examination or treatment at a doctor's surgery using electronic equipment where the patient is physically present, or the making available of electronic games in a video arcade where the customer is physically present. By contrast, the European Union’s E-commerce Directive[5] explains that e-commerce transactions (which are referred to in the directive as “information society services”) are confined to those that are provided (a) via electronic means; (b) at a distance (which excludes the two examples above); and (c) at the individual request of the service recipient (thereby excluding such things as radio and TV broadcasts).
E-commerce provider” (Pelaku Usaha Perdagangan Melalui Sistem Elektronik) is an individual or undertaking, whether incorporated or unincorporated and whether domestic or non-domestic, that engages in commercial operations in the e-commerce field (“e-commerce provider” is a catch-all term that is used throughout GR 80/2019 for all types of commercial provider of e-commerce services). The Elucidation on Article 5 GR 80/2019 explains that a payment gateway provider is also classified as an e-commerce provider, but is subject to separate regulation “by the relevant authority” (currently Bank Indonesia).
Consumer” is an individual that uses a good and / or service, whether in their own interest or in the interest of a family member, another person or another living creature, for non-commercial purposes.
C. E-commerce Regulatory Scheme
E-commerce providers are differentiated into three classes:
A party that sells a good or service on a temporary basis and for non-commercial purposes is not categorized as a merchant.
The electronic communication facilities may function to provide information, facilitate communication, conduct transactions, facilitate payment (payment system) and/or as part of a delivery system.
An e-commerce provider may be a domestic or non-domestic individual or enterprise.
D. Extraterritoriality
Crucially, GR 90/2019 is of extraterritorial effect thanks to Article 7, which provides that non-domestic e-commerce providers will be deemed to be present physically and to carry on business on a permanent basis in Indonesia (as a permanent or fixed business establishment) if they actively make offers to, or engage in transactions with, consumers who are resident within the territory of Indonesia, provided that certain criteria are satisfied. These criteria focus on transaction volume; transaction value; number of deliveries; and / or total traffic or access. Should a non-domestic e-commerce provider satisfy these criteria, it will be required to appoint a representative in Indonesia to act on its behalf. More detailed provisions on the criteria are to be set out in a ministerial regulation.
E. E-commerce Providers: Requirements & Obligations
E.1. License Requirement
Under Article 15 GR 80/2019, an e-commerce provider is required to obtain a license using the Online Single Submission (OSS) System, save in the case of an intermediary service provider that (a) does not directly benefit from e-commerce transactions; and (b) is not a party to contracts between parties conducting e-commerce transactions. Further provisions on licensing are to be subsequently set out in a ministerial regulation.
E.2. Other Requirements & Obligations
GR 80/2019 also imposes a lengthy list of other requirements and obligations on e-commerce providers. Some of the principal requirements / obligations may be summarized as follows:
G. Liability for Illegal Content
G.1. General Rule of Liability
Article 22 GR 80/2019 makes all e-commerce service providers and intermediary service providers generally liable for the civil and criminal consequences that arise from illegal content, save in circumstances where they take prompt measures to remove or disable such content, or the relevant link, upon becoming aware of it.
G.2. Exemptions from Liability for Intermediary Service Providers
As regards intermediary service providers, GR 80/2019 provides a number of exemptions from liability (“safe harbors”), which for the most part are taken verbatim (as translated) from the European Union’s E-commerce Directive. These exemptions are as follows:
G.3. General Duty to Monitor
Unlike the E-commerce Directive, which expressly prohibits EU member states from imposing a general obligation to monitor content on intermediary service providers, GR 80/2019 does precisely the opposite by requiring such providers to establish a technical content control mechanism and/or a mechanism through which the public can submit reports of or complaints on illegal content. In addition, intermediary service providers are required to impose terms of use or clauses in licensing agreements that require the recipients of services to use them in a legal manner.
H. Consumer Protection
E-commerce providers must protect consumer rights in accordance with Indonesian law, and provide a mechanism for responding to and resolving consumer complaints.
The principal problem with this provision is that Indonesia’s consumer protection legislation has not been updated since 1999 - a time when e-commerce was still in its infancy. To help provide relief for abuses that fall outside the ambit of the existing consumer protection legislation, losses suffered by consumers may be reported directly to the Ministry of Trade. In such circumstances, the e-commerce service provider is required to take action so as to resolve the complaint. Should they fail to do so, they will be placed on a publicly accessible “priority watch list” (daftar prioritas pengawasan) maintained by the Ministry of Trade.
I. Personal Data protection
GR 80/2019 provides tighter protections for personal data than the general protections incorporated in GR 71/2019. For example, Article 59(2)h GR 80/2019 prohibits offshore personal data transfer unless the recipient country or territory has been certified by the Minister of Trade as having at least the same level of personal data protection and standards as Indonesia. Meanwhile, the Elucidation on Article 59(2) states that such standards should have regard to “European data protection standards” (presumably the European Union (EU)’s General Data Protection Regulation / “GDPR”[6]) and / or the APEC Privacy Framework.
J. ABNR Commentary
As GR 80/2019 marks the state’s first foray into e-commerce, it should come as no surprise that it has elicited criticism from some industry participants, particularly micro, small and medium enterprises (MSMEs), which strongly object to what they see as unduly burdensome licensing requirements.
Nevertheless, by contrast with Indonesia’s previous approach to regulating digital businesses, GR 80/2019 (in common with GR 71/2019) adopts a much lighter touch that is in line with the government’s commitment to improving the country’s ease of doing business. On the other hand, however, GR 80/2019 means that Indonesia has now joined a growing list of jurisdictions that have resorted to extraterritoriality to regulate and tax the Indonesian operations of overseas based e-commerce providers.
Overall, we feel that GR 80/2019 is to be cautiously welcomed for the greater legal certainty it provides. Nevertheless, it has to be said that its approach to certain aspects of e-commerce appears quite simplistic, and in some cases already rather outdated. For example, a number of key aspects of GR 80/2019 are clearly influenced by the EU’s E-commerce Directive, which is now 20 years old and looks set to be reviewed in the near future (indeed, the new President of the European Commission, Ursula von der Leyen, has committed to upgrade the EU’s liability and safety rules for digital platforms, safety and products with a new Digital Services Act). In addition, by comparison with the EU’s recently adopted Digital Content Directive,[7] there seem to be some significant areas of concern as regards content that have not been specifically addressed, or have been addressed only superficially, by GR 80/2019.
By Agus Ahadi Deradjat (aderadjat@abnrlaw.com) and Mahiswara Timur (mtimur@abnrlaw.com)
[1] Law No. 7 of 2014 on Trade (Undang-undang No. 7 Tahun 2014 Tentang Perdagangan)
[2] Peraturan Pemerintah No. 80 Tahun 2019 Tentang Perdagangan Melalui Sistem Elektronik
[3] Government Regulation No. 71 of 2019 on Electronic Systems and Transactions (Peraturan Pemerintah No. 71 Tahun 2019 Tentang Penyelenggaraan Sistem dan Transaksi Elektronik)
[4] Law No. 11 of 2008 on Electronic Information and Transactions (Undang-undang No. 11 Tahun 2008 Tentang Informasi dan Transaksi Elektronik)
[5] Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market ( https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32000L0031&from=EN)
[6] EU General Data Protection Regulation (GDPR): Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), OJ 2016 L 119/1.
[1] A set of principles and implementation guidelines that were created in order to establish effective privacy protections that avoid barriers to information flows, and ensure continued trade and economic growth in the Asia Pacific Economic Cooperation region. The APEC Privacy Framework was first adopted in 2005 and was subsequently updated in 2015.
[7] Directive 2019/770 of the European Parliament and of the Council of 20 May 2019 on certain aspects concerning contracts for the supply of digital content and digital services (https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32019L0770)
This ABNR News and its contents are intended solely to provide a general overview, for informational purposes, of selected recent developments in Indonesian law. They do not constitute legal advice and should not be relied upon as such. Accordingly, ABNR accepts no liability of any kind in respect of any statement, opinion, view, error, or omission that may be contained in this legal update. In all circumstances, you are strongly advised to consult a licensed Indonesian legal practitioner before taking any action that could adversely affect your rights and obligations under Indonesian law.