WahyudiDjafar's Blog

law, human rights, internet, and security

Wiretapping practices in ASEAN countries, a brief comparison

intersepsi komunikasUN special rapporteur for freedom of opinion and expression Frank La Rue gave a special attention to the issue of the right to privacy, considering the heights of practices on surveillance and citizens’ private communication interceptions. In his report, La Rue confirmed on the needs for each country to have its own laws, which should clearly describe the conditions that the rights for individual privacy may be limited under certain terms, and measurements on this rights should be taken based on a special decision. This decision should be taken by the state authorities guaranteed by law to perform the act. To compare the practices on wiretapping in South East Asian Countries, Indonesia could take a look at Malaysia and the Philippines. The wiretapping-related regulation in Malaysia is similar to Indonesia, while the Philippines portraits the opposite regulation.

Between the three countries, Indonesia, Malaysia and the Philippines, Indonesia may be said as the most vulnerable in terms of its framework of privacy protection. Before the amendment to Indonesia 1945 Constitution, protection on a person’s private communication in Indonesia was regulated in Chapter XXVIII Penal Code on Official Crime, specifically in Article 430 to 434. Especially with regard to tapping on long distance communication through a device is regulated in Article 433, which prohibits telephone and telegraph tapping illegally. This provision is then reinforced by the enactment of Act No. 36, 1999, on Telecommunication. One of the new things appeared in the Act is related with the prohibition to commit telecommunication wire tapping. In the provisions of Article 40 of Act No. 36, 1999, it is stated that “Every person is prohibited in committing a wire tapping action on information channeled through a telecommunication network in any forms”. It is confirmed in the explanation of the law, that the information is a personal right that must be protected, therefore tapping should be banned. But in terms of law enforcement, specifically for a particular offense with a penalty of imprisonment for more than five years, information tapping as an attempt to uncover crime and to gather evidence may be performed. Telecommunication operator who conduct the tapping rests on a written request of the Attorney General, Chief of Police, or an investigator, for certain offenses as regulated by the law.

Post-amendment of the Constitution, the right to privacy is recognized in Indonesia as one of the citizens’ constitutional rights that must be protected. The protection is asserted in Article 28 G paragraph (1) of 1945 Constitution, which stated among others, that every person has the right for a protection to himself, family, honor, dignity and properties (including personal data). This statement is also affirmed in Article 32 Act No. 39/1999 on Human Rights, which stated, among others, that the freedom and confidentiality of communications through electronic means should not be disturbed except by order of a judge or other authority authorized by law.

Illegal communication interception committed on the internet is also prohibited according to Indonesian laws. The prohibition is asserted in Article 31 paragraph (1) Act No. 11/2008 on Electronic Information and Transactions. In its provisions, it is stated that every person is prohibited in committing interceptions or tapping on information or electronic documents in a computer or other person’s electronic system. Communication interception is only allowed in the context of law enforcement at the request of the police, prosecutors, or other law enforcement agencies. Violation of the provision may be punished with imprisonment for up to 10 years maximum and/or fines up to 800 million rupiah.

However, the absence of a single rule on procedures to interception in Indonesia has created vulnerability against acts of interceptions on citizens’ personal communications, including internet-based communications, such as email, as well as other social media tools. To date, Indonesia has at least twelve laws on regulations of communication interceptions and tapping with different manners. The differences in the regulations of tapping are very clear, for example, between the Anti Terrorism Act, Narcotics Acts, the Law on Corruption Eradication Commission, and the State Intelligence Law. These scattered and fragmented tapping laws in Indonesia has opened a wide gap where practices of interference on citizens’ private communications, including those using the internet.

In addition to this scattered and fragmented tapping laws, another problem has surfaced on the issue protection of privacy in Indonesia that is inadequate protection on citizen’s personal data. Even until now Indonesia has no legislation that specifically ensures the protection of a person’s personal data. Provisions on protection of a person’s personal data specifically in electronic forms is strictly regulated in Article 26 Electronic Information and Transactions Law. In the decree, it is affirmed that one’s personal data transfer should be performed based on the consent of the person concerned, unless otherwise provided by the regulation. But the violation of this provision is not threatened with a punishment; instead the person who committed the violation is given space to do a compensation. The lame regulations on the protection of personal data results in a widespread practices of personal data transfers and leakage in Indonesia, especially for commercial purposes.

Malaysia, until now, has a Constitution that does not firmly grant the right to the protection of privacy for its citizens. While Malaysia Penal Code is limited only in regulating that a person who interferes in other person’s privacy may receive a penalty of fine or imprisonment for up to five years maximum, or both. Like Indonesia, the regulation of communication interception in Malaysia is scattered into several laws. In Malaysia, there is no single rule on tapping, so that there is an open space for interference (interception) against one’s personal communication.

In June 2012, the Malaysian government has passed the Act No. 747/2012 on Security Breach (Special Measures), which gives enormous powers to the security forces and law enforcement agencies to perform communication interceptions, without a proper authorization. Under the terms of this law, prosecutors are given the authority to conduct wiretapping and recording of communications in any forms, which are being sent and received by all types of communication media including the internet. Prosecutors are also equipped with the authority to grant authorization for police officers to carry out similar actions. This Act also provides space for the government to control communications using various electronic means, through a court order.

Besides giving authorization for communication interceptions to prosecutors and the police, Malaysian laws also authorize communication interceptions to several other state institutions. Just like in Indonesia, tremendous authority to conduct wiretaps was given to Malaysian Anti-Corruption Commission, as stipulated in Act No. 575 of 1997 on Anti-Corruption, and the Act No. 694 of 1999 on Malaysian Anti-Corruption Commission. While the prosecutor, in addition to being given substantial powers over Security Breach Act, and is also given the authority to conduct communication tapping through Act No. 365 of 1961 on Kidnapping. Based on this Act as well, Malaysian Ministry of Home Affairs can also perform an act of communication interceptions.

The prosecutors also have the authority to tap communications through Act No. 340 /1988 on Dangerous Drugs, which also provides authority to perform communication interception for National Anti Narcotics and Malaysian Ministry of Home Affairs. Prosecutor’s authority to conduct communication interceptions is also set in Act No. 708/2010 on Strategic Trade. This authority is given whenever the prosecutor is investigating a crime under this Act (trade related crimes). Besides communication interception authority, according to the Strategic Trade Act, the Prosecutor is also given the authority to access the computer data of the party being investigated, access to necessary passwords and all data, including those encrypted.

Communication interception is also arranged specifically in the use of information and communication technologies, as stipulated in Act No. 558/1998 on Communication and Multimedia. However, just as the Laws on Electronic Communication and Transactions in Indonesia, besides providing tremendous authority to perform communication interceptions, especially those which uses computer technology, to the security forces and law enforcement, the law is actually provides a guarantee to Malaysian citizen that they are not being intercepted illegally.

The Philippines have the relatively better regulation on wiretapping to protect the citizens’ human rights from rampant unlawful interception. The 1987 Constitution of the Republic of the mandates the protection of privacy for all Filipinos. Article III (the Bill of Rights), section 2, of the Philippine Constitution says that:

(1) The privacy of communication and correspondence shall be inviolable except upon lawful order of the court, or when public safety or order requires otherwise as prescribed by law. (2) Any evidence obtained in violation of this or the preceding section shall be inadmissible for any purpose in any proceeding.

The constitution is supported by the Republic Act 4200, passed in June 1965, which is known as the Anti-Wire Tapping Law. The law prohibit and penalize wire tapping and other related violations of the privacy of communication and for other purpose. According to the law, all wiretapping mechanism should be done under the approval of the court. The wiretapping that is conducted without the court’s approval could be classified as unlawful acts.

In 2007, the Philippines endorsed the Republic Act Number 9372, which is known as the Human Security Act. In the name of terrorism eradication, the law enforcement agencies are granted with influential power to intercept communications during their investigation. The Human Security Act has contributed to the increasing of the wiretapping practices during the crime’s investigation.

The current situation on wiretapping in Indonesia, regulations on wiretapping are scattered in several laws, conducted differently for each state agency and are contradictory between one and another. The Indonesian Constitutional Court has mandated the state to establish one single regulation on wiretapping to prevent the human rights violations.

The confusing and overlapping regulations have threatened the human rights, especially the freedom of fear and the freedom of privacy. In ASEAN, the war on terrorism has somehow affected the practices of wiretapping and reduced the protection of personal information.

The similar situation is found in Malaysia and Indonesia. The awareness toward the importance of privacy rights has started to emerge, but the two countries are still struggling with creating the single and centered regulation on wiretapping. The Philippines, while it once demonstrated the controlled practice of wiretapping and the protection of privacy rights, shows a growing trend of wiretapping due to the war on terrorism. [ ]

By: Wahyudi Djafar (Researcher at the Institute for Policy Research and Advocacy-ELSAM)

Published by

One response to “Wiretapping practices in ASEAN countries, a brief comparison”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: