New OTT regulations in Indonesia and Thailand: inching towards a level playing field?
May23

New OTT regulations in Indonesia and Thailand: inching towards a level playing field?

New regulations are on the way that will impact providers of “over-the-top” (OTT) services targeting Indonesia and Thailand. Rapid digitalisation of multiple sectors in Asia is marking the dawn of a new era for policy and regulatory frameworks. Due to the availability of wireless broadband and prolific smartphone usage, OTT services such as mobile VoIP mobile applications, mobile instant messaging, online video and TV, and online music services have experienced unprecedented growth. Traditional onshore broadcasters and telecommunications companies have suffered at the hands of the availability of domestic and foreign OTT services which have cannibalised advertising and viewing figures, often whilst increasing strain on bandwidth. A key challenge in this new era is how to regulate the growing number of onshore and offshore OTT services. Examples include online global video services like Netflix and digital TV channels in Thailand that are broadcasting their programmes on OTT platforms, such as Workpoint and channels 3, 7 and 8. Other OTT services include transportation services like Malaysia’s Grab and Indonesia’s GoJek; communication tools like Facebook, LinkedIn, WhatsApp, Snapchat and LINE; as well as e-commerce platforms like Indonesia’s Tokopedia. Historically, OTT services which reach users via telecommunication companies’ networks have not required a licence or been required to pay any licensing fee; and in the case of offshore OTT services, have not been subject to local taxation. Policy-makers in Indonesia and Thailand are the latest to try to tackle this issue. Both have recently announced plans to introduce regulations aimed at OTT services. In this post, we look at the proposed changes and what they might mean for OTT services in these countries. What has changed in Indonesia? Offshore OTT services targeting Indonesia could find themselves subject to the payment of domestic corporate income tax in the country. The Director General of Tax issued Circular Letter 4/2017, which builds on the guidance set by Circular Letter No. 3/2016. The 2016 Circular states that applications and/or content services delivered over the internet can be provided by a foreign individual or business entity if they have a “permanent establishment” (known in Indonesia as a Badan Usaha Tetap or “BUT”). The primary aim of Circular Letter 4/2017 is to establish criteria to ensure that the owners and operators of foreign OTT services (which make their services available in and generate revenues from Indonesia) will be subject to the payment of domestic corporate income tax set out under Article 17 of Income-Tax Law 2000, equal to a 25% rate of taxable income plus 20% branch profit tax, the latter being a levy payable only by foreign entities. Why is the shift happening in Indonesia? The key driver...

Read More
IP in the Cloud: the South-East Asia Perspective
May05

IP in the Cloud: the South-East Asia Perspective

The fourth industrial revolution is transforming business in South-Asia faster and more dramatically than in almost any other region. Across South-East Asia, from emerging powerhouse economies such as Indonesia and Vietnam, to Singapore, already an established global economy, there is one issue that our clients consistently tell us is their boardroom priority: digital transformation. With the explosion in smartphone adoption, rapidly-improving broadband infrastructure and a generally young, tech-savvy population, the opportunity for organisations and governments to leverage new technologies to improve services and drive growth is clear – whether it is using digital wallet technologies to transform payments in Myanmar, or leveraging tele-health platforms to bring healthcare services to patients in remote locations in Indonesia and the Philippines. Many of these technologies are being built on cloud services, often provided by third party service providers. The cloud offers the ability to expand to new markets or new businesses faster than ever before. However, these new opportunities can come with new challenges and, like every transaction with a supplier, customers need to assess any associated risks . We have covered the region’s increasingly-supportive regulatory environment for cloud adoption in previous posts. This post focuses, instead, on an often-overlooked legal consideration in moving to the cloud – intellectual property (IP). What are the IP considerations associated with a move to the cloud for organisations in South-East Asia, and how can they be addressed? The IP landscape for companies in South-East Asia Let’s start by looking at the IP landscape in the region. There is a tendency to generalise about IP in South-East Asia. This is a mistake. While every country in South-East Asia has an IP regime designed to protect rights holders through patents, copyright, trade marks, and so on, it is still incorrect to assume that there is any real consistency across jurisdictions. Despite efforts to harmonise at an international level, the landscape still differs significantly from one country to the next – both in terms of the underlying legal framework and, even more so, in terms of the approach to enforcement. There is little value in comparing Vietnam, which has substantial room for improvement in terms of its patent system and approach to enforcement against infringers, with Singapore, which has a more-established system and is investing in becoming an IP hub for the region. What this all means for companies who do business across South-East Asia is that the picture is one of fragmentation, uncertainty and risk. Although the commercial team may regard South-East Asia as a single trading area, the legal and compliance team needs to navigate the myriad different legal systems and advise their board accordingly. The...

Read More
Indonesia moves towards comprehensive data law – how will it impact your business?
Mar30

Indonesia moves towards comprehensive data law – how will it impact your business?

The current data protection landscape in Indonesia Until recently, Indonesia has had a largely patchwork approach to personal data protection. There is not currently a singular comprehensive data protection law or regulation; nor, for example, are there any regulations specifically addressing cookies and location data. Overall, the scattered guidance is found in regulations relating to employees; banks; criminal procedures; human rights; health; financial services; and the more detailed Electronic Information and Transactions Law (Law No. 11 of 2008) (“EIT Law“) and its implementing regulations, among others. In 2012, Indonesia passed Government Regulation 82 (“GR82“), implementing various aspects of the EIT Law but with a key focus on ensuring that electronic system operators for “public services” use Indonesia-based data-centres. The scope of “public services” is still somewhat unclear but it has the potential to cover both government organisations and certain public-facing private sector businesses (which may include certain organisations in banking, insurance, health, security, industrial services and social activities) that are serving an Indonesian customer base through some digital means or housing Indonesian data.[1] Companies have until October 2017 to comply fully with GR82. However, there have been some ministerial statements about relaxing this requirement and some concern across sectors that a data localisation requirement would limit the ability for affected organisations to take advantage of new technologies, such as cloud computing, which typically require some transfer of data across borders. The recently enacted Minister of Communication and Informatics (“MOCI”) Regulation No. 20 of 2016 regarding Protection of Personal Data in Electronic Systems (“Data Protection Regulation“), which became effective on 1 December 2016, is an implementing regulation of the EIT Law and GR82. It seeks to define personal data and to lay down some requirements for protecting it. In terms of jurisdictional coverage, the Data Protection Regulation is silent on whether it applies to organisations outside of Indonesia. In practice, the enforcement risk will of course be lower but as an implementing regulation of the EIT Law, organisations should assume that it will have extraterritorial coverage. In addition, organisations will want to comply as a matter of good business practice because, with the passage of these new requirements, internet users in Indonesia will come to expect certain minimum privacy protections to be applied by the companies they engage with. What has changed? In the Data Protection Regulation, MOCI stipulates requirements on personal data collection and data subject consent, personal data storage, analysis, processing, display, delivery, distribution and removal, including where the intention is to transfer personal data outside of Indonesia. These requirements appear to be largely in line with those contained in the protection laws of many other countries – although,...

Read More
Guest Column: Regulating video in the internet age: Pressing challenges, slow movement
Jan09

Guest Column: Regulating video in the internet age: Pressing challenges, slow movement

Video markets in Asia, as in other parts of the world, are being swept by a wave of commercial and technological adjustment to the rise of internet-delivered video, frequently referred to as “OTT” television.  Unfortunately, in most countries adjustment of regulatory policies by governments is way behind. Asia’s cities, in particular, are rapidly being wired for broadband connectivity.  In developing countries like Thailand, the Philippines, Indonesia and India a broad digital divide has opened, with major urban areas enjoying improving connectivity and the countryside still reliant on more traditional modes of video delivery to consumers. That divide is a problem needing attention, but in the meantime urban populations, at least, are enjoying a “sweet spot” of improving broadband and adequate disposable income to pay for services consumers want.  As a result, they have become the object of a “race to serve” on the part of video providers on every scale: • Traditional pay-TV operators are upgrading their VOD offerings and broadening device access to include smartphones and tablets. • At the same time, new entrants are seeking to construct the right content offerings at the right price to win over consumers.  Major global providers (Netflix and Amazon Prime) entered Asia during 2016, and immediately were confronted with the need to adapt a global approach to Asian realities (including lower price points). • A raft of regional Asian OTT platforms have expanded their offerings (including Viu TV, Hooq, IFlix, and Catchplay), alongside a plethora of locally-oriented offerings (like Hotstar, Dittotv and Voot in India, plus Toggle, Monomaxx, Doonee, USeeTV, MyK+, etc., in Southeast Asia.) These market developments have significantly ratcheted up the pressure on governments, who are seeing more and more consumers migrate to lightly-regulated (or totally unregulated) online content supply, and away from the heavily-regulated traditional TV sectors.   Governments are in a quandary – most do not wish to impede their citizens’ access to global information sources, but at the same time they see evident challenges to long-established policies for content acceptability, broadcaster licensing, taxation, advertising etc.   At the extreme, “pirate” OTT services happily locate offshore, respect no rules and meet no obligations of any kind (not limited to copyright authorization), all the while reaping millions in subscription and/or advertising revenues.  Local content industries are crying foul. This very unbalanced competitive landscape causes deep damage to network operators, content creators at home and abroad, and investors in local economies.  In general, it isn’t possible to subject online content supply to outdated “legacy” broadcasting rules, so alternative solutions have to be considered, including self-regulatory approaches (which can gain acceptance from legitimate OTT suppliers, if not the pirate scofflaws)...

Read More
Indonesia heading for sensible cloud policy?
Jan25

Indonesia heading for sensible cloud policy?

Toby Grainger, Olswang Partner and Head of the Indonesia Group, looks at the implications for customers and service providers of Indonesia’s latest announcement on cloud policy. A sigh of relief for Indonesian Data Centres and the notorious GR 82? The Jakarta Post reported this month that the requirement to build data centres in Indonesia will be eased, as it incurs high costs and threatens competitiveness.  The report is based on comments made by Communications and Information Minister, Rudiantara. A reminder: What does GR 82 say? GR 82 (i.e. Government Regulation No. 82/2012) requires an electronic system operator for public services to locate its data centres and disaster recovery centres in Indonesia.  The law was introduced for the purposes of law enforcement, protection and sovereignty. Why is it problematic? One of the problems with GR 82 is that the term “public services” is broadly defined.  It includes the provision of goods, services, and administrative services provided by government institutions or state-owned enterprises.  It also extends to the provision of services by non-government institutions in banking, insurance, health, security, industrial services and social activities.  This is where the perceived problem with GR 82 lies: private sector businesses in these sectors must have data centres in Indonesia. This requirement poses two challenges to businesses in Indonesia: It is not easy to build data centres in Indonesia. As the Jakarta Post also reported, Indonesia was included in the bottom three for data centre building based on an IDC data centre index ranking released in 2014 (among 13 Asia-Pacific countries, excluding Japan).  It is expensive to build data centres in Indonesia.  A lack of adequate infrastructure and uneven electricity distribution were cited as the main challenges for enterprises looking to build data centres in Indonesia. Business need to be able to transfer data to other locations. GR 82 also makes it hard for businesses (local and international) to transfer data to other locations for legitimate business purposes.  In today’s online world, the ability to use and transfer their data should be something businesses can take for granted.  This move, if confirmed, appears to be an acknowledgment that a more restrictive approach would hamper the ability of local and international companies to practically do business in Indonesia, and that such an approach would not be necessary to achieve the policy objectives. How long could this recent sigh of relief last? Businesses will likely breath a sigh of relief upon reading this report.  However, this could just be temporary.  Changes to regulations can take a long time in Indonesia and nothing is set in stone just yet. GR 82 already provides for a transition period and its requirements do not apply in practice until 1...

Read More
Mapping the Social Commerce Revolution in Asia
Feb24

Mapping the Social Commerce Revolution in Asia

The convergence of social and e-commerce continues apace in Asia. More established e-commerce businesses, led by the likes of Alibaba and Rakuten, are investing heavily in social to maintain growth momentum and give them direct access to millions of users via social networks and messaging apps. One only needs to look at Rakuten’s $900 million acquisition of chat app Viber just last week, and Alibaba’s $586 million investment in the Sina Weibo microblogging platform last year, to see that e-commerce businesses are betting big on social. Across the way, social platforms are finally starting to monetise the retail opportunities that their platforms create. Alibaba’s Sina Weibo investment was seen as an effort to see off competition from its big rival, TenCent, and its messaging app WeChat, which is increasingly active in e-commerce and has a staggering 300 million users. In other parts of the region, fast-growing messaging apps like KakaoTalk and Line are partnering with retailers by offering official shopping channels, discounts and flash sales. Meanwhile, “social first” e-commerce startups are building their businesses right in the area of convergence between social and retail, whilst payment providers like Doku and service providers like aCommerce and Shopify are cashing in on all of this activity. Let’s look at some of the investments, acquisitions, partnerships and startups that are leading the social commerce revolution in Asia. Who? What? Social grabbing a piece of retail TenCent It’s no wonder that Alibaba is investing in social. A clear challenge is coming from its big Chinese rival, TenCent, and its WeChat messaging app, which has around 300 million users. In November 2013, device manufacturer Xiaomi managed to sell 150,000 units of its Mi-3 device in less than 10 minutes – exclusively via WeChat. And much more established businesses are also working closely with WeChat in the social commerce space. Chinese McDonalds fans can now pay for their meals via WeChat. Facebook, Instagram, WhatsApp Facebook is having a good deal of success with so-called “F-Commerce” in the region, taking advantage of the absence of global players like eBay and Amazon. Thailand is a good example. There are 24 million Facebook users in the country. Small and medium sized operators are using the platform to sell an ever-increasing range of products and merchants are now starting to invest in advertising on the platform. The company’s incredible $19 billion acquisition of WhatsApp will see it move into messaging apps and, one imagines, a broader range of social commerce opportunities. The acquisition also hit the share prices of the platform’s Asian competitors, like Line and WeChat. Line Japan’s Line messaging app, with its estimated 300 million users, is...

Read More