Perlindungan Hukum Terhadap Data Pribadi Pengguna Di Platform E-Commerce

Abstract

The development of digital technology has encouraged the growth of the e-commerce sector in Indonesia, but on the other hand, it poses serious challenges related to the protection of consumers' personal data. This study analyzes the legal responsibility and effectiveness of government supervision of personal data leaks through a 2020 Tokopedia case study, which involved more than 91 million user accounts. The focus of this study is the Central Jakarta District Court Decision No. 235/Pdt.G/2020/PN.Jkt.Pst, where the lawsuit of the Indonesian Consumer Institute Foundation (YLKI) against Tokopedia and Kominfo was rejected only for reasons of absolute competence, without assessing the substance of the violation. This research aims to evaluate the weaknesses of the personal data protection legal system in Indonesia before the enactment of Law No. 27 of 2022 concerning Personal Data Protection, as well as assess the extent to which the Ministry of Communication and Information Technology (Kominfo) exercises its authority and responsibilities as a regulator. Using a normative juridical approach, this study examines relevant legal provisions, legal theories, and court decisions. Theoretically, this research refers to the theory of legal protection (Philipus M. Hadjon), and cybersecurity and data privacy (Daniel J. Solove). The results of the study show that legal protection for digital consumers is still formalistic and not yet substantive, and the lack of repressive actions from the state shows weak accountability in digital supervision. Therefore, a more responsive, accountable, and applicable legal approach is needed in ensuring the protection of personal data in the digital era.