Beruflich Dokumente
Kultur Dokumente
in Prosecuting Cybercrime
Corporate
terrorism Document Money tax
Indonesian General Criminal
Procedural Code & Archives laundering
(Procedural Code/KUHAP) Specific Criminal Procedural Code/
Out of KUHAP
(Specific Procedural Code)
Human Rights protection => due process of law
• Constitution => human rights (art.28 A-28 J)
• Law No.39/1999 concerning Human Rights
– Every person have a right to have a protection of his personal, family, respect,
dignity, and his/her property (Art. 29)
– Freedom and confidentiality in correspondence including a communication by
electronic facilities cannot be interfered, unless based on the court order or any
other legitimate power according to laws and regulations. (Art. 32)
• Law No.48/2009 concerning Judicial Powers
– No one can be arrested, detained, searched, and seized, except based on written
order from legitimate power according to the ways was regulated by laws (Tidak
seorang pun dapat dikenakan penangkapan, penahanan, penggeledahan, dan
penyitaan, kecuali atas perintah tertulis dari kekuasaan yang sah dalam hal dan
menurut cara yang diatur dalam undang-undang. Art. 7)
Notes:
– There is no explicit provision yet, to protect the right against self-incrimination
(such as art.14 point (3)-letter (g) of UN-ICCPR: every one shall be entitled: „not to
be compelled to testify against himself or to confess guilt).
SRO‟s & Commission of
Information & Communication
Conventional Media Freedom Electronic
of
Information
Books Press Freedom of Film Broadcast Telecomm.
(Copyright (40/1999) Public (33/2009) Law (36/1999)
Law 19/2002) Freedom of Information (32/2004)
=> Speech & (14/2008) (Radio &
Literary & Journalism TV)
artistic works
Privacy Internet => ITE (11/2008)
Copyright Press Public Film Broad- Regulation
Council Council Information Censorship casting Telecommunic
Commission Agency Commission ation
(KIP) + (KPI) Commission
Indonesia (BRTI)
Film
Board
ICT/Telematika/Cyberspace = New Media?
Technologies Legislations
• Real-time Telecommunications
Ubiquitous
• Borderless (network & services)
• Anonymity
• Open/unrestricted
• broad penetration INTERNET
• unexpired
• permanent Computer Mass Coms
SRO’s => creating problems for the harmonization powers & process
Why does the Crime happening?
• There is a bad intention of the perpetrator AND/OR There is
an blatantly open chance to do the expected crime …???
– Having a specific law to criminalize or dissuasive the potential
perpetrator
– Is that mostly to the users intention perspective? And How about
from the network or service providers‟ intention perspective?
– How about the bad motivation because of the bad system?
– Bad intention or negligence from the operator, provider, or vendor to
make a big-hole, basically facilitating or stimulating the crimes itself?
– Therefore, instead of the substantive law, in order to have an
accountability or trustworthiness of the system to protect the public
interest, ITE provide also the liability provisions for them => IT
governance + presumed liability
UU-ITE -- ToC
chapter 1 chapter 5 chapter 8
General provisions Electronic Transaction Dispute resolution
chapter 6 chapter 9
chapter 2
Domain Name, IPR’s & Government &
Principles & Purpose
Privacy community role
chapter 10
chapter 3
Electronic Information, chapter 7 Investigation
E-Document & Prohibited
E-Signatures Actions chapter 11
Criminal Sanctions
chapter 4
chapter 12 chapter 13
Electronic System
& Electronic Certification transition Closing
CoC & Indonesia
CoC (definition) Indonesia (ITE, KIP, Tel ++)
Computer system: means any device or a group • Computer device =>. Electronic device
of interconnected or related devices, one or more • Computer network (telecomm network)
• Electronic System (IS/Computer system)
of which, pursuant to a program, performs => including business process +
automatic processing of data; engineering process
Procedures program
bytes
hardware
(PC)
field
Linux / OS
record X/Windows
Article 33
(1) With the permission of the local court chairman in conducting the investigation the
investigator can conduct a search is required.
(2) In the event that the required written behest of investigators, police officers of the
Republic of Indonesia to enter the house.
(3) Every time entering the house must be witnessed by two witnesses about the suspect
or the residents agreed.
(4) whenever entering house must be witnessed by village head or the head of the
environment by two witnesses, in terms of suspects or occupant refuses or is absent.
(5) Within two days after entering and or-searched the house, should be made an official
report submitted to the owners and their derivatives or occupants of the house
concerned.
Search: Art. 34 KUHAP
(1) In the circumstances a very necessary and urgent if the investigators must act
immediately and not likely to get a permit beforehand, without prejudice to the
provisions of Article 33 paragraph (5) the investigator to search:
a. the suspect‟s home page, the suspect resides, dwelling or exist, and things
thereof on it;
b. at any other place that the suspects reside, stay or exist;
c. at the place of the crime committed, or thereof are traces;
d. where the lodging and other public places.
(2) In the event that the investigator perform a search such as referred to in
paragraph (1) investigators are not allowed to inspect or seize letters, books and
other writings are not an object associated with the crime in question, except for
items relating to the crime in question or that allegedly used to commit the
crimes in question and to that end shall immediately report to the chairman of
the local court to obtain approval.
Explanatory:
• "Circumstances that very necessary and urgent" means when in place soon to
worry about escape or to repeat the crime or objects that can be confiscated
immediately feared destroyed or removed while the letter of permission from the
chairman of the county court can not be obtained by appropriate means and in a
short time .
Seizure/Confiscation ( 32-46 KUHAP)
• Article 38
(1) Confiscation can only be carried out by an investigator with a warrant from the
chairman of the local district court.
(2) In a very needy and urgent situation if an investigator has to act immediately and
cannot possibly obtain a warrant first, without mitigating the provision of section (1) the
investigator can only confiscate movables, for which purpose he has to report
immediately to the head of the local district court to get his approval.
• Article 39
(1) Objects which can be subject to confiscation include :
a. goods or claims of the suspect or defendant which all or part have originated from a
criminal act or are the results of a criminal act ;
b. goods which have been used directly for committing a criminal act or for preparing it;
c. goods used to obstruct the investigation of a criminal act;
d. goods especially designed and intended for committing a criminal act;
e. other goods which have direct connections with the criminal act committed.
Confiscation: Art.39-43 KUHAP
Article 39
2) Goods in confiscation because of a civil case or bankruptcy can also
be confiscated in the interest of the investigation, prosecution and trial
of a criminal case, so long as they meet the provision of section (1).
Article 43
• The confiscation of letters or other written materials from those who
are obliged according to law to keep them a secret, so far as they do
not concern state secrets, can only be carried out with their agreement
or by special warrant from the chairman of the local district court
except when the law provides otherwise.
Letters/Correspondence Examination
(intercepted of paper based communication)
• Article 47
(1) Investigators have the right to open, inspect and seize other letters that is sent
through the post and telecommunication office or corporate communications or
transport if the object is suspected with good reason have links with criminal
cases being examined, with special permission (warrant) granted to it from the
head of the district court.
(2) For the sake of the investigators may ask the head of the postal and
telecommunication office, head of corporate communications office or other
transportation to give him the requested letter and for that should be given a
receipt letter.
(3) It referred to in paragraph (1) and paragraph (2) of this article, can be done at all
levels of examination in the judicial process according to the provisions
stipulated in the section.
Explanatory of section (1):
• What is meant by "other letters" are letters that do not directly relate to the
offense will be checked, but reasonable suspected.
Letters/Correspondence Examination
(intercepted of paper based communication)
Article 48
(1) If after the open and examined, it turns out that the letter has nothing to do with the
case which is being checked, the letter attached to the dossier.
(2) If after a review found it had nothing to do with the case is, the letter was closed
neatly and quickly handed back to the postal and telecommunications office or
corporate communications or other transportation after the stamped seal that reads
"has been opened by the investigator" with the stamped date, signature and identity
of the investigators.
(3) Investigators and officials at every level of examination in the judicial process shall
keep confidential earnestly for the strength of the oath of the returned that letter's
contents.
Article 49
(1) Investigators make an official report about the actions referred to in Article 48 and
Article 75.
(2) Derivatives news event by an investigator sent to heads of post and
telecommunications office, the head of the communications „ corporate or the
transportation company concerned.
Investigation
Art. 42 ITE
• The investigation of crime as referred to
this Law shall be carried out pursuant to
the provisions in the Criminal Procedures
Law and this Law
NOTE:
• KUHAP still applied unless ITE‟s provided in detail.
• E.g. article 34 section (1) point (c); and sec. (2) jo. article 33
sec. (5)
– Search & seizure in rush => having court approval after that action.
Art. 43 ITE
(1) In addition to the Investigators from the Police of the Republic of Indonesia,
certain public official investigator (PPNS) within the Government with the scope of
duty and responsibility in the field of information technology and electronic
transaction shall be given a specific authority as an investigators pursuant to the
Criminal Procedures Law to conduct criminal investigation in the field of
information technology and electronic transaction.
(2)Investigation in field of the information technology and the electronic transaction
as referred to Clause (1) conducted by observing the protection for privacy,
confidentiality, continuity of public services, or data integrity pursuant to the
prevailing laws and regulations.
(3)The searching and/or the confiscation of the electronic system presumptively
related to a criminal action are performed with the warrant from the head of
district court.
(4) During the searching and/or the confiscation as referred to Clause (3), the
investigator shall take care of the continuity of public services wellbeing.
Search & Seizure Warrant
• Location of Search
– Residence/dorm
– Business (size or number of employees)
• What to search for
– Equipment (hardware or software)
– Records
• Historical
• Current
– Reference material
• Hacking & phreak instructions
• Carrier related materials
• Bulletin boards
– Other violations
• Credit cards
• Hazardous material
Categorization of Legal
Evidence: Digital Evidence,
Art. 5 UU ITE
e- e- An extension of
existing legal
e- e- evidence
(inferrence)
UU-ITE
KUHAP & Corruption
e- e-
Law
Others evidence
(out of 184 KUHAP)
Legal value of electronic information depends Money Laundering Law,
on the accountability/trustworthy of the Terorism, Narcotics, etc..
electronic system => art. 16 UU ITE
Computer Data • Traffic data
• Content data
Evidence Communication Data
• Subscriber information
Requirements:
e- - accessible
- displayable
“Writings”
UU-ITE copy
} - integrity guarantee
- responsible
- Could be used to
explain certain
“Signed”
“Original”
e- condition
Trustworthy/Accountability
Electronic System Article 15 section (1) & (2)
could be trustworthy, • “Reliable” means that the electronic system has the
only if : capacity suitable to the need of the user.
•“Secured” means that the electronic system is
protected physically and non-physically.
•“Working Properly ” means that the electronic system
has the capacity in accordance with its specification.
Presumed Liability: „Responsible‟ means there is someone to take the
The provider should be legal responsibility of the electronic system.
liable, unless he/she can
proof the mistakes Notes:
actually was not from
In practice, they need support from IT Professional
him/her (force major or
(technical, management & law), to support the
consumers negligence) trustworthy.
How to find the validity ?
incident
investigation
Intermediate:
Confidentiality Integrity Authencity Authorization Non
Repudation
weak X X X X X
Intermediate X
strong
free bindings
Uncertified but the Parties Accepted
accepted
A
Uncertified
e- UU ITE
e-
accepted
Accepted/Admitted
B
Uncertified + Dispute
Burden of Proof:
Uncertified accepted
Showing the system working
properly and no mistakes
e- UU ITE
e- repudiate
Court Order => to examine
whether the information or the
electronic system could be
B
trusted
Certified & Accredited
Certified &
Accredited Admissible
e- UU ITE
e-
Burden of Proof:
Repudiate
There is a forgery or
mistake in the system
Telecom’s company liability
• Law No.36/1999 + Government Regulation 50/2000.
• Telecom’s industry
– Network (operators/carriers)
– Services => multimedia (TCP/IP services) => including NAP &
ISP
• Data Retention of their logs
• Preserved communication data
• Wiretapping => recording based on LEA’s request
• Rendering data (blocking & filtering) …???
• Production order
Case Studies
• Defacing
– Public election 2004 (illegal access & tel. interference) of Telecom Law)
– Golkar
• Illegal Software (copyright)
• Unauthorized breaking the locking software (Copyright)
• Email terror and web-site terror (law terrorism)
• Data Interference (KUHP + ITE)
• Carding (conventional fraud KUHP & online fraud ITE)
• Online Defamation (Prita‟s case)
• Online Porn (ariel, luna & cut tari) => KUHP, ITE & Pornographic Law
• Sisminbakum (illegal public private partnership) => corruption
• Lawful Interception (usage of illegal interception & publish to the media)
=> unsolved …???
• Spamming => Civil cases based on ITE or Civil Code)
Prita Bibit Chandra Ariel, Luna & Tari
Fact • statement injuring • Constitutional Review of • privacy stolen data (sexual
reputation by accusing Corruption Law affairs) upload to the
explicitly the name of • the illegal interception internet by anonyms and
doctor and their hospital send exclusively to some broadcasters make the
as a con big media & the transcript public searching and
• Prosecutor detained published before the case copying from internet
her • un-proportionally played (stimulating internet traffic).
Issues Defamation/harrasment • illegal interception • pornographic materials
statement) • blackmail vs bribery • Privacy
Crime
Indonesian’s national interest: including but not limited to anything that injuring indonesian
economic interest, strategics data protection, national security, national sovereignty , citizen, and
Indonesia‟s corporation. 46
Principles & Purposes
Pasal 3 Pasal 4
• Legal Certainty The utilization of information technology and
(kepastian hukum), electronic transaction shall be aimed:
• Utility (manfaat), a. to enhance the intellectual of our the nation as a
• Prudential (kehati- part of world information society;
hatian), b. to develop national trade and economy in order to
• Good-faith (iktikad baik), improve social welfare;
dan c. to improve the effectiveness and the efficiency of
• Neutral technology public service;
d. to create opportunity for everyone as widely as
possible to expand idea and capability in the use
and utilization of information technology in an
optimal and responsible means; and
e. to create the sense of safety, justice and legal
certainty for the users and information technology
organizers.
APPENDIX - 2
Prohibited Actions
• Computer as a tool for Abuse:
– Distribution of Illegal/harmful Content
• Indecent, gambling, defamation/humiliation, cyber-stalking
– offences related to copyright
– computer related fraud & forgery
• Computer as a target
– Akses tanpa hak dan/atau melawan hukum (Illegal Access)
– Intersepsi tanpa hak (Illegal Interception)
– Gangguan/Pengrusakan Data (Data Interference)
– Gangguan Pengrusakan Sistem (System Interference)
– Penyalahgunaan Perangkat (Misuse of Device)
Content Related Offence =>
Distribusi Konten Illegal (1)
prohibited actions Pidana
Art. 27
• every person (pribadi, kelompok/bdn hk) art 45 section (1) – (3)
• committed intentionally & without right
• distributing and/or transmitting and/or imprisonment max 6 years and/or
making available (to public) penalty max 1 milion
• electronic information and/or electronic
document, which having a content of:
– indecency (section 1)
– gambling (section 2)
– defamation (section 3)
– blackmail/harrasment (section 4)
50
Off-line & Online Defamation
315 310 311
Article 29
Article 45 Section (3)
• Any Person
• who knowingly and without sentenced to imprisonment not
authority exceeding 12 (twelve) years
• sends Electronic Information and/or a fine not exceeding
and/or Electronic Records Rp2,000,000,000
• that contain violence threats or (two billion rupiah).
scares
• aimed personally.
53
Illegal Access (Akses Ilegal)
Prohibited Actions Penal
Article 30 Article 46
Section (1)
• Any Person
• who knowingly and without authority or 1.Max. 6 years &/ fine 600 Million
unlawfully 2.Max. 7 years &/ fine 700 Million
• accesses Computers and/or Electronic
Systems 3.Max. 8 years &/ fine 800 Million
• of other Persons in
• any manner whatsoever. (e.g. scannig)
Elucidation of Article 30 Section (3):
Section (2)
• with the intent to obtain Electronic Security systems are systems that restrict
Information and/or Electronic Records. access to computers or prohibit access
Section (3) to computers by category or
• by breaching, hacking into, trespassing classification of users and specified
into, or breaking through security levels of the authority.
systems.
Hacking, cracking, etc
54
Illegal Interception E.g. Sniffing, wiretapping, etc
Article 32
Section (1) Article 48
• Any Person
• who knowingly and without authority or unlawfully 1. Max. 8 years and/or fine 2 Billion
• in any manner whatsoever
• alters, adds, reduces, transmits, tampers with, deletes,
2. Max. 9 years and/or fine 3 Billion
moves, hides Electronic Information and/or Electronic 3. Max. 10 years and/or fine 5 Billion
Records
• of other Persons or of the public.
Section (2)
• moves or transfers Electronic Information and/or
Electronic Records to Electronic Systems of
unauthorized Persons. (Third Party/External)
Section (3)
• Acts as intended by section (1) shall be acts that result
in any confidential Electronic Information and/or
Electronic Record being compromised such that the
data becomes accessible to the public in its entirety in
an improper manner.
Article 33
• Any Person Article 49
• who knowingly and without sentenced to imprisonment not
authority or unlawfully exceeding 10 (ten) years
• commits any act and/or a fine not exceeding
• resulting in faults on Rp10,000,000,000
Electronic Systems and/or (ten billion rupiah).
resulting in Electronic
Systems working improperly.
Article 37
Any Person who knowingly Mutatis Mutandis
To Previous Articles
commits prohibited acts as
intended by Article 27 through
Article 36 outside the territory of
Indonesia towards Electronic
Systems residing within
jurisdiction of Indonesia.
60
Added Punishment (ps.52)
Article 27 Section (1)
– involving propriety or sexual exploitation of children
• subject to an increase in the sentence by one third of the basic sentence.
Article 30-37
– aimed at Computers and/or Electronic Systems as well as Electronic Information
and/or Electronic Records of the Government and/or used for public services
• sentenced to the basic sentence plus one third.
– aimed at Computers and/or Electronic Systems as well as Electronic Information
and/or Electronic Records of the Government and/or strategic bodies including and
not limited to defense institutions, the central bank, banking, finance, international
institutions, aviation authority
• subject to a sentence of maximally the basic sentence for the respective Articles plus
two-thirds.
Article 30-37
– committed by corporations
• sentenced to the basic sentence plus two-thirds.
61
APPENDIX - 3
Comparison of Procedural Law
Common Law Civil/continental Law Indonesian Law
•Trial by the jury •Trial by the judges •Trial by the judges
•
•Passive judges •Active judges •Active judges
•Burden of proof to the •Prosecutor •Prosecutor
prosecutor