Implementasi Prinsip Due Diligence dalam Kewajiban Negara Mencegah Cyber Attacks: Tinjauan Hukum Internasional Kontemporer
DOI:
https://doi.org/10.51903/172frz12Keywords:
Due diligence, cyber attacks, international lawAbstract
The rapid evolution of cyberspace has transformed it into a strategic domain of international relations, raising complex legal challenges regarding state responsibility for preventing cross-border cyberattacks. This study explores the implementation of the due diligence principle in international law as a normative foundation for evaluating a state’s obligation to prevent harmful cyber activities originating from its territory. Utilizing a normative-legal approach, the research analyzes global legal instruments, state practices, and Indonesia’s position on due diligence. Findings reveal a significant gap between the doctrinal recognition of due diligence and its operational application, especially in developing countries lacking institutional and regulatory capacity. The study proposes practical recommendations for integrating due diligence into national Cybersecurity strategies while contributing to the broader development of binding international cyber norms. By focusing on Indonesia, the research aims to strengthen both national legal preparedness and its international legal standing in cyberspace governance.
References
Adeyeri, A., & Abroshan, H. (2024). Geopolitical Ramifications of Cybersecurity Threats: State Responses and International Cooperations in the Digital Warfare Era. Information (Switzerland), 15(11). https://doi.org/10.3390/info15110682
Agir, S., Derin-Gure, P., & Senturk, B. (2023). Farmers’ perspectives on challenges and opportunities of agrivoltaics in Turkiye: An institutional perspective. Renewable Energy, 212, 35–49. https://doi.org/10.1016/j.renene.2023.04.137
Alramamneh, I. M., & Abuanzeh, A. (2023). International and National Procedural Framework for Combating Cybercrime. International Journal of Cyber Criminology, 17(2), 330–349. https://doi.org/10.5281/zenodo.4766719
Asmare, F. M., & Ayalew, L. G. (2023). Security challenges in the transition to 4G mobile systems in developing countries. Cogent Engineering, 10(1). https://doi.org/10.1080/23311916.2023.2166214
Badan Siber dan Sandi Negara (BSSN). (2020). Strategi Keamanan Siber Nasional (Stranas KS). https://bssn.go.id/
Bannelier, K. (2024). Due diligence as a cardinal principle in the fight against malicious cyber activities. Global Cybersecurity and International Law, 44–62. https://doi.org/10.4324/9781003344124-4
Cinini, S. F., Ehiane, S. O., Osaye, F. J., & Irewunmi, B. A. (2023). The trends of cybersecurity and its emerging challenges in Africa. Cybercrime and Challenges in South Africa, 75–106. https://doi.org/10.1007/978-981-99-3057-9_4
Egloff, F. J., & Smeets, M. (2023). Publicly attributing cyber attacks: a framework. Journal of Strategic Studies, 46(3), 502–533. https://doi.org/10.1080/01402390.2021.1895117
Fajri, K. S. Al, & Harwahyu, R. (2024). Information Security Management System Assessment Model by Integrating ISO 27002 and 27004. MALCOM: Indonesian Journal of Machine Learning and Computer Science, 4(2), 498–506. https://doi.org/10.57152/malcom.v4i2.1245
Government of Estonia. (2023). Cybersecurity Act. https://www.mkm.ee/en/
Gstrein, O. J., & Beaulieu, A. (2022). How to protect privacy in a datafied society? A presentation of multiple legal and conceptual approaches. Philosophy and Technology, 35(1). https://doi.org/10.1007/s13347-022-00497-4
Guo, D., Chen, H., Wu, R., & Wang, Y. (2023). AIGC challenges and opportunities related to public safety: A case study of ChatGPT. Journal of Safety Science and Resilience, 4(4), 329–339. https://doi.org/10.1016/j.jnlssr.2023.08.001
Gustafsson, M. T., Schilling-Vacaflor, A., & Lenschow, A. (2023). Foreign corporate accountability: The contested institutionalization of mandatory due diligence in France and Germany. Regulation and Governance, 17(4), 891–908. https://doi.org/10.1111/rego.12498
Imoize, A. L., Balas, V. E., Solanki, V. K., Lee, C. C., & Obaidat, M. S. (2023). Handbook of Security and Privacy of AI-Enabled Healthcare Systems and Internet of Medical Things. Handbook of Security and Privacy of AI-Enabled Healthcare Systems and Internet of Medical Things, 1–471. https://doi.org/10.1201/9781003370321
International Law Commission (ILC). (2022). Draft conclusions on identification of customary international law, with commentaries. United Nations.
Islam, E., Rudolph, C., & Oliver, G. (2025). Managing cyber harm: a survey of challenges, practices, and opportunities. Information Security Journal. https://doi.org/10.1080/19393555.2025.2484348
Katagiri, N. (2024). Defending medical facilities from cyber attacks: critical issues with the principle of due diligence in international law. International Review of Law, Computers and Technology, 38(1), 1–20. https://doi.org/10.1080/13600869.2023.2183449
Lehto, M. (2022). Cyber-Attacks Against Critical Infrastructure. Computational Methods in Applied Sciences, 56, 3–42. https://doi.org/10.1007/978-3-030-91293-2_1
Malhotra, A., Mathur, A., Diddi, S., & Sagar, A. D. (2022). Building institutional capacity for addressing climate and sustainable development goals: achieving energy efficiency in India. Climate Policy, 22(5), 652–670. https://doi.org/10.1080/14693062.2021.1984195
Moynihan, H. (2023). Unpacking due diligence in cyberspace. Journal of Cyber Policy, 8(1), 4–25. https://doi.org/10.1080/23738871.2023.2250358
Nowak, D., & Distel, B. (2024). Trust in Times of Cyber Crisis: Understanding Organizational Trust Repair in the Public Sector. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 14841 LNCS, 134–149. https://doi.org/10.1007/978-3-031-70274-7_9
Open-Ended Working Group. (2023). Report of the Open-Ended Working Group on Developments in the Field of Information and Telecommunications in the Context of International Security. https://www.un.org/disarmament/
Radanliev, P. (2024). Cyber diplomacy: defining the opportunities for cybersecurity and risks from Artificial Intelligence, IoT, Blockchains, and Quantum Computing. Journal of Cyber Security Technology, 1–51. https://doi.org/10.1080/23742917.2024.2312671
Sachoulidou, A. (2023). Going beyond the “common suspects”: to be presumed innocent in the era of algorithms, big data and artificial intelligence. Artificial Intelligence and Law. https://doi.org/10.1007/s10506-023-09347-w
Sankaran, V., & Church, C. (2023). The Ties that Bind Us: An Empirical, Clinical, and Constitutional Argument Against Terminating Parental Rights. SSRN Electronic Journal. https://doi.org/10.2139/ssrn.4397994
Schilling-Vacaflor, A., & Gustafsson, M. T. (2024). Towards More Sustainable Global Supply Chains? Company Compliance with new Human Rights and Environmental Due diligence Laws. Environmental Politics, 33(3), 422–443. https://doi.org/10.1080/09644016.2023.2221983
Schilling-Vacaflor, A., & Lenschow, A. (2023). Hardening foreign corporate accountability through mandatory due diligence in the European Union? New trends and persisting challenges. Regulation and Governance, 17(3), 677–693. https://doi.org/10.1111/rego.12402
Schmitt, M. (2023). Securing the digital world: Protecting smart infrastructures and digital industries with artificial intelligence (AI)-enabled malware and intrusion detection. Journal of Industrial Information Integration, 36. https://doi.org/10.1016/j.jii.2023.100520
Shandler, R., & Gomez, M. A. (2023). The hidden threat of cyber-attacks–undermining public confidence in government. Journal of Information Technology and Politics, 20(4), 359–374. https://doi.org/10.1080/19331681.2022.2112796
Staves, A., Anderson, T., Balderstone, H., Green, B., Gouglidis, A., & Hutchison, D. (2022). A Cyber Incident Response and Recovery Framework to Support Operators of Industrial Control Systems. International Journal of Critical Infrastructure Protection, 37. https://doi.org/10.1016/j.ijcip.2021.100505
Ukwandu, E., Ben-Farah, M. A., Hindy, H., Bures, M., Atkinson, R., Tachtatzis, C., Andonovic, I., & Bellekens, X. (2022). Cyber-Security Challenges in Aviation Industry: A Review of Current and Future Trends. Information (Switzerland), 13(3). https://doi.org/10.3390/info13030146
Undang-Undang Nomor 27. (2022). Undang-Undang Nomor 27 Tahun 2022 tentang Pelindungan Data Pribadi.
United Nations Group of Governmental Experts. (2021). Report on Advancing Responsible State Behaviour in Cyberspace in the Context of International Security (A/76/135). https://www.un.org/disarmament/
United States Government. (2022). National Cyber Strategy of the United States of America. https://www.whitehouse.gov/
Wang, J., Yang, J., & Yang, L. (2023). Do natural resources play a role in economic development? Role of institutional quality, trade openness, and FDI. Resources Policy, 81. https://doi.org/10.1016/j.resourpol.2023.103294
Wilhelm, M. (2024). Mandatory due diligence legislation: a paradigm shift for the governance of sustainability in global value chains? Journal of International Business Policy. https://doi.org/10.1057/s42214-024-00193-4
Yaacoub, J. P. A., Noura, H. N., Salman, O., & Chehab, A. (2022). Robotics cyber security: vulnerabilities, attacks, countermeasures, and recommendations. International Journal of Information Security, 21(1), 115–158. https://doi.org/10.1007/s10207-021-00545-8
Żuk, P., & Żuk, P. (2024). Ecology for the rich? Class aspects of the green transition and the threat of right-wing populism as a reaction to its costs in Poland. Sustainability: Science, Practice, and Policy, 20(1). https://doi.org/10.1080/15487733.2024.2351231
Downloads
Published
Issue
Section
License
Copyright (c) 2026 Berliant Pratiwi, Neilin Nikhlis
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
6.png)
