Reconstruction of the Legal Mechanism for Consumer Rights Recovery Regarding Personal Data Leaks in the Financial Technology and E-Commerce Sectors in Indonesia
Isi Artikel Utama
Abstrak
The rapid growth of the financial technology (fintech) and e-commerce sectors in Indonesia has increased the risk of massive personal data breaches, placing consumers in a vulnerable position. This normative legal study aims to analyses two fundamental aspects. First, it examines how the current legal framework, centered on Law No. 27 of 2022 on Personal Data Protection (PDP Law), regulates corporate legal liability for failure to protect customer data. Second, it formulates an ideal legal mechanism model to ensure effective and efficient restoration of rights for consumers who have been victimized. Using a statute approach and a conceptual approach, this study finds that although Indonesia already has a strong foundation for corporate accountability, including administrative, civil, and criminal sanctions, there is a significant legal gap between the enforcement of corporate accountability and the realization of the restoration of victims' rights. The current litigation procedures have proven to be inefficient, costly, and burdensome for victims, who are required to prove losses that are difficult to quantify. As a solution, this study recommends reconstructing the rights restoration mechanism through four integrated pillars: (1) the introduction of statutory damages to provide legal certainty; (2) the establishment of a sectoral compensation fund as a financial safety net; (3) granting adjudication authority to the Data Protection Authority for rapid dispute resolution; and (4) modernizing class action procedures facilitated digitally. This model is proposed to create a legal ecosystem that not only punishes perpetrators, but also effectively restores the rights of victims and builds public trust in the digital economy.
Rincian Artikel
Bagian
Cara Mengutip
Referensi
Adawiyah, R., Prasetyo, M. A., Septiyan, R., Leonardy, S. P., & Calvin, M. A. (2022). Analysis Of E-Commerce Data Breach and Theft. https://doi.org/10.55942/pssj.v2i2.168
Agustiawan, M. H., Umam, K., & Maleka, M. (2022). The Importance of Consumer Protection Law Revision in the Development of E-Commerce in the Digital Transformation Era in Indonesia. Proceedings of Islamic Economics, Business, and Philanthropy, 1(2), 305-317.
Ali, R., & Darmawan, D. (2023). Big Data Management Optimization for Managerial Decision Making and Business Strategy. Journal of Social Science Studies, 3(2), 139-144.
Arner, D. W., Buckley, R. P., & Zetzsche, D. A. (2020). COVID-19, Fintech, and the Recovery: A New World for Finance and Regulation. European Banking Institute, 59.
Aziz, A., Darmawan, D., Khayru, R. K., Wibowo, A. S., & Mujito. (2023). Effectiveness of Personal Data Protection Regulation in Indonesia’s Fintech Sector. Journal of Social Science Studies, 3(1), 23-28.
Baraja, M. U., Saputra, R., Saktiawan, P., Dirgantara, F., & Waskito, S. (2023). Implementation and Supervision of Personal Data Protection Law on Online Platforms. Journal of Social Science Studies, 3(1), 101-108.
Budhijanto, D. (2019). Cyber Law and Data Protection in Indonesia. Bandung: PT Refika Aditama.
Budhijanto, D. (2020). Legal Responsibility and Compensation Mechanisms in Personal Data Protection. Journal of Law and Policy, 15(2), 145–160.
costa, S. da., Darmawan, D., & Isaac, A. de J. (2023). Safeguarding Employee Data with Blockchain in HR. International Journal of Service Science, Management, Engineering, and Technology, 4(3), 41–46.
Creswell, J. W., & Creswell, J. D. (2018). Research Design: Qualitative, Quantitative, and Mixed Methods Approaches (5th Ed.). Sage Publications.
Darmawan, D., P. N. L. Sari, J. Jahroni, S. N. Halizah & R. Mardikaningsih. 2023. Digitalization of Kedai Industry: Analysis of The Role of Internet Marketing Orientation and Innovation on Marketing Performance. Sustainable Environmental and Optimizing Industry Journal, 5(1), 21-31.
Faridi, F., Darmawan, D., Hardyansah, R., Putra, A. R., & Wibowo, A. S. (2023). Legal Protection for Online-Based Lending Consumers. International Journal of Service Science, Management, Engineering, and Technology, 4(2), 34–38.
Gardi, B., & Eddine, B. A. S. (2023). Cyber Security and Personal Data Protection in the Digital Age: Challenges, Impacts, and Urgency of Global Collaboration. Bulletin of Science, Technology and Society, 2(3), 58–63.
Halim, E. F. (2022). Perlindungan Hukum Data Pribadi Pembeli di Perdagangan Secara Elektronik (E-Commerce) di Indonesia [Legal Protection of Buyer’s Personal Data in E-Commerce in Indonesia]. Jurnal Hukum Visio Justisia. https://doi.org/10.19166/vj.v2i1.5190
Hapsari, R. D. (2019). Collective Litigation and Access to Justice in Indonesia. Yuridika, 34(2), 215–230.
Hidayat, A., & Nugroho, R. S. (2020). Corporate Liability for Data Breaches in Electronic Commerce. Journal of Law, Policy and Globalization, 96, 52–61.
Hoofnagle, C. J., van der Sloot, B., & Borgesius, F. Z. (2019). The European Union General Data Protection Regulation: What it is and What it Means for Research. Information, Communication & Society, 22(1), 65-79.
Infante, A. & R. Mardikaningsih. (2022). The Potential of Social Media as a Means of Online Business Promotion. Journal of Social Science Studies, 2(2), 45-48.
Khairi, M., & Darmawan, D. (2022). Developing HR Capabilities in Data Analysis for More Effective Decision Making in Organizations. Journal of Social Science Studies, 2(1), 223-228.
Kitab Undang-Undang Hukum Perdata (KUHPerdata).
Kusuma, A. R., & Fadhilah, N. (2022). Digital Transformation of Civil Procedure and Mass Dispute Resolution. Journal of Civil Law Studies, 7(1), 88–104.
Mardikaningsih, R. & D. Darmawan. (2023). Analysis of Financial Literacy and Risk Tolerance on Student Decisions to Invest. International Journal of Service Science, Management, Engineering, and Technology, 3(2), 7–12.
Marzuki, P. M. (2017). Penelitian Hukum: Edisi Revisi. Kencana.
Negara, D. S., & Darmawan, D. (2023). Digital Empowerment: Ensuring Legal Protections for Online Arisan Engagements. Bulletin of Science, Technology and Society, 2(2), 13-19.
Peraturan Bank Indonesia Nomor 22/23/PBI/2020 tentang Sistem Pembayaran.
Peraturan Otoritas Jasa Keuangan Nomor 13/POJK.02/2018 tentang Inovasi Keuangan Digital di Sektor Jasa Keuangan.
Peraturan Pemerintah Nomor 71 Tahun 2019 tentang Penyelenggaraan Sistem dan Transaksi Elektronik (PP PSTE).
Poernomo, S. L. (2023). Transformative Justice, Protection of Consumer Personal Data in Online Loan Business in Indonesia. Russian Law Journal, 11(3), 559-570.
Poernomo, S. L. (2023). Transformative Justice, Protection of Consumer Personal Data in Online Loan Business in Indonesia. Russian Law Journal, 11(3), 559-570.
Putra, A. R., & Arifin, S. (2021). Supply Chain Management Optimization in the Manufacturing Industry through Digital Transformation: The Role of Big Data, Artificial Intelligence, and the Internet of Things. Journal of Social Science Studies, 1(2), 161-166.
Putra, J. M., & Lie, G. (2023). Liability For Processing Personal Data at Private Universities Related to Personal Data Protection Based on Indonesian Law. UNES Law Review, 6(2), 6679-6687.
Putra, M. A., & Rahman, I. (2020). Procedural Barriers in Class Action Lawsuits. Journal of Legal Reform, 5(3), 173–187.
Rosadi, S. D. (2019). The Urgency of Personal Data Protection Law in Indonesia: A Comparative Law Perspective. Journal of Southeast Asian Human Rights, 3(2), 318-333.
Rosadi, S. D. (2021). Personal Data Protection and Privacy Rights in Indonesia. Jakarta: Prenadamedia Group.
Rosadi, S. D., & Pratama, A. B. (2022). Transparency and Accountability in Data Protection Governance. Journal of Digital Law, 6(1), 33–47.
Shidarta. (2017). Hukum Perlindungan Konsumen Indonesia. Grasindo.
Sutanto, H. (2021). Administrative Sanctions as Regulatory Instruments in Digital Consumer Protection. Journal of Legal, Ethical and Regulatory Issues, 24(2), 1–11.
Sutanto, H. (2021). Technology-Based Supervision in Personal Data Protection Enforcement. Journal of Information Law and Technology, 4(2), 89–103.
Sutanto, H., & Prabowo, R. (2020). Regulatory Models for Data Breach Compensation Funds. Indonesian Journal of Legal Studies, 10(3), 201–215.
Umar, N., Pujayanti, L. P. V. A., Sabir, M., & Kasim, A. (2021). The Effectiveness of the Implementation of Administrative Sanctions in Consumer Dispute Resolution in the E-Commerce Era under the Consumer Protection Law. Riau Law Journal, 9(1), 73-87.
Undang-Undang Dasar Negara Republik Indonesia Tahun 1945.
Undang-Undang Nomor 11 Tahun 2008 tentang Informasi dan Transaksi Elektronik (UU ITE).
Undang-Undang Nomor 19 Tahun 2016 tentang Perubahan atas UU Nomor 11 Tahun 2008 tentang Informasi dan Transaksi Elektronik.
Undang-Undang Nomor 27 Tahun 2022 tentang Pelindungan Data Pribadi (UU PDP).
Wahyudi, W., R. N. K. Kabalmay, & M. W. Amri. (2021). Big Data and New Things in Social Life. Studi Ilmu Sosial Indonesia, 1(1), 1–12.
Wijaya, T. S. (2021). The Effectiveness of Class Actions as a Consumer Protection Instrument. Journal of Indonesian Private Law, 4(2), 99–113.
Yuniarti, S. (2022). Protection of Indonesia’s Personal Data After Ratification of Personal Data Protection Act. Keadilan Progresif. https://doi.org/10.36448/plr.v4i02.85