Electronic Signature Laws & Regulations - Indonesia

Overview

The use of e-signatures is widespread in Indonesia and the introduction of the Indonesian E-signature Regulations (defined below) indicates that the government is supporting and promoting their use.

Electronic and certificate-based digital signatures in Indonesia are governed by the follow E-Signature Laws (collectively, the “E-signature Regulations):  

  • Law 11 of 2008 on Electronic Information and Transactions, amended by Law 19 of 2016;
  • Government Regulation 71 of 2019 on the Application of Electronic Systems and Transactions (GR 71/2019);
  • Minister of Communications and Informatics (MoCI) Regulation No. 11 of 2018 on Administration of Electronic Certification (“MoCI Regulation 11 of 2018”).

Indonesia’s E-signature Regulations acknowledge two types of e-signatures that are legal, admissible and enforceable in Indonesia:

  1. Certified e-signatures, commonly known as digital signatures. These are evidenced by a digital certificate, issued by a digital certificate provider registered with the MoCI.
  2. Uncertified e-signatures (electronic signature). An uncertified e-signature does not involve a registered digital certificate provider. It may simply consist of a digitized version of a hand-written signature.

Under the E-signature Regulations, both electronic and digital signatures have the same level of enforceability and admissibility as a “wet” signature if they meet the following requirements for validity:

  1. the data that is the basis of the E-signature is associated only with the signer;
  2. the data that is the basis of the E-signature at the time of the electronic signing process must be controlled solely by the signer;
  3. any alteration to the E-signature that occurs after the time of the signing is traceable;
  4. any alteration to the electronic information associated with the E-signature after the time of the signing is traceable;
  5. certain methods are adopted to identify the signer; and
  6. certain methods are adopted to demonstrate that the signer has given his or her consent to the electronic information associated with the electronic signature.

The E-signature Regulations do not precisely stipulate what constitutes "certain methods" in requirements 5 and 6, but in practice the term is interpreted to refer to encryption technology. Additionally, the E-signature Regulations do not specify any particular documents that can only be signed using a digital signature; both electronic and digital signatures are legal, admissible and enforceable in Indonesia. However, the evidentiary value of electronic and digital signatures is different in court. The value of an electronic signature is relatively weak in comparison to a digital signature because it can be argued that it is more easily altered or forged. A digital signature issued by a registered digital certificate provider is stronger evidence that the document was executed by the relevant signer.

As discussed above, a digital signature is evidenced by a digital certificate which must be issued by a digital certificate provider registered with the Minister of Communications and Informatics (MoCI). The list of electronic service providers acknowledged in Indonesia can be found at https://psre.rootca.or.id and currently includes the following six providers:

  1. PT Privy Identitas Digital (certified);
  2. Perusahaan Umum Percetakan Uang Republik Indonesia (certified);
  3. PT. Indonesia Digital Identity (certified);
  4. PT. Solusi Net Internusa (certified);
  5. Badan Pengkajian dan Penerapan Teknologi (registered); and
  6. Balai Sertifikasi Elektronik Badan Siber dan Sandi Negara (registered).

The list of electronic service providers acknowledged in Indonesia can be found here: https://tte.kominfo.go.id/listPSrE/_

There are three types of electronic certification providers in Indonesia: (i) registered; (ii) certified and (iii) main. The type of providers is tiered with ‘main’ being regarded as the highest standard and ‘registered’ as the lowest. Accordingly, the three types of electronic certification providers are subject to different requirements to register with MoCI. The E-signature Regulations provide that an electronic service provider that provides ‘public services’ must use digital certificates that are issued by either (ii) a certified electronic certification provider; or (iii) a main electronic certification provider.  


Special considerations

In Indonesia, if the data associated with a person’s e-signature – cloud-based or otherwise – is considered personal data, it may be subject to certain procedures, reporting obligations and data localization requirements. Unlike the previous regulation, GR 71/2019 relaxes the obligation to have a data centre and a data recovery centre located in Indonesia and stipulates that this requirement only applies to public sector electronic service providers.  

Transacting with Public Sector Entities

There are no special requirements or restrictions for using e-signatures with government entities in Indonesia and the use of e-signatures (and their acceptance as valid signatures) depends mainly on the policies and practices of individual ministerial departments and government institutions. One notable use case is that of the business licensing regime in Indonesia which has shifted to the Online Single Submission (OSS) system, which issues licenses in electronic form and uses e-signatures.

Use cases that generally require a traditional signature

In Indonesia, there are several use cases that generally require a traditional “wet” signature. There are also instances that require additional consideration when determining if an e-signature is legally compliant, such as when transacting with public sector entities. As the applicability of e-signatures is related to electronic information and/or electronic documents, there are also certain situations in which electronic information and/or electronic documents cannot be signed electronically. These situations include:

  1. Documents that must be executed in written (hard copy) form according to laws and regulations. 
    • Examples of these include, inter alia, commercial papers (e.g. cheque, bank draft, bearer bonds, etc.), and letters which are used in criminal proceedings.
  2. Documents that must be made in notarial deed form or to be prepared by a land deed official (PPAT).

Examples of documents that must be made in notarial deed are as follows:

a. A company’s deed of establishment and articles of association (including amendments);

b. Restatement of the general meeting of shareholders;

c. Acquisition deeds;

d. Fiduciary deeds; and

e. Settlement agreements.

The following legal actions in relation to land must be prepared by a land deed official:

a) Sale and purchase;

b) Land exchange;

c) Grant;

d) Contribution in the form of land to the company;

e) Division of shared rights;

f) Grant of right to build, or right to use, over the right of ownership land;

g) Grant of security right over land; and

h) Power to attorney to establish a security right over land.

Note:

Disclaimer: Information on this page is intended to help businesses understand the legal framework of electronic signatures. However, Adobe cannot provide legal advice. You should consult an attorney regarding your specific legal questions. Laws and regulations change frequently, and this information may not be current or accurate. To the maximum extent permitted by law, Adobe provides this material on an "as-is" basis. Adobe disclaims and makes no representation or warranty of any kind with respect to this material, express, implied or statutory, including representations, guarantees or warranties of merchantability, fitness for a particular purpose, or accuracy.

Adobe logo

Sign in to your account