December 28, 2023
JAKARTA – Analysts have criticized new guidelines for the regulation of artificial intelligence (AI) as ineffective and toothless because of their nonbinding nature, and encouraged the government to focus instead on critical infrastructure legislation like the cybersecurity bill.
Other experts, however, have defended the guidelines stipulated in Communications and Information Ministry Circular No. 9/2023 on AI, arguing that they represent a crucial step toward reaching legally binding rules.
Signed on Dec. 19, the circular is addressed to electronic system providers involved in the development of AI technology. Its content closely resembles a draft shared by ministry officials on Nov 27.
The guidelines still emphasize ethical values, such as inclusivity, humanity, security, accessibility, transparency, credibility and accountability.
However, the circular includes a part about intellectual property rights that urges AI developers to adhere to applicable laws in the country to avoid copyright infringements. It also emphasizes the need for developers to protect personal data and consider the impacts of their products on social sustainability and welfare.
In December, the United Nations High-Level Advisory Body on AI released a report titled Governing AI for Humanity which highlights various risks associated with AI technology. Those risks include inaccuracies or confabulations in generative AI, the usage of AI to create deep fakes, disruptions of labor markets as well as the growing implementation of AI-enabled systems in war zones.
The communication ministry’s circular addresses those risks by asserting that any information produced by AI must be deemed trustworthy and accountable before being released to the public.
On top of that, it requires companies using AI to ensure the technology does not become the ultimate decision-maker for any humanity-related issues, and to prevent AI from becoming racist or committing other actions deemed harmful to humanity.
According to Communications and Information Minister Budi Arie Setiadi, the circular is applicable to all digital platforms operating in the country, including major tech companies like Google and Meta.
However, since the letter is not legally binding, any potential law infringement would still be subject to prevailing regulations, such as the Personal Data Protection Law, the Electronic Information and Transactions Law or the Copyright Law.
Budi said the government would leave it to the next administration to commence the drafting of a legally binding AI Law, as that would require discussions with new members of the House of Representatives after the general election.
Toothless start
Indonesia Cyber Security Forum (ICSF) chairman Ardi Sutedja questioned the effectiveness of the circular, as digital companies may ignore it without facing any consequences. Aside from that, he said, the government still lacked fundamental knowledge about the technology itself.
“There are numerous AI products being offered to us, but it remains unclear who has developed these products and which country they originate from. We also do not know whether the service has any virus or malware behind it, and our ability to detect such issues is inadequate,” Ardi told The Jakarta Post on Tuesday.
Ardi therefore suggested that the government follow standards and best practices implemented in other countries to prevent confusion among business players that might arise should Indonesia push its own standards.
He also urged for more involvement from all stakeholders, including academics researching AI, in the forthcoming regulations on the technology.
Communications and Information Ministry Information and Public Communication Director General Usman Kansong explained that a legally binding regulation on AI required time and noted that the European Union and United States had introduced ethical guidelines first.
The ministry “has decided to issue the circular as a guideline for organizations and associations using AI to establish self-regulation for their members,” Usman told the Post on Wednesday, adding that the Financial Services Authority (OJK) had pursued a similar path regarding AI used by financial technology firms.
He acknowledged that the circular entailed no legal punishment for companies that violated it, but emphasized that it marked the beginning of the forthcoming regulations.
Pratama Persadha, chairman of the Communication and Information System Security Research Center (CISSReC), agreed that the ministry’s circular was toothless, but also noted that some aspects of the letter deserved appreciation, such as stipulations that AI technology should not replace human labor.
He stressed the importance that the public be able to take advantage of AI while avoiding negative aspects such as disinformation or violations of personal data protection.
“The government should not rush to create regulations on the usage of AI. It should prioritize other, more crucial matters, such as the draft for a cybersecurity bill,” Pratama told the Post on Tuesday.
Riri Satria, a digital transformation expert lecturer at the State Intelligence College (STIN), remarked that, while the circular could not serve as a reference for law enforcement on AI-related issues, it did indicate the government’s concern about AI development:
“Despite its non-legally binding nature, electronic system providers should consider [aspects of] the circular as performance indicators,” Riri stated on Tuesday, as quoted by SindoNews.com.
According to Wahyudi Djafar, executive director of the Institute for Policy Research and Advocacy (ELSAM), said the government was on “the right path” in issuing a circular, which will jump-start the process to create a binding regulation.
He cited the example of the European Union’s new AI Act, which was only approved this month despite having been drafted in 2019, to illustrate that the process needed time.
“As this is a new topic in Indonesia, we may need to pass through a process involving several [regulatory] instruments before specifically discussing a draft for an AI law. Prior to that, we also need to discuss critical policy infrastructure, such as the cybersecurity bill,” Wahyudi told the Post on Tuesday.
He underscored the importance of a policy sandbox that would allow developers to build new AI applications in an unrestricted but confined environment, which would allow the government to learn from the development and prevent the establishment of counterproductive regulations.
“We need to mitigate the negative impacts of the technology. However, the regulation should not create a barrier that hinders the development of the technology itself,” Wahyudi concluded.