The Compliance Clock is Ticking: 6 June 2026 Deadline for MCDA 9/2026 Self-Assessments

On 6 March 2026, the Minister of Communication and Digital Affairs issued Ministerial Regulation No. 9 of 2026 ("MCDA 9/2026"), the implementing regulation for Government Regulation No. 17 of 2025 on the Governance of Electronic System Operations in Child Protection (Online Child Safety Regulation or "OCSR"). Both regulations will be relevant for platforms specifically designed for, or potentially accessed by, children under 18, such as social media, video games, and other online platforms. While the OCSR established the core principles and obligations for protecting children in the digital space, MCDA 9/2026 now provides the technical and procedural details required for compliance. Electronic System Operators (“ESO”) must immediately align their compliance programs with these detailed and now operational rules.

MCDA 9/2026 operationalises the broader provisions of the OCSR by providing concrete technical specifications, such as reaffirming the specific age brackets for children and introducing a prohibition on targeting products at children under three. The regulation also clarifies ambiguous obligations, for instance, by specifying that children under sixteen cannot have accounts on high-risk services like social media, which are categorised as high-risk by default unless proven otherwise through assessment. Furthermore, it provides the specific indicators for the seven risk aspects, such as what constitutes addiction or the exploitation of a child as a consumer, giving ESOs a clear framework for their mandatory self-assessments. Finally, it outlines the detailed procedures for Ministry supervision and the formal process for administrative appeals.

A core requirement of both regulations is for ESOs to determine the official risk profile of their products, services, and features. MCDA 9/2026 mandates a multi-stage process beginning with a mandatory self-assessment, where ESOs must evaluate their offerings against the seven specified risk aspects, ranging from contact with unknown persons and exposure to inappropriate content to risks of addiction and physiological harm. 

Following this internal evaluation, the results and supporting evidence must be reported to the Director General. The Ministry will then verify the submitted assessment and, based on its findings, officially designate the product, service, and feature as having either a "high-risk" or "low-risk" profile. This official designation is critical, as it determines whether a certain age group can use a product, service, or feature (in general, children under 16 cannot use high-risk products, services, or features).

Article 62 of MCDA 9/2026 requires ESOs to submit the self-assessment report to the Minister through the Director General of Digital Space Supervision no later than 3 months after the date the regulation was promulgated. As MCDA 9/2026 was officially promulgated on 6 March 2026, the submission deadline is therefore 6 June 2026.

MCDA 9/2026 has activated the compliance clock, and ESOs must immediately begin their internal assessments to meet the 6 June 2026 reporting deadline. If you have any further queries regarding this subject, please contact our Partner, Danny Kobrata ([email protected]), and our Associate, Emil Zanadi Sasongko ([email protected]).