Sep

07

Electronic System Provider (PSE) Registration Provisions in Indonesia

The blocking of Private Scope Electronic System Operators ("PSE") that missed the Ministry of Communication and Information's ("Kominfo") notice of the registration deadline resulted in several PSE's being blocked, including PayPal, on July 30th, 2022. As a result, the policy has sparked public outcry. In response, Kominfo announced a new approach to temporarily open the PayPal website and expects consumers who utilize PayPal services will be able to transfer deposited money elsewhere.

As regulated by Indonesian Government Regulation No.71 of 2019 concerning the Implementation of Electronic Systems and Transactions ("GR 71/2019"), Kominfo provides facilities for Private Scope PSEs with Risk-Based Licensing via the Online Single Submission (OSS RBA) system in collaboration with the Ministry of Investment/BKPM, as regulated by Regulation of the Minister of Communication and Information Technology No.5 of 2020 ("MoCITR 5/2020") in conjunction with Regulation of the Minister of Communication and Information Technology No. 10 of 2021 on the Amendment to the Regulation of the Minister of Communication and Information Technology No. 5 of 2020 concerning Private Scope Electronic System Operators ("MoCITR 10/2021"). Furthermore, in MoCITR 10/2021, the Implementation of Private Scope PSE Registration shall be carried out since the implementation of Risk-Based Business Licensing through the OSS system is effective, as evidenced by a registration certificate.

In accordance with MoCITR 5/2020 and MoCITR 10/2021, administrative sanctions will be imposed. Further administrative sanctions, such as a written warning, temporary suspension, and access blocking must also be considered for Private Scope PSEs who already have a registration certificate but do not report changes to registration information. However, if the Private Scope PSE has fulfilled the registration criteria, the access will be restored.

So, what are the PSE Private Scope criteria required to be registered? Under the regulation in Indonesia of MoCITR 5/2020 in conjunction with MoCITR 10/2021, Private Scope PSE is defined as implementing an "Electronic System" by people, business entities and the public. Furthermore, Electronic System is defined as a series of electronic devices and procedures that function to prepare, collect, process, analyze, store, display, announce, transmit, and/or disseminate Electronic Information. Moreover, the private sector PSEs that are required to register are:

  1. An Electronic System Provider that is regulated or supervised by the Ministry or Agency based on the provisions of laws and regulations; and/or
  2. An Electronic System Provider that has online portals, sites or apps through the internet used for:
    1. providing, managing, and/or operating the offer and/or trade of goods and/or services;
    2. providing, managing, and/or operating financial transaction services;
    3. delivering paid digital material or content through a data network either by downloading through a portal or website, delivery through electronic mail, or through other apps to the Subscriber's device;
    4. providing, managing, and/or operating communication services, including but not limited to, short messages, voice calls, video calls, electronic mail, and online conversations in the form of digital platforms, networking services and social media;
    5. search engine services, services for providing electronic information in the form of text, sound, image, animation, music, video, film and game or a combination of and/or all of them; and/or
    6. processing private data for public service operational activities related to electronic transaction activities.

If you, a prospective client, have further inquiries regarding this matter, Schinder Law Firm is one of many corporate law firms in Indonesia that has handled a lot of licensing matters, with many experienced and professional civil lawyers and dispute lawyers in its arsenal, making it one of the top consulting firms in Indonesia. Feel free to contact us at info@schinderlawfrim.com for further consultation.

Author: Dewi Susanti

Let Us Be Your Guide.
Our thorough understanding of local culture
ensures that your business will be in compliance
with all laws and regulations and receive
a warm welcome in the community.

Dear valued Visitor,

Data is a valuable currency in this new world. In the midst of digital transformation, the Indonesian government has taken the final decision to pass the Pelindungan Data Pribadi (PDP) Bill by September 2022. The PDP Law applies to all businesses established in Indonesia and puts the consumer in control. The task of complying with this regulation falls upon businesses.

The PDP Law affects a variety of business operations, including how your sales team prospect and how marketing initiatives are managed. Businesses have had to reassess their business procedures, applications, and forms. Additionally, all businesses that work with personal data should designate a Data Protection Officer (DPO) or data controller to oversee PDP compliance.

In line with this spirit, it gives us great pleasure to announce and share with all our esteemed clients and business associates that Schinder Law Firm is prepared to assist your company to understand the impacts of the Personal Data Protection Law (PDPL) and take the required measures to comply with the law. Our Privacy, Data Protection, and Cybersecurity practice group is a pioneer in providing data privacy law services in Indonesia. Personal data protection services include but are not limited to:

  • Assessing the existing systems, processes, and controls, etc.
  • Providing provide gap assessment on the existing systems, processes, and controls, etc.
  • Developing and ensuring contracts and agreements comply with the PDP Law
  • Developing policies, best practices, and procedures
  • Advising on the security of personal data and managing data breaches
  • Acting as the Data Protection Officer (DPO) and advising upon the appointment, role, and responsibilities of a data protection officer
  • Advising on cross-border transfers of personal data
  • Carrying out data protection impact assessments and data protection audits
  • Recommending other necessary corrective actions in order to comply with the PDP Law
  • Training on the PDP Law tailored to clients’ businesses

We look forward to many more opportunities in the year ahead with your continued support and trust. For consultation, please send us a WhatsApp or Email.

Warmest regards,
Naz Schinder
Managing Partner

Keep Up with the New Law in Indonesia: Personal Data Protection

  • Assessing the existing systems, processes and controls, etc.
  • Providing provide gap assessment on the existing systems, processes and controls, etc.
  • Developing and ensuring contracts and agreements comply with the PDPL.
  • Developing policies, best practices and procedures.
  • Advising on security of personal data and managing data breaches.
  • Acting as the Data Protection Officer (DPO) and advising upon the appointment, role and responsibilities of a data protection officer.
  • Advising on cross-border transfers of personal data.
  • Carrying out data protection impact assessments and data protection audits.
  • Recommending other necessary corrective actions in order to comply with the PDPL.
  • Training on the PDPL tailored to clients’ businesses.
Privacy, Data Protection and Cyber Security
We help our clients to understand the impact of the Personal Data Protection Law (PDPL) on their companies and take the required measures to comply with the law.