Efektivitas Kebijakan Perlindungan Data Pribadi di Indonesia: Analisis Hukum Perdata dengan Pendekatan Studi Kasus
DOI:
https://doi.org/10.51903/hakim.v2i4.2157Keywords:
Perlindungan Data, Kebijakan Hukum, Pelanggaran Data, Penegakan HukumAbstract
The protection of personal data has emerged as a critical concern in the digital era, particularly in Indonesia, where data breaches are increasing at an alarming rate. This study investigates the effectiveness of Indonesia's data protection policies, focusing on the implementation of Law No. 27 of 2022, and identifies the factors affecting its enforcement. Employing a qualitative approach with a case study methodology, the research analyzes three major data breach incidents involving Tokopedia, BRI Life, and BPJS Kesehatan. Data collection methods included in-depth interviews with legal practitioners and document analysis of relevant regulations and reports. The findings reveal significant gaps in the enforcement of Law No. 27 of 2022, including weak sanctions, inadequate oversight mechanisms, and limited public awareness of data privacy rights. Although the law provides a foundational framework, its effectiveness is hindered by insufficient penalties and the absence of an independent supervisory authority. For instance, while Tokopedia implemented policy revisions post-breach, similar incidents remain likely due to inadequate deterrent measures. Comparatively, the European Union's General Data Protection Regulation (GDPR) demonstrates higher effectiveness through stringent sanctions and robust enforcement mechanisms. This study contributes to the discourse on data privacy by highlighting the shortcomings of Indonesia’s current policies and proposing strategic recommendations. These include harmonizing domestic regulations with international standards, strengthening enforcement through independent oversight bodies, and enhancing public education on data privacy rights. By addressing these challenges, Indonesia can establish a more robust data protection framework, fostering trust in its digital ecosystem and ensuring alignment with global practices.
References
Al-Otaibi, A., Bowan, P. A., Abdel Daiem, M. M., Said, N., Ebohon, J. O., Alabdullatief, A., Al-Enazi, E., & Watts, G. (2022). Identifying the Barriers to Sustainable Management of Construction and Demolition Waste in Developed and Developing Countries. Sustainability, 14(13), 7532. https://doi.org/10.3390/su14137532
Aslam, M., Khan Abbasi, M. A., Khalid, T., Shan, R. us, Ullah, S., Ahmad, T., Saeed, S., Alabbad, D. A., & Ahmad, R. (2022). Getting Smarter about Smart Cities: Improving Data Security and Privacy through Compliance. Sensors, 22(23), 9338. https://doi.org/10.3390/s22239338
Bhatt, S. (2024). Security and Compliance Considerations for Running SAP Systems on AWS. Journal of Sustainable Solutions, 1(4), 72–86. https://doi.org/10.36676/j.sust.sol.v1.i4.36
Carbajo, R., & Cabeza, L. F. (2022). Researchers’ Perspective Within Responsible Implementation with Socio-Technical Approaches. An Example from Solar Energy Research Centre in Chile. Renewable and Sustainable Energy Reviews, 158, 112132. https://doi.org/10.1016/j.rser.2022.112132
Fajardo, & Teresa. (2022). To Criminalise or Not to Criminalise IUU Fishing: The EU’s Choice. Marine Policy, 144, 105212. https://doi.org/10.1016/j.marpol.2022.105212
Ghorashi, S. R., Zia, T., Bewong, M., & Jiang, Y. (2023). An Analytical Review of Industrial Privacy Frameworks and Regulations for Organisational Data Sharing. Applied Sciences, 13(23), 12727. https://doi.org/10.3390/app132312727
Gibson, D., & Harfield, C. (2022). Amplifying Victim Vulnerability: Unanticipated Harm and Consequence in Data Breach Notification Policy. International Review of Victimology, 29(3), 341–365. https://doi.org/10.1177/02697580221107683
Kärner, M. (2022). Interplay between European Union criminal law and administrative sanctions: Constituent elements of transposing punitive administrative sanctions into national law. New Journal of European Criminal Law, 13(1), 42–68. https://doi.org/10.1177/20322844221085918
Lintvedt, M. N. (2022). Putting a Price on Data Protection Infringement. International Data Privacy Law, 12(1), 1–15. https://doi.org/10.1093/idpl/ipab024
Marín-González, F., Moganadas, S. R., Paredes-Chacín, A. J., Yeo, S. F., & Subramaniam, S. (2022). Sustainable Local Development: Consolidated Framework for Cross-Sectoral Cooperation via a Systematic Approach. Sustainability, 14(11), 6601. https://doi.org/10.3390/su14116601/s1
Neta, Y., Awanisa, A., & Melisa, M. (2022). The Urgency of Establishing Independent Supervisory Authority for Personal Data Protection in Indonesia. Constitutionale, 3(1), 19–38. https://doi.org/10.25041/constitutionale.v3i1.2535
Oguejiofor, B. B., Omotosho, A., Abioye, K. M., Alabi, A. M., Oguntoyinbo, F. N., Daraojimba, A. I., & Daraojimba, C. (2023). A Review on Data-Driven Regulatory Compliance in Nigeria. International Journal of Applied Research in Social Sciences, 5(8), 231–243. https://doi.org/10.51594/ijarss.v5i8.571
Olukoya, O. (2022). Assessing Frameworks for Eliciting Privacy & Security Requirements from Laws and Regulations. Computers & Security, 117, 102697. https://doi.org/10.1016/j.cose.2022.102697
Panahi Rizi, M. H., & Hosseini Seno, S. A. (2022). A Systematic Review of Technologies and Solutions to Improve Security and Privacy Protection of Citizens in the Smart City. Internet of Things, 20, 100584. https://doi.org/10.1016/j.iot.2022.100584
Quy Nguyen-Phuoc, D., Xuan Mai, N., Kim, I., & Oviedo-Trespalacios, O. (2024). Questioning Penalties and Road Safety Policies: Are They Enough to Deter Risky Motorcyclist Behavior? Accident Analysis & Prevention, 207, 107756. https://doi.org/10.1016/j.aap.2024.107756
Reis, O., Eneh, N. E., Ehimuan, B., Anyanwu, A., Olorunsogo, T., & Abrahams, T. O. (2024). Privacy Law Challenges in the Digital Age: A Global Review of Legislation and Enforcement. International Journal of Applied Research in Social Sciences, 6(1), 73–88. https://doi.org/10.51594/ijarss.v6i1.733
Ruohonen, J., & Hjerppe, K. (2022). The GDPR Enforcement Fines at Glance. Information Systems, 106, 101876. https://doi.org/10.1016/j.is.2021.101876
Shin, D., Kee, K. F., & Shin, E. Y. (2022). Algorithm Awareness: Why User Awareness is Critical for Personal Privacy in the Adoption of Algorithmic Platforms? International Journal of Information Management, 65, 102494. https://doi.org/10.1016/j.ijinfomgt.2022.102494
Sudarwanto, A. S., & Kharisma, D. B. B. (2022). Comparative Study of Personal Data Protection Regulations in Indonesia, Hong Kong and Malaysia. Journal of Financial Crime, 29(4), 1443–1457. https://doi.org/10.1108/jfc-09-2021-0193
Susha, I., Rukanova, B., Zuiderwijk, A., Gil-Garcia, J. R., & Gasco Hernandez, M. (2023). Achieving Voluntary Data Sharing in Cross Sector Partnerships: Three Partnership Models. Information and Organization, 33(1), 100448. https://doi.org/10.1016/j.infoandorg.2023.100448
Taherdoost, H. (2022). Understanding Cybersecurity Frameworks and Information Security Standards-A Review and Comprehensive Overview. Electronics, 11(14), 2181. https://doi.org/10.3390/electronics11142181
Thomas, L., Gondal, I., Oseni, T., & (Sally) Firmin, S. (2022). A Framework for Data Privacy and Security Accountability in Data Breach Communications. Computers & Security, 116, 102657. https://doi.org/10.1016/j.cose.2022.102657
Von Grafenstein, M., Jakobi, T., & Stevens, G. (2022). Effective Data Protection by Design Through Interdisciplinary Research Methods: The Example of Effective Purpose Specification by Applying User-Centred Ux-Design Methods. Computer Law & Security Review, 46, 105722. https://doi.org/10.1016/j.clsr.2022.105722
Wang, X., Wu, Y. C., Zhou, M., & Fu, H. (2024). Beyond Surveillance: Privacy, Ethics, and Regulations in Face Recognition Technology. Frontiers in Big Data, 7, 1337465. https://doi.org/10.3389/fdata.2024.1337465
Wen, Y., & Holweg, M. (2024). A Phenomenological Perspective on AI Ethical Failures: The Case of Facial Recognition Technology. AI and Society, 39(4), 1929–1946. https://doi.org/10.1007/s00146-023-01648-7
Wylde, V., Rawindaran, N., Lawrence, J., Balasubramanian, R., Prakash, E., Jayal, A., Khan, I., Hewage, C., & Platts, J. (2022). Cybersecurity, Data Privacy and Blockchain: A Review. SN Computer Science, 3(2), 1–12. https://doi.org/10.1007/s42979-022-01020-4
Xia, L., Semirumi, D. T., & Rezaei, R. (2023). A Thorough Examination of Smart City Applications: Exploring Challenges and Solutions Throughout the Life Cycle with Emphasis on Safeguarding Citizen Privacy. Sustainable Cities and Society, 98, 104771. https://doi.org/10.1016/j.scs.2023.104771
