REVIEW OF PERSONAL DATA PROTECTION LEGAL REGULATIONS IN INDONESIA

Abstract

The advancement of information and communication technology had caused an increase in data breaches and data misuse. The state is encouraged to have strong law regulations concerning the protection of personal data of its society. This research then aims to explain the lack of legal regulation in Indonesia regarding the protection of personal data. In analyzing the problem, this research used the juridical-normative method (legal research) by oriented on the law principles, law norms, and positive law in Indonesia which is relevant to the research’s topic. The conceptual approach was also used in this research because the researcher is more focused on the law regulation that had been issuance. Legal sources were  then much used as research data, starting from the Indonesian Constitution to the draft regulation. This research shows that different from Malaysia and Singapore that are already have the Personal Data Protection Act, Indonesia does not yet have a comprehensive personal data protection law. This is because the protection and misuse of personal data in Indonesia are still regulated as sectoral or scattered in several regulations and acts. As a consequence, Indonesia does not have a clear reference for handling the data misuse cases that are happening. This research then gives some advice and recommendations to the government to pass the Draft Regulation on Personal Data Protection which has been discussed since 2016.