Tifa Foundation’s Notes on Police Reform: Addressing Policing Challenges in the Digital Age

… the Indonesian National Police’s extensive authority to monitor and moderate cyberspace, coupled with weak internal and external oversight mechanisms, has led to numerous reports of abuse of power and arbitrary actions that have restricted freedom of opinion, freedom of expression, freedom of the press, and freedom of assembly, all in the name of public order.

On November 8, 2025, President Prabowo established the Commission for the Acceleration of Reform of the Indonesian National Police (KPRP), consisting of 10 members. The committee, established pursuant to Presidential Decree No. 122 of 2025 on the Appointment of Members of the Commission for the Acceleration of Police Reform, is led by Jimly Asshiddique and includes members such as Mahfud MD, Badrodin Haiti, and Ahmad Dofiri.

Previously, on Wednesday, December 3, 2025, the Tifa Foundation had the opportunity to present its observations and recommendations for reforming the Indonesian National Police in response to the need for law and order maintenance throughpolicing in the digital age. During the meeting, the Tifa Foundation highlighted that the development of digital technology has presented new challenges for policing, one of which is the emergence of computer-dependent crime and computer-enabled crime (also known as computer crime and computer-enabled crime).

First, the expansion of cyberattack capabilities also has a significant impact on the threat landscape facing democratic actors, such as activists, civil society organizations, journalists, and the media.

The Digital Rights Situation Report, published annually by SAFEnet since 2019, documents how significant socio-political developments in Indonesia have consistently been accompanied by an increase in digital threats and attacks against citizens. The latest 2024 reportreveals a significant increase in digital rights violations amid the dynamics of the national #EmergencyAlert campaign, including 330 incidents of digital attacks throughout the year and 1,902 reports of Online Gender-Based Violence, highlighting the vulnerability of digital rights, particularly for women and minority groups.

The 2024 Journalist Safety Index, published by the Safe Journalism program, also lists digital attacks as the fourth most common form of violence reported by journalists, with account hacking, digital identity theft, and online intimidation being the types of attacks experienced by the majority of journalists who responded to the survey. The Indonesian Online Media Association (AMSI) highlighted the trend of Distributed Denial of Service (DDoS) attacks, which are often targeted at online media outlets that publishcritical reports on the government and state institutions. The most recent incident was a DDoS attack against Tempo in April 2025 following the publication of the investigative report “Tentakel Judi Kamboja,” which rendered most of Tempo’s content inaccessible to the public via the tempo.co website, particularly regarding online content.

Digital attacks on online media not only impact public access to information, but also deal a severe blow to media companies as server management costs rise sharply. The additional operational costs and financial losses caused by DDoS attacks can create a chilling effect that influences editorial policies regarding the publication of coverage that is sensitive or critical of those in power.

In response to this trend, the Tifa Foundation is advocating for police reform focused on enhancing the capacity of the National Police and its personnel to enforce the law against digital attacks targeting democratic actors, including by prioritizing the development of digital forensic capabilities. This need is increasingly urgent in responding to organized cyberattacks that target groups of people using different methods simultaneously, such as in the 2021 hacking of several anti-corruption activists who had criticized the National Ideology Test (TWK) administered by the Corruption Eradication Commission (KPK).

Equally important, the enhancement of the National Police’s digital forensic capabilities must be accompanied by the internalization of privacy protection procedures in the handling of cyber threats and attacks, particularly those targeting vulnerable groups, such as in the context of online gender-based violence and child grooming. Law No. 27/2022 on Personal Data Protection requires law enforcement agencies such as the Indonesian National Police to apply personal data protection principles during cyber investigations. Digital evidence must be secured from unauthorized access, data alterations must be prevented, and every action must be documented to prevent privacy violations.

The second point noted by the Tifa Foundation is

The Indonesian National Police’s extensive authority to monitor and moderate cyberspace, despite weak internal and external oversight mechanisms

has produced numerous reports of abuse of power and arbitrary actions that have led to restrictions on freedom of opinion, freedom of expression, freedom of the press, and freedom of assembly, on the grounds of public order.

Furthermore, the draft amendment to Law No. 2 of 2002 on the National Police expands the National Police’s authority over the security, regulation, and oversight of cyberspace, including the enforcement of measures, blocking, disconnection, and slowing of access to cyberspace for the sake of domestic security. Without court approval, the National Police can act arbitrarily in the name of “domestic security,” as evidenced by their track record during the #ResetIndonesia demonstrations in August–September 2025, where the National Police designated 959 suspects based on 246 reports received; in the case of intimidation by members of the Cyber Crime Directorate (Ditressiber) of the Central Java Regional Police against the band Sukatani in January 2025; as well as in coordinating with the government, which led to the disruption and slowing of internet access in Papua in August–September 2019; and indications of the procurement of Pegasus spyware for zero-click surveillance of critical groups (2017–2018).

To date, at least 1,038 people remain in custody and are facing legal proceedings in connection with the protests and riots that occurred in late August and early September 2025. Most are detained on charges related to the dissemination of disinformation and misinformation, incitement, and various types of speech regulated under Law No. 1/2024 on Information and Electronic Transactions (ITE Law). This situation reinforces concerns that civil liberties in cyberspace will continue to be eroded if the National Police’s surveillance and intervention powers are not strictly regulated, transparent, and subject to independent and effective oversight. In response to this situation, police reform must include strengthening the National Police’s internal oversight mechanisms, such as the Professional Standards and Security Division (Propam), and strengthening the authority of external oversight bodies, such as the National Police Commission (Kompolnas).

Specifically in the context of press freedom, the authority of the Cyber Patrol and its implementation mechanisms must be clarified to ensure that journalistic content is not subject to monitoring without prior verification by the Press Council, in accordance with the Guidelines for Online Media Reporting, which emphasize the principle of independent verification to ensure the accuracy and balance of news coverage. To protect the functions of the press under Law No. 40/1999 and prevent the criminalization of journalism, every finding by the Cyber Patrol regarding press products must go through a referral mechanism to the Press Council for ethical assessment, rather than being directly subject to criminal prosecution. Furthermore, the National Police must establish publicly accessible standard operating procedures for content moderation and ensure that the handling of reports does not result in the silencing of critical media or journalists.

The Tifa Foundation also highlighted the importance of reforming the National Police to enhance transparency and accountability in procurement for policing needs in the digital age. An investigative report by Project Multatulion public procurement data from the LPSE revealed that between 2017 and 2021, the National Police allocated a total of Rp3.8 trillion for 57 tenders related to “media and communications,” including social media content, video/animation production, publications, monitoring, OSINT, and media intelligence, with 43.4% (Rp1.65 trillion) flowing to the National Police Intelligence and Security Agency (Intelkam). This budget allocation stands in stark contrast to the budget for investigating minor cases at the Provincial and District Police levels, which is only Rp4 million per case, even though the budget required to resolve a case exceeds that allocation. This highlights a misalignment of priorities, where massive spending on digital branding outweighs operational support for addressing cybercrime.

As part of the reform of the Indonesian National Police ( Polri), it is important to ensure that the Police’s limited budget is allocated to support a more effective and responsive response to cybercrime, including through the enhancement of human resources and the procurement of technology. Equally important, procurement must be supported by transparent, accountable, and outcome-based budgeting. This can be achieved, for example, by linking each procurement to measurable performance indicators—such as the number of cybercrime cases handled, response times, and improvements in service quality for the public—and by ensuring that all procurement documents are publicly accessible.

Accountability regarding the use of goods and services to support the performance of the Indonesian National Police in the digital age must be subject to independent oversight, including by ensuring that the National Police Commission (Kompolnas) has real-time access to budget data, can conduct investigations, and can impose sanctions for tender irregularities.

In the context of the procurement and use of digital surveillance and authentication technologies that pose a high risk of human rights violations, the Indonesian National Police is required to conduct ethical reviews, proportionality tests, and human rights impact assessments (HRIA) to identify risks of algorithmic bias, mass privacy violations, and discriminatory effects prior to implementation.

Based on the above findings, the Tifa Foundation recommends that the National Police undergo reform:

ensuring that the National Police’s authority to monitor and moderate cyberspace is not expanded, whether through wiretapping, enforcement actions, blocking, or slowing down access to cyberspace;
ensure that the Indonesian National Police’s moderation of cyberspace is carried out in accordance with Constitutional Court Decision No. 105/PUU-XXI/2024, which limits the application of the criminal provisions of the ITE Law;
ensure the development of guidelines for the exercise of authority regarding the monitoring and moderation of cyberspace (specifically blocking and disconnecting access through coordination with Komdigi) and ensure their implementation;
prioritizing the enhancement of institutional and personnel capacity related to responsiveness and effectiveness in preventing cybercrime and handling reports of cyber threats and attacks, rather than focusing primarily on addressing downstream content-related crimes ;
promote the strengthening of police personnel training by systematically incorporating a human rights perspective into the police training curriculum across all police training institutions;
strengthen the effectiveness of internal and external oversight of the National Police to balance the National Police’s overly broad authority in cyberspace and to reduce the potential for abuse of power by the National Police in monitoring and restricting rights in cyberspace; and
ensure that audits of the procurement and use of the National Police’s electronic systems for oversight purposes comply with the principles of proportionality and necessity.