I’ve received number of interesting e-mails from my readers in relation to the Wi-Fi Hotspots in
2. Due to security reasons, Customers are advise not to use Hotspot for electronic transaction or other confidential information.
4. Hereby the Customer understands and aware of any risk on using Hotspot, therefore Customer releases CBN for any loss or responsibility due to such risk.
2. Karena alasan keamanan, Pelanggan tidak dianjurkan menggunakan fasilitas Hotspot untuk melakukan transaksi keuangan atau informasi rahasia lainnya.
4. Pelanggan dengan ini memahami segala resiko atas penggunaan atau ketidaksanggupan layanan yang disediakan, untuk itu Pelanggan bersedia membebaskan CBN dari segala tuntutan ganti rugi maupun tanggung jawab yang timbul akibat resiko sebagaimana telah dijelaskan.
I verified correctness of this information and as you can see on the screenshot below, the CBN Hotspot Terms of Service indeed include such clauses:
When reading these terms and conditions set by CBN, several question arise. First of all, what happens if I use the insecure hotspot service to receive my e-mail and some hacker benefiting on lack of encryption of wireless data and captures my e-mail password and reads my confidential data? The terms of service do not mention anything about lack of encryption of service, it only states Customer understands and aware of any risk on using Hotspot, therefore Customer releases CBN for any loss or responsibility due to such risk, plus the article about on-line banking and confidential information. I don’t know how about my readers, but “any risk” sounds very much broad to me. If presumably there is a problem with billing on the hotspot and the consumer bill for use of the service increase to a very high amount, is it also included in any risk? I say there is some risk of damage to my wireless card, thus how about if my wireless card gets damaged due to malfunction of wireless hotspot? Is it also within any risk? Stating that company is not responsible for any risk sounds totally crazy to me.
I couldn’t believe that offering a commercial telecommunication service to consumers with such terms is legal. Unfortunately, I can not answer this question myself as my understanding of Indonesian law is very blurry. I also don’t have a license of an Indonesian lawyer allowing me to provide any legal opinion, so to clarify everything I decided to seek opinion of experts in consumer protection and telecommunication laws. My choice was REM Asia Pacific & Co. law firm as they got one of the best legal experts in both telecommunication and consumer protection laws, which perfectly fits my need.
The opinion of REM Asia Pacific’s Partner, Reno Iskandarsyah, is as follow:
Is it legal? The answer is, No! In
The Terms and Conditions given by CBN, is categorized as “standard clause”. It contains the rights of CBN (as service provider) and the obligations of consumer (as subscriber). However, as obviously noticed, the positions of the service provider and the subscriber are not equal in CBN case. A service provider shall not simply leave an option to its subscriber, i.e.: if you disagree with the terms, you can leave CBN and no longer using their network, if the terms are acceptable to you, you may continue using the network, but, when the network disturbance occures, CBN shall not be responsible for any loss incurred.
Under Article 4 Act No.8/1999 consumer has the right to enjoy comfort, protection, safety, while using or consuming goods or services, and she/he has a right to be compensated for any malfunction. Additionally, Article 7 obliged the service provider to provide the service in good faith, in truth (regarding giving information about the service), honesty, non- discrimination, as well as giving warranty for the standard quality of the service or goods.
The issue of “standard clause” in CBN Terms and Conditions, basically in breach of Article 18. Under this article, a company may not or not allowed to create a standard clause in every documents nor terms and conditions regarding:
a. assignment of liability of the company;
b. consumer is abide by the amendment to the standard clauses made by the company during the utilization or consumption of the purchased service or good.
A breach of this article will be subject to a crime sanction of 5 (five) years in jail or the penalty of Rp. 2,000,000,000 (IDR Two Billion, ~US$210,000).
Frankly, I feel completely stunned with this answer! Considering the simple fact that
I’ve also asked Rakhmayanti Esther Makainas – well known expert in telecommunication law – for her comment on this matter. Here it goes:
After reading opinion of two highly qualified lawyers, I think you already know what to do in case of problems with your ISP.
From the technical point of view, I clearly understand that providing insecure, unencrypted wireless Internet access service creates a great risk to the consumer. It doesn't take much hacking skills to sit down at a café with hotspot and begin intercepting and reading all the unencrypted wireless transmissions passing through the air. There are number of ways to secure public wireless hotspot and it seems that ISP simply doesn't bother to implement it. It also does not involve high cost, as the wireless service can be effectively secured with a simple solution.
I'd like to end this article with a quotation from CBN's web-site expressing the vision of the company:
As the leader among Internet Service Providers in Indonesia, CBN is working for a recognition as“The Brand You can Trust”.
Trust?! I leave comment on that to the growing number of readers of my Blog.
PS: If you are frustrated with service offered by your ISP, drop me an e-mail.