Internet & Online Safety · Indonesia
Online safety & content laws in Indonesia (2026)
Indonesia shaded by its internet & online safety status
Indonesia has an extensive, in-force online-content and safety regime built on the ITE Law, the MR5/2020 intermediary-liability/registration rules, and the 2025 'PP Tunas' child-protection regulation. Platforms ('Private Electronic System Operators') must register with Komdigi, take down 'prohibited' or 'negative' content within 4-24 hours, and now verify users' ages and restrict under-16s on high-risk platforms. The framework is comprehensive but heavily criticized as repressive, pairing broad takedown/blocking powers and criminal-defamation provisions with frequent state blocking of sites and apps.
Key points
MoCI Regulation 5/2020 requires all private electronic system operators (social media, search, marketplaces, messaging) accessible in Indonesia to register with Komdigi or face blocking, accept content-removal obligations on tight timeframes (within 24 hours generally, 4 hours for 'urgent' content), appoint local contacts, and provide authorities access to systems/user data.
The Electronic Information and Transactions Law (Law 11/2008), most recently amended by Law 1/2024, criminalizes online defamation (Art. 27A, up to 2 years), hoaxes, and immoral/hate content, and empowers the government to order operators to adjust systems or terminate access; critics say it chills online expression.
Government Regulation 17/2025 ('PP Tunas'), effective from late March 2026 with technical rules in Komdigi Reg. 9/2026, requires age-inferential verification, parental consent for under-17s, and bars under-16s from high-risk platforms (TikTok, Instagram, Facebook, YouTube, X, Roblox, etc.); Indonesia is the second country after Australia to defer child platform access.
Komdigi routinely blocks 'negative content' (pornography, gambling, hate, disinformation) and unregistered services; recent examples include blocking Internet Archive/Wayback Machine (May 2025) and Wikimedia's login domain (Feb-Apr 2026) for non-registration.
Indonesia has previously imposed regional internet shutdowns (notably Papua/West Papua during 2019 unrest) to curb 'provocative' content; authorities retain broad powers to throttle or cut access, drawing criticism from rights groups.
Civil-society and international bodies (Access Now, Article 19, EFF, ICJ) argue MR5 and the ITE Law grant disproportionate, opaque takedown/blocking powers without judicial oversight or adequate appeals, risking arbitrary censorship and curtailing freedom of expression.
Timeline - major decisions & events
Indonesia began enforcing GR 17/2025's tiered age limits, barring under-16s from high-risk digital platforms and requiring age verification and parental consent; regulators noted few platforms were fully compliant at the start. It marks Indonesia's first hard rollout of child-specific online access controls.
Jakarta Globe ↗President Prabowo Subianto signed GR 17/2025, imposing duties on electronic system operators to protect minors via risk-based age tiers (16 for high-risk, 13 for lower-risk services), age verification, abuse reporting, and data-protection safeguards. It is Indonesia's first dedicated online child-safety framework.
SSEK Law Firm ↗The second revision of the 2008 Electronic Information and Transactions Law added child-safety obligations for platforms, localized electronic certification providers, and refined controversial defamation/prohibited-content provisions. It reshaped the core statute governing online speech and electronic systems.
Baker McKenzie ↗After the Ministry of Trade issued Reg 31/2023 (26 Sept) banning direct transactions on social media platforms, TikTok closed its in-app Shop on 4 October, forcing a split of social media from e-commerce. The move set a precedent for regulating social-commerce and platform conduct.
KrASIA ↗Indonesia's first comprehensive data-protection statute, modeled on the EU GDPR, established data-subject rights, controller/processor duties, and a two-year compliance window. It underpins privacy enforcement for online platforms handling Indonesian users' data.
Library of Congress ↗After a 20 July deadline under MR5, the Ministry blocked access to seven major unregistered private electronic system operators, triggering public backlash and a temporary PayPal reprieve. It demonstrated the enforcement teeth of Indonesia's platform-registration regime.
Digital Policy Alert ↗MR5 required all private platforms accessible in Indonesia to register, appoint local representatives, and remove 'prohibited' content within 4–24 hours, with government access to systems and data. It became the central content-moderation and platform-control instrument, widely criticized by rights groups.
ARTICLE 19 ↗GR 71 replaced GR 82/2012, classifying public vs private operators, relaxing data localization for private ESOs while mandating it for public ones, and adding registration, content-prohibition and data-erasure rules. It is the foundational implementing regulation for online services.
Global Compliance News ↗The Ministry ordered ISPs to block Telegram domains, citing channels promoting radicalism and bomb-making after repeated unanswered takedown requests; the block was lifted once Telegram agreed to filter content and cooperate. It was a landmark assertion of state power over messaging platforms.
Al Jazeera ↗The amendment introduced electronic system providers, a 'right to be forgotten,' government powers to terminate access to illegal content, and revised defamation/interception penalties following a Constitutional Court ruling. It expanded the state's content-removal authority over online platforms.
Library of Congress ↗Indonesia's foundational cyber law criminalized defamation, hate speech, indecency and other 'prohibited content' online and recognized electronic information/transactions. It established the legal basis—and the long-running free-expression controversies—for regulating online content.
DLA Piper ↗Indonesia - other topics
Last verified 5/23/2026 · Orientation, not legal advice - verify against the primary sources linked above. Explore the full world map →