Dewa Gede Sudika Mangku,Ni Putu Rai Yuliartini,I. Nengah Suastika,I. Gusti Made Arya Suta Wirawan

DOI: https://doi.org/10.35741/issn.0258-2724.56.1.23

2021-01-01

Journal of Southwest Jiaotong University

Abstract:The emergence and rapid development of information and communication technology has brought about various opportunities and challenges. One of them is the active interaction between individuals and the digital-based information service providers. In modern economic development, related information including personal data or also known as digital dossier—the collection of large amounts of an individual’s information using digital technology—are valuable assets due to their high economic value since they are widely utilized by businesses. In this regard and due to the increasing number of cellphone and internet users, there is a need to study the issues on the importance of protecting one’s personal data. In Indonesia, there is no specific regulation regarding the protection of personal data. Therefore, it is essential to come up with specific and comprehensive legislation related to personal data protection as legal basis for better implementation of personal data protection in Indonesia in the future. The purpose of this research is to find out and analyze the current policies on protection of personal data of internet users in Indonesia. This study uses a normative juridical method with a statutory approach and utilizes literature study. The result shows that the concept of personal data protection implies that individuals have the right to determine whether one will join an online community, share or exchange personal data with another, and the conditions that must be met in order to do so. The study likewise found that the threat of personal data leakage is increasingly occurring because of the development of the e-commerce sector in Indonesia.

English Else

Ninne Zahara Silviani,Rina Shahriyani Shahrullah,Vanessa Riarta Atmaja,Park Ji Hyun

DOI: https://doi.org/10.25216/jhp.12.3.2023.517-546

2023-11-30

JURNAL HUKUM DAN PERADILAN

Abstract:This paper explores the various practices surrounding the legal framework for protecting personal data in the context of private electronic systems used by commercial companies. The research's main focus is the ambiguity of the goals of Indonesia's Electronic System providers and how they may adopt better practices to enhance data protection within Electronic System Providers, so this extensive examination also includes a thorough comparison of the personal data protection laws in South Korea and Indonesia. This investigation aims to carefully define, evaluate, and harmonize the two countries' unique legal systems. This study uses a normative legal research framework with a Teleological and Legal Protection approach as its research technique. Additionally, it uses the comparative law method to clarify, outline, and examine the specifics of the personal data protection laws that are now in force in Indonesia and South Korea. The results of this research go beyond identifying problems; they are expected to produce a thorough understanding of the complexities surrounding personal data security in the context of electronic commerce. These discoveries are well-positioned to be the foundation for upcoming regulatory improvements, eventually encouraging more potent and reliable data protection procedures in both nations.

Budi Agus Riswandi,Alif Muhammad Gultom

DOI: https://doi.org/10.20885/plr.vol5.iss2.art3

2023-12-01

Prophetic Law Review

Abstract:Information technology and its relationship with data protection is a crucial area that needs to be addressed, especially for data flows among different countries. In the majority of jurisdictions, international data transfers are restricted unless specific requirements stipulated by data protection laws are met. However, in the European Union (EU) and the United Kingdom (UK) there are three exceptions, adequacy, appropriate safeguards, and derogations. This paper conducts a comparative legal analysis of the regulations governing the cross-border transfer of personal data in the EU, UK, and Indonesia. The research method is normative, while the approaches employed are statutory and conceptual with an analytical and descriptive research design. The study focuses on the legal framework and the various mechanisms to protect personal data during transborder flows. The research identified both commonalities and disparities in data protection regulations in Indonesia, the EU, and the UK. Notably, differences appeared in the application of appropriate safeguards and the use of criminal sanctions in Indonesia. Finally, the study concludes by providing recommendations for future developments in the legal frameworks for cross-border data transfer in the EU, UK, and Indonesia.

Abraham Ethan Martupa Sahat Marune,Brandon Hartanto

DOI: https://doi.org/10.46336/ijbesd.v2i4.170

2021-11-07

Abstract:The development of technology, communication, and the internet has positive and negative influences on all sectors of life in society. One of the negative impacts and problems is the alleged criminal act of buying and selling data and the absence of a special law (lex specialist) regarding the regulation of Indonesian personal data. The purpose of this research is to analyze in-depth the efforts to strengthen the protection of personal data, cyber security, and increase public awareness of the perspective of Progressive Law in Indonesia. This study uses a normative juridical method using secondary data, a statutory approach, a conceptual approach, and a case approach. This scientific paper concludes that the Synergy of Ministries and related institutions (Legislative, Executive, and Judiciary) is the key to protecting personal data and cyber resilience. Then, strengthening efforts should be made, namely immediately passing the Draft Law on Personal Data Protection (RUU PDP), forming an independent institution. However, if at this time a dispute occurs, it can be resolved by Article 30 of the ITE Law and the PMH Lawsuit (Tort), supported by a progressive legal approach and futuristic interpretation by the judge examining the quo case. The synergy of government agencies, the private sector, and other stakeholders is needed to increase public awareness by increasing education/dissemination of efforts to prevent misuse of personal data.

Rina Shahriyani Shahrullah,Jihyun Park,Irwansyah Irwansyah

DOI: https://doi.org/10.20956/halrev.v10i1.5016

2024-01-03

Hasanuddin Law Review

Abstract:Personal data leakages have been experienced by both Indonesia and South Korea. To ensure the protection of privacy rights relating to personal data, both countries have promulgated special laws, namely the Indonesian Personal Data Protection Law (PDP Law) and the South Korean Personal Information Protection Act (PIPA). This study aims to compare the two laws to ascertain their similarities and differences by adopting a comparative law approach. The study found that similarities exist in the two laws. They are to protect personal data and confer rights on data subjects. In the absence of explicit consent given by data subjects, data controllers and processors are prohibited from collecting and processing the data with some exceptions. They also mandate a special institution that is tasked to investigate and sanction data controllers and processors when they conduct data infringement. There are inherent differences in the two laws. PIPA is designed to be the framework legislation and PDP is designed to be a special statute. Additionally, PIPA mandates the institution dealing with personal data protection without referring to any other law but the Act itself. PDP Law clearly states that further provisions relating to this institution will be governed by Presidential Regulation.

Valentina Ancillia Simbolon,Vishnu Juwono

DOI: https://doi.org/10.31314/pjia.11.2.178-190.2022

2022-12-30

Publik (Jurnal Ilmu Administrasi)

Abstract:Data leakage is one of the high potentials for criminal acts in cyberspace. The Indonesian government passed the Personal Data Protection Act (UU PDP) to ensure the security of every citizen's personal data. This study aims to compare the policies of the Personal Data Protection Act with the European Union General Data Protection Regulations (EU-GDPR). This study uses a qualitative descriptive analysis method with data from previous studies and official releases from the Indonesian government and the European Union. The results of this study illustrate that the PDP Law and the EU-GDPR have the same arrangements regarding the rights of personal data subjects. In the data processing aspect, the principle of processing personal data in the PDP Law is not mandatory. In contrast, in the EU-GDPR, the principle of processing personal data is mandatory. In the aspect of controlling and processing personal data, both rights and responsibilities are almost the same, both for the PDP Law and the EU-GDPR. In the aspect of imposing sanctions, EU-GDPR is more apparent in the mechanism of imposing sanctions in the form of fines. While in the PDP Law, sanctions consist of administrative sanctions, criminal sanctions, and criminal fines, the mechanism of imposing sanctions is not yet clear.

English Else

Alikhan Salim,Tri Susilowati,Hono Sejati

DOI: https://doi.org/10.57185/jetbis.v3i8.128

2024-08-29

Abstract:Online transactions provide huge benefits for buyers and sellers. For buyers, the convenience of shopping without having to go to a physical store is the main benefit. They can compare prices and products from various sellers, saving time and transportation costs. For sellers, online transactions open up wider market opportunities, increase product exposure, and increase sales and distribution efficiency. However, the risk of personal data leakage always lurks in online transactions. This issue is serious and can compromise consumers' privacy and information security. Data leaks can occur when personal information such as names, addresses, telephone numbers, emails, credit card details and other personal data falls into unauthorized hands. The research aims to explore the protection of consumers' personal data and examine the responsibility of marketplaces in dealing with data leaks. The author uses a normative juridical approach, which includes primary and secondary legal analysis, as well as descriptive analysis to summarize applicable regulations and legal theory related to practice. The results show that Indonesia has Law Number 27 of 2022 concerning Protection of Consumer Personal Data to protect personal data. Marketplaces that violate these rules may be subject to administrative sanctions in accordance with applicable regulations, while consumers have the right to file a lawsuit for marketplace negligence in accordance with Article 1366 of the Civil Code.

Dany Try Hutama Hutabarat,Rusti Zebua,Rini Andriani Sitorus,Febby Andriana Subakti,Hikmah Ramadhani,Juliana Mangunsong,Firma Nduru,Gusthi Sulistio Alfah,Julio Calvin Dheo Pasaribu,Rado Maruli Malau,Ibnu Anhar,Patria Sahdan

DOI: https://doi.org/10.55047/jhssb.v1i4.234

2022-07-14

Abstract:Indonesia is a country that until now has not have a single law laws specifically regulating the protection of personal data. Lately there have been many cases in the community regarding the misuse of personal data. Especially with the increasingly easy public access to the internet so that the misuse of personal data through electronic media will spread quickly. In the field of health services, the patient's personal data cannot be separated from the possibility of abuse. It would be even more dangerous if the personal data is a trace of the patient's medical record which is indeed highly confidential. The use of Information and Communication Technology (ICT) in health services aims to improve access, efficiency, effectiveness, and quality of medical processes that involve medical service organizations in hospitals, clinics, health centers, medical practitioners both doctors and therapists, laboratories, pharmacies, insurance also involving patients as consumers. However, in the process of service using the E-health program, it will collect a number of consumer personal data which is sensitive personal data and lead to new legal issues, namely the extent to which the health service provider can protect patient personal data can be accessed, disseminated more easily through the progress of ICT. So far, the existing regulations have not provided maximum protection for patient personal data because the arrangements are still sectoral and are scattered in several laws and regulations.

English Else

Ratna Kumala Sari,Khilmatin Maulidah

DOI: https://doi.org/10.37253/jjr.v25i2.8310

2023-12-02

Journal of Judicial Review

Abstract:The acceleration of global free trade necessitates high-quality product outcomes, driving the creation of technology to meet these demands. Consequently, the significance of Intellectual Property Rights in advancing technological developments becomes increasingly apparent. In the realm of commerce, competition is inherent and vital to attain objectives, which include acquiring consumers and maximizing profits. Unfortunately, such competition often leads to fraudulent practices and ensuing conflicts. To mitigate and address unfair competition, it is imperative to establish regulations that entrepreneurs and business entities must adhere to, both preventively and punitively. This study seeks to analyze the current and prospective criminal law policy regarding trade secret offenses within the existing legal framework. The research employs a normative legal approach. The findings reveal that trade secret offenses in Indonesia are governed by Law Number 30 of 2000, but it exhibits certain weaknesses and shortcomings. The proposed Trade Secrets Bill aims to adapt to international standards, fostering economic benefits while maintaining legal protection convergence.

Vera W. S. Soemarwi,W. Susanto

DOI: https://doi.org/10.2991/assehr.k.210805.088

2021-01-01

Abstract:Digital technology has been quickly developing and has been used in the financial sector, such as banking, but the laws in Indonesia have not provided adequate legal protection for data protection for banking consumers. The Indonesian Government has created various cross-sectoral regulations but they have yet to guarantee legal protection for banking...

Muhammad Hilmy Rizqullah Ramadhan,Kyagus Ramadhani,Mohammad Isrok,Isdian Anggraeny,Robbi Prasetyo

DOI: https://doi.org/10.18502/kss.v8i21.14710

2024-01-07

KnE Social Sciences

Abstract:Protection of personal data is one of the rights possessed by humans, which is one of the privacy rights possessed by a person in maintaining and securing personal data owned by each individual. The development of Artificial Intelligence (AI)-based technology has developed rapidly in the digital world 4.0, where legal protection is needed in personal data protection legal instruments. This research aims to examine the use of AI as a tool in protecting personal data and to examine the urgency of a special regulation in Indonesia in protecting personal data. The research method used in writing this law is normative legal research. In this research, what is meant by juridical research is the 1945 Constitution of the Republic of Indonesia, the Law on Information, and Electronic Transactions Number 11 of 2008, the Regulation of the Minister of Communication and Information Number 20 of 2016, Government Regulation Number 82 of 2012, and UDHR by conducting a study of legal products in the form of laws and regulations. Furthermore, what is meant by normative research is related to the principle of legal certainty, which later can be linked to the urgency of personal data protection regulations for the protection, supervision, and utilization of personal data abuse. Keywords: personal data, artificial intelligence, protection, urgency

Dian Purwaningrum Soemitro,Muhammad Arvin Wicaksono,Nur Aini Putri

DOI: https://doi.org/10.37276/sjh.v5i1.272

2023-07-31

SIGn Jurnal Hukum

Abstract:This study aims to compare the penal provisions between the PDPA and Law Number 27 of 2022. This study uses normative legal research with the statute and comparative approaches. The collected legal material is then qualitatively analyzed to describe the problem and answer study purposes. The results show a striking difference between the PDPA and Law Number 27 of 2022 concerning penal provisions related to offenses of personal data protection. The PDPA portrays a more moderate approach by establishing relatively lighter imprisonment and fines. In contrast, Law Number 27 of 2022 illustrates a stricter approach with more severe imprisonment, fines, and additional punishments. Singapore leans towards prevention and education, while Indonesia places a high priority on law enforcement. Nonetheless, both approaches ultimately aim to protect their citizens’ personal data. Therefore, it recommended that the relevant authorities in both Singapore and Indonesia continually evaluate and adapt their legal frameworks to safeguard personal data effectively. Singapore could consider stricter penalties to discourage offenses while maintaining its focus on education and prevention. On the other hand, while Indonesia’s commitment to law enforcement is commendable, it could also benefit from incorporating preventive measures and public education to promote understanding and voluntary compliance. Collaborative efforts between the two countries can facilitate continual enhancements in personal data protection within their respective jurisdictions.

Hanita Mayasari

DOI: https://doi.org/10.62264/jlej.v1i1.4

2023-11-27

Abstract:The objective of this study is to elucidate the challenges presented by technological advancements, namely digital metaverse technology, with regard to safeguarding personal data in Indonesia. This study also investigates these issues via the lens of human rights. The research methodology employed in this study encompasses a mixed approach, combining socio-legal and normative research methods. The research findings indicate that there is a pressing need for the safeguarding of personal data in Indonesia, particularly in light of the escalating number of incidents and the advancement of the information technology sector. The significance of metaverse technology should not be underestimated, thereby necessitating a thorough legislative reform to address the associated difficulties. The enactment of the PDP Law represents the initial measure taken by the government to establish a framework for the administration of personal data protection. The active participation of all stakeholders, particularly those in the digital economy industry, is vital in the formulation and implementation of rules. Additionally, it is crucial to adhere to the principles of Data Protection By Design and By Default. The PDP Law encompasses various significant provisions that can be utilised by the Indonesian government to enforce personal data protection measures and impose penal consequences upon those who breach the regulations stipulated within this legislation. The PDP Law serves as a legal framework that holds applicability not only inside national boundaries but also extends to international jurisdictions, particularly in the context of the contemporary metaverse.

Wulan Rannie B.

DOI: https://doi.org/10.35877/soshum2169

2023-10-30

ARRUS Journal of Social Sciences and Humanities

Abstract:In banking, what becomes a bank secret is all forms of personal data about customers and their deposits. With the current technological advances, banks are expected to be able to provide faster, easier, and safer services in transactions process. However, it is undeniable that during the transactions process, a risk for both banks and customers of data theft is done by other parties. This research is legal research using normative juridical legal research or library legal research carried out by examining library materials or secondary research sources consisting of primary legal materials, secondary legal materials, and tertiary legal materials. Based on the research results, there are several rules that can protect personal data, that are Law No. 10 of 1998 concerning Amendments to Law No. 7 of 1992 concerning Banking, Financial Services Authority Regulation (POJK) No. 11/POJK.03/2022 dated 6 July 2022 concerning the Implementation of Information Technology by Commercial Banks, and Law No. 27 of 2022 dated 17 October 2022 concerning the Protection of Personal Data. Based on these regulations, it is clear that they cannot fully protect banks and customers from personal data leaks. In addition, there are no regulations with concrete steps to protect personal data so that banks can implement risk management in data protection.

Ali Alibeigi,Abu Bakar Munir

DOI: https://doi.org/10.69554/yqug8122

2022-08-01

Abstract:The massive and implausible advancements in the fields of information and communications technology, and especially the internet, have increased both the value and threats to the information privacy of individuals. The Malaysian Personal Data Protection Act 2010 (PDPA) was a governmental endeavour to protect the information privacy of the citizens. However, the Act's output and the level of compliance by the data users are in a halo of ambiguity. This qualitative study using the document analysis aimed to find out to what extent the communications companies comply with the Act. Hence, the privacy policies of these companies were evaluated in line with the requirements of the Act. The results indicated that more or less all samples failed to satisfy the PDPA requirements. The solutions provided by this research can be used as practical guidelines to draft a Standard Privacy Policy. The suggestions also would benefit the Personal Data Protection Commissioner in performing his duties and functions.

Tasya Safiranita Ramli,Ahmad M. Ramli,Gabriela Madeline Hutauruk

DOI: https://doi.org/10.18080/jtde.v11n1.620

2023-03-31

Journal of Telecommunications and the Digital Economy

Abstract:Qualified telecommunication facilities and infrastructure complement the convergence of technology applications. One of the most widely used by the public is Over-the-Top (OTT) platforms. However, it raises a new problem as domestic operator service providers are aggrieved by OTT platforms that are gaining more popularity despite their unclear legal standing. The Indonesian government responded by issuing a number of regulations. This study describes the regulations governing telecommunications and OTT platforms in Indonesia as well as pointing out the consequences and challenges of the issuance of these new regulations by taking into account the conditions of the national electronic system. This study applied a qualitative method with a normative juridical approach. Data was collected through an online literature review with analytical descriptive data processing. The results of this study elucidate the four latest regulations governing the telecommunications service sector and OTT platforms. These regulations are complementary, even though digital taxes are still seen as challenges in the form of whose outcomes are considered to have not touched the Indonesian people in general. In this instance, it demonstrates that regulations are complementary, as is the case with natural law theory, and that the law adapts to social life.

Abdul Hadi,Bima Guntara

DOI: https://doi.org/10.35194/jhmj.v8i1.2426

2022-06-30

Jurnal Hukum Mimbar Justitia

Abstract:Entering the era of disruption of artificial intelligence (AI) does not rule out the possibility of increasing lysophisticated criminal acts carried out using virtual media. Cyber crime refers to a crime related to cyber space and crimes that use computers. Cyber criminals or data hacker salso take advantage of AI technology to steal personal data. There fore, information regarding personal data is very important tobe protected, so that data leak age does not occur, because it contains a lot of information related to a person. This study used normative legal research method with statutory and conceptual approach. This study reveals that Indonesia currently donâ€TMt have a legal umbrella that particularly regulates personal data protection, however, the regulation on personal data protection has been spread in various law sand regulation salthoughit does not clearly or specifically mention personal data protection.Keywords : Legal Reform, Personal Data, Artificial Intelligence.

Disa Amalia,Aldri Frinaldi

DOI: https://doi.org/10.69820/jumea.v1i1.14

2023-06-26

Abstract:The rapid development of information and communication technology has fundamentally changed the legal landscape of state administration. In this digital era, personal data is a very valuable asset and an increasingly important object of protection. However, the challenges in enforcing state administrative law in the digital era, particularly in terms of personal data protection, are increasingly complex and require a comprehensive approach. This article aims to analyze the main challenges in enforcing state administrative law in the digital era with a focus on personal data protection. First of all, the main challenge is the rapid development of technologies, such as the Internet of Things (IoT) and artificial intelligence (Artificial Intelligence), which generate huge and diverse volumes of data. This requires effective protection of personal data and adherence to data protection principles established by law. Another challenge is the increasing frequency of data breaches. In the digital era, personal data is vulnerable to abuse and hacking which can threaten individual privacy and security. Therefore, state administrative law enforcement must be able to overcome this threat by strengthening data protection mechanisms, implementing strict information security policies, and increasing international cooperation in law enforcement related to data breaches. Furthermore, another challenge is the harmonization between state administrative law and personal data protection in the digital era. Existing state administrative laws need to be updated and adapted to technological developments and personal data protection. There is a need for a clear and comprehensive legal framework that protects personal data in line with the principles of a transparent, accountable and effective state administration. In order to overcome this challenge, the government, law enforcement agencies and the private sector need to work together actively to develop comprehensive regulations, increase law enforcement capacity in terms of personal data protection, and increase legal awareness among the public. Only with a holistic approach.

Hidayatulloh Hidayatulloh

DOI: https://doi.org/10.31000/jhr.v11i1.8110

2023-04-01

Jurnal Hukum Replik

Abstract:Indonesia passed Law Number 27 of 2022 concerning the Protection of Personal Data, a notable instrument in preventing privacy and data protection rights violations. This paper analyzes the relationship between human rights and personal data protection in digital financial transactions. In the findings of this paper, privacy rights and data protection rights are human rights that are interrelated with one another. Both are essential parts of protecting human honor and dignity. In matters of personal data, leakage and theft are the leading digital security issues in financial institutions, especially banks. The community hopes that Law Number 27 of 2022 can provide protection, especially the security of digital financial transactions that continue to develop in Indonesia.Keywords: human rights, personal data protection, digital finance

Law