Publication Search

The digital transformation in Indonesia’s banking sector has significantly increased the use of digital banking services; however, it has not been fully accompanied by optimal customer trust. This study aims to examine the effect of perceived risk, data privacy protection, and digital service quality on customer trust, both partially and simultaneously. A quantitative approach was employed using survey data collected from 150 digital banking users in Indonesia. Data were analyzed using Structural Equation Modeling based on Partial Least Square (SEM-PLS). The results indicate that perceived risk has a negative and significant effect on trust, while data privacy protection and digital service quality have positive and significant effects on trust. Simultaneously, all variables significantly influence trust, with an R² value of 0.672, indicating strong explanatory power. Compared to prior studies, this research contributes novelty by integrating these three variables into a comprehensive model. The findings reveal that digital service quality is the most dominant factor influencing customer trust. This study concludes that enhancing customer trust requires an integrated approach through effective risk management, strengthened data protection, and continuous improvement in digital service quality.

The development of the digital era has significantly transformed government administration, particularly in technology-based public services. This transformation requires strengthening the principles of good governance, which include transparency, accountability, public participation, effectiveness, efficiency, and legal certainty. State Administrative Law plays a strategic role in ensuring that bureaucratic digitalization remains within the correct legal framework and does not deviate from good governance principles. This study employs a normative juridical approach with a literature review method to analyze the role of State Administrative Law in strengthening good governance in the digital era. The findings show that State Administrative Law functions as an instrument of legality, discretionary control, data protection, improved accountability, and enhanced public service efficiency. Thus, State Administrative Law is not only regulatory but also adaptive to technological developments in achieving good governance in the digital era.

Phishing is a form of cybercrime that has experienced a significant increase in frequency within Indonesia. This fraudulent practice aims to deceive victims into surrendering personal data or sensitive financial information by impersonating trusted institutions. Such crimes result in substantial losses for both individuals and the business sector, particularly concerning personal data protection and digital transaction security. This research aims to analyze the legal regulations and the role of supervisory institutions in addressing phishing threats in Indonesia using a normative legal research method. The legal analysis encompasses the implementation of the Electronic Information and Transactions Law (UU ITE), specifically Article 28, paragraph (1), and the Personal Data Protection Law (UU No. 27 of 2022), which serves as the primary foundation for privacy rights. Furthermore, this study examines the Consumer Protection Law and the Indonesian Criminal Code (KUHP) as enforcement instruments. The strategic roles of the Financial Services Authority (OJK) and Bank Indonesia (BI) are also discussed in the context of risk mitigation within the financial sector. The findings indicate that law enforcement effectiveness is still hindered by low digital literacy, limited forensic technology infrastructure, and jurisdictional challenges in tracking cross-border perpetrators. Consequently, a synergy between regulatory strengthening, international collaboration, and massive public education is required to comprehensively suppress these cybercriminal activities.

This study aims to examine the influence of local wisdom as a living law on personal data protection behavior, as well as assess the role of Islamic law ethics and digital literacy in the context of intimate digital crime in Indonesia. The background of this research is based on the increasing cases of misuse of personal data in the digital space that have not been fully responded to effectively through formal legal approaches. The method used a quantitative approach with a correlational explanatory design. Data were obtained through the distribution of a questionnaire based on the Likert scale to 150 respondents who were selected purposively, then analyzed using descriptive statistics, Pearson correlation, and simple linear regression. The results showed that local wisdom of alwasliyahan had a positive and significant influence on personal data protection behavior (β = 0.42; p < 0.05). Islamic legal ethics serve as a mediating variable that strengthens the relationship, while digital literacy provides a positive influence at a moderate level. These findings show that the internalization religious and cultural values plays an important role in shaping individual awareness and behavior in protecting personal data in the digital era. The conclusion of this study emphasizes that local wisdom can function effectively as a living law in supporting the protection of personal data. This research makes theoretical contribution the development of the study of Islamic law and the sociology of law, as well as practical implications for policy formulation that integrates formal regulations, cultural values, and digital literacy.

This study aims to evaluate the effectiveness of implementing Law Number 27 of 2022 concerning Personal Data Protection in Indonesia's efforts to prevent and combat phishing crimes. This research employs a normative legal method to analyze the implementation of the PDP Law in the context of preventing and combating phishing crimes. The findings indicate that the PDP Law has provided a comprehensive legal framework for protecting personal data, including data that is often targeted by phishing attacks.The implementation of the PDP Law is overseen by the Personal Data Protection Authority, which has the authority to impose administrative sanctions, support law enforcement processes, and evaluate cross-border data transfers. To achieve maximum effectiveness in combating phishing crimes, strong synergy is needed between the government, private sector, and the public. The PDP Law has provided a good legal framework, but the success of its implementation is highly dependent on the commitment of all parties to work together in protecting personal data.

The development of technology-based peer-to-peer financing services (LPBBTI) in Indonesia, including platforms like Shopee Paylater, has facilitated easier access to credit. However, this progress is accompanied by cybersecurity risks, such as unauthorized use and account breaches. This study aimed to (1) analyze the operation of LPBBTI under prevailing regulations, and (2) examine the legal liability of parties in cases of Shopee Paylater credit breaches.The study employed a normative legal approach with prescriptive characteristics, combining statutory, conceptual, and case-based analyses. Primary and secondary legal materials were obtained through literature review of Law No. 8 of 1999, POJK No. 10 of 2022, POJK No. 40 of 2024, and personal data protection regulations. The analysis was conducted descriptively and qualitatively. The findings indicate that, despite OJK regulations, Shopee Paylater’s electronic agreements still contain standard clauses that unilaterally shift all account security risks to users. This practice potentially violates Article 18(1)(a) of the Consumer Protection Law and is void under Article 18(3). Consequently, consumers remain liable for payments even if transactions are conducted illegally by third parties. In line with Article 19 of the Consumer Protection Law, service providers should assume liability, as system security is under their control.

This research presents the development of a transaction data protection mechanism for a bouquet sales application by utilizing the Advanced Encryption Standard (AES) algorithm. The rapid growth of digital commerce has led to an increase in online transactions, which in turn raises serious concerns regarding the security of sensitive transaction data. Information such as customer identities, order details, delivery addresses, and payment data are vulnerable to unauthorized access, data leakage, and manipulation if not properly secured. To address these issues, this study applies the AES-128 encryption algorithm using a 128-bit secret key to secure transaction data before it is stored in the system database. The encryption process follows the standard AES workflow, including key expansion, initial transformation, multiple encryption rounds, and a final transformation stage. Decryption is restricted exclusively to authorized users who possess the correct encryption key. The research methodology includes system analysis, AES integration into the application, and functional testing of the encryption and decryption processes. Data integrity is validated by comparing the original plaintext with the decrypted output, while system performance is evaluated based on processing time and decryption accuracy. Experimental results indicate that the average encryption and decryption time remains under 10 milliseconds per transaction, without affecting system performance. The findings confirm that AES-128 effectively enhances transaction data confidentiality and integrity in the bouquet sales application

Article 20 of the Personal Data Protection Law (UU PDP) normatively regulates the protection of data subjects and constitutes a key provision emphasizing the principle of consent as the legal basis for the processing of personal data for commercial purposes. This norm safeguards individual privacy rights, including the validity of explicit consent, the right to withdraw consent, and the responsibility of data controllers. Furthermore, Articles 65–70 of the UU PDP substantively regulate various forms of criminal violations in the context of personal data protection, including the acquisition, disclosure, processing, falsification, and illegal use of personal data, demonstrating the state’s commitment to providing criminal law protection against personal data breaches. This study employs doctrinal legal research with a descriptive-normative approach to address two main issues. First, it aims to examine and identify the legal protection of personal data trading under the UU PDP. Second, it seeks to analyze and identify the legal certainty of personal data trading as regulated by the UU PDP. Although Article 20 of the UU PDP is intended to provide strong protection against the commercial use of personal data, the provision still gives rise to legal uncertainty due to the lack of clear regulation of several crucial aspects. Similarly, Articles 65–70 contain significant legal uncertainties, particularly with regard to the elements of criminal offenses, forms of harm, corporate criminal liability, overlap with other regulations, and the absence of clear enforcement mechanisms and implementing institutions.  

Article 20 of the Personal Data Protection Law (PDP Law) normatively regulates the protection of data subjects and constitutes a pivotal provision that underscores the principle of consent as the legal basis for the processing of personal data for commercial purposes. This normative framework safeguards individuals’ right to privacy, encompassing the validity of explicit consent, the right to withdraw such consent, and the accountability of data controllers. In parallel, Articles 65 to 70 of the PDP Law substantively establish various categories of criminal offenses within the context of personal data protection. These include the unlawful acquisition, disclosure, processing, falsification, and utilization of personal data. Collectively, these provisions reflect the State’s commitment to ensuring criminal legal protection against violations of personal data.This research adopts a doctrinal legal methodology with a descriptive-normative approach to address two primary issues: First, to examine and identify the scope of legal protection concerning the trade of personal data under the PDP Law; and Second, to assess and determine the degree of legal certainty afforded to the trade of personal data within the framework of the PDP Law.Notwithstanding the protective intent embodied in Article 20—particularly concerning the commercial use of personal data—this provision gives rise to legal uncertainty due to the absence of comprehensive regulatory clarity on several critical aspects. Similarly, Articles 65 to 70 continue to exhibit significant legal ambiguities, particularly with respect to the constituent elements of offenses, the definition of harm, corporate liability, regulatory overlap with other legislative instruments, and the lack of clear enforcement mechanisms and implementing institutions.

The increasing adoption of cloud native microservices has brought about significant improvements in scalability, flexibility, and resilience. However, these advancements also introduce substantial security challenges, particularly in distributed environments where traditional perimeter-based security models prove inadequate. This paper proposes a secure architecture for cloud native microservices that integrates Zero trust Network Access (ZTNA) and multi layered encryption techniques to address these security concerns. The architecture operates on the principle of "never trust, always verify," ensuring that access to resources is strictly controlled and continuously monitored. By incorporating multi layered encryption methods such as RSA and AES, the architecture ensures data protection both in transit and at rest, significantly reducing the risk of data breaches and unauthorized access. Through experimental evaluations, the proposed architecture demonstrated its effectiveness in preventing lateral movement, mitigating data leakage, and resisting common attack vectors such as man-in-the-middle (MITM) attacks and privilege escalation. Additionally, the performance of the system remained optimal, with minimal overhead despite the additional security layers. The architecture's scalability and robust security mechanisms make it a viable solution for real-world microservices environments, where both security and performance are crucial. This paper discusses the potential impact of this secure architecture on the broader field of distributed system security and offers recommendations for future work, including the integration of advanced machine learning techniques for real-time threat detection and automated responses, as well as the adaptation of the architecture for emerging technologies like edge computing and 6G networks.

The rapid development of information technology has increased the use of online lending services, including illegal platforms that impose excessive interest rates, misuse personal data, and employ intimidating debt collection practices. Limited legal and digital literacy has made communities more vulnerable to these risks. This Community Service Program aims to enhance the understanding of residents in Kradenan Village, Tuban Regency regarding the characteristics of illegal online loans, their social, economic, and psychological impacts, and the relevant legal protections under regulations such as the Electronic Information and Transactions Law, the Personal Data Protection Law, and OJK Regulation No. 77/2016. Through participatory legal education and interactive discussions, the program achieved full participation and improved participants’ knowledge by up to 75%. Residents became more capable of identifying illegal loan applications, recognizing data misuse risks, and understanding preventive measures and available legal remedies. This program effectively increased public awareness to use digital financial services more responsibly and avoid the dangers of illegal online lending.

Information security incidents within government institutions have become a critical issue due to their potential impact on public trust and socio-economic stability. This study examines the social and economic impacts of information security incidents at the General Election Commission (KPU) of Jambi Province. The research aims to identify the types of security incidents that occurred, analyze their social and economic consequences, and evaluate mitigation efforts implemented by the institution. This study employs a qualitative case study approach, using data collection techniques including document analysis, media reports, and interviews with relevant stakeholders. The findings indicate that information security incidents significantly affect public trust in electoral institutions, increase public anxiety regarding personal data protection, and generate additional economic costs related to system recovery, security enhancement, and administrative delays. Furthermore, the incidents also indirectly affect voter participation and institutional reputation. The study highlights the importance of strengthening information security governance, improving human resource awareness, and implementing comprehensive risk management strategies. The results of this research are expected to contribute to the development of more resilient information security policies in public sector institutions, particularly in electoral management bodies.

The development of information technology has produced a significant transformation in election administration mechanisms, including within the City of Palangka Raya. The digitalization of various services and information systems requires the General Elections Commission (KPU) to enhance transparency while simultaneously ensuring the security of voter data and election results. This study aims to examine the key challenges faced by the Palangka Raya KPU in balancing the need for information openness with data protection in the digital era. The research employs a qualitative descriptive method through literature review, direct observation, and structured interviews with KPU staff, election supervisors, and relevant stakeholders. The findings indicate that digitalization improves the effectiveness of public information dissemination, including through the use of Sidalih and Sirekap, yet it also introduces vulnerabilities such as potential voter data breaches, cyberattacks, and the spread of disinformation through social media. Moreover, limitations in human resources with technological expertise serve as constraints in optimizing digital security. Conversely, the implementation of data security standards and improvements in voter digital literacy contribute to strengthening public trust in the election process. Thus, the Palangka Raya KPU needs to reinforce cybersecurity infrastructure, enhance internal technical capacity, and broaden public education programs to safeguard electoral integrity amid increasing transparency demands and digital risks. Collaboration among government, academia, and the community is a strategic element in maintaining the quality of democracy in the digital era.

The integration of cloud computing and data security systems is vital for the operational success and competitiveness of fintech startups. Cloud computing enables these startups to scale quickly, manage resources efficiently, and reduce infrastructure costs, making it an indispensable tool for businesses in the rapidly evolving fintech sector. However, with the benefits come significant challenges, particularly in data protection and cybersecurity. As fintech services handle sensitive financial data, ensuring robust security measures such as encryption, access controls, and continuous monitoring is crucial to maintaining user trust. Furthermore, regulatory compliance, both local and global, adds complexity to the data protection strategies of fintech companies. This research explores the key factors that drive cloud adoption in fintech, the security challenges associated with cloud environments, and the strategies implemented by startups to address these challenges. Interviews with IT managers from Indonesian fintech startups reveal that while cloud computing offers scalability and cost-effectiveness, issues like compliance with local regulations and the protection of sensitive data remain major concerns. The research suggests that fintech startups should invest in both cloud infrastructure and advanced cybersecurity measures to protect their operations and customer data. Additionally, creating a comprehensive roadmap for regulatory compliance and fostering partnerships with cybersecurity firms will help mitigate risks and ensure long-term success. The findings highlight the importance of integrating cloud computing with effective security strategies to navigate the complex regulatory and security landscape of the fintech industry.

The rapid rise of Indonesia’s digital economy is changing how people participate as citizens and how their consumer rights are protected. This study explores the legal dimensions of digital citizenship through a normative juridical review of the Consumer Protection Law, the Electronic Information and Transactions Law, and the Personal Data Protection Law. Although these laws provide basic safeguards, significant problems remain such as data privacy violations, unclear algorithmic practices, cross-border legal barriers, and deceptive online advertising. Low public legal awareness and the absence of a unified dispute-resolution system further leave consumers vulnerable to powerful global digital platforms. The study argues that stronger protection requires embedding digital citizenship principles into Indonesia’s legal framework, harmonizing national rules with international standards, enhancing platform oversight, and improving digital literacy. In conclusion, a flexible and forward-looking legal approach is crucial to making consumer protection a core part of digital citizenship and ensuring public trust and human rights in the digital era.

Security in e-commerce applications is a crucial factor that significantly affects user trust. Many users often feel anxious about the confidentiality of personal data, transaction security, and the potential for misuse of information. This study is a systematic literature review (SLR) using the PRISMA model, aiming to analyze in depth the influence of security on user trust in the context of e-commerce applications. Through this review, relevant previous studies on user security and trust were identified and evaluated to provide a more comprehensive understanding. The results of the analysis show that the improvement and implementation of superior security features, including strict data protection, multi-layered authentication, and transparent and robust privacy policies, have an essential role in growing and strengthening user trust. Guaranteed security not only creates a sense of convenience during the transaction process, but it is also very effective in increasing and maintaining user loyalty to the e-commerce platform in question. Improving security can be interpreted as a strategic investment for the sustainability of digital businesses.

This study aims to analyze how digitalization of governance, particularly through the implementation of e-financial reporting, digital audit trails, and cloud-based data security and reliability systems, contributes to increased transparency, accountability, and data protection in educational institutions. Using a qualitative approach with in-depth interviews and thematic analysis, this study reveals that digitalization can create a more objective, standardized, and difficult-to-manipulate control mechanism. The e-financial reporting system strengthens transparency through open processes and reduces opportunities for irregularities. Digital audit trails provide authentic evidence that facilitates the process of verification, monitoring, and tracking every administrative activity in real time. Meanwhile, data security supported by layered encryption, automatic backups, and emergency recovery access increases internal and external trust in the integrity of information systems. These findings indicate that digitalization not only provides technical tools but also forms a more disciplined, adaptive, and public accountability-oriented governance structure. This study broadens understanding of the relationship between digital technology and organizational culture and provides a theoretical foundation for developing a more reliable and sustainable information system-based educational governance model.

This study aims to investigate the integration of information systems and the associated security challenges within Afghanistan's current market, emphasizing the complex relationship between technological innovation, governance stability, and institutional readiness. Using the Delphi method, the study engaged experts from academia, government, and the private sector to identify key barriers and enablers shaping Afghanistan's digital transformation. Findings reveal that the country's progress in adopting information systems is hindered by fragmented policies, weak cybersecurity awareness, infrastructure limitations, and dependency on donor-funded projects. Despite growing recognition of the importance of digitalization, Afghanistan's institutional fragility continues to impede coordinated implementation and sustainable innovation. Comparative insights with other emerging markets highlight that long-term investment in digital literacy, regulatory coherence, and private sector engagement are critical to overcoming these barriers. The study highlights the importance of adopting a hybrid developmental model that harmonizes local institutional realities with internationally recognized technological standards, fostering adaptability and resilience within Afghanistan's volatile environment. It advances existing understanding by demonstrating how governance reform, human capital enhancement, and cybersecurity integration function as mutually reinforcing components of the nation's digital transformation. Sustainable progress depends on establishing a unified national vision that bridges technology, education, and governance, thereby reinforcing market integrity and institutional stability amid persistent security and economic uncertainty.

The development of artificial intelligence technology has given birth to deepfake technology which has the potential to be misused to damage a person's digital identity. This research aims to analyze the mode of misuse of deepfake technology in Indonesia, examine its legal implications based on applicable laws and regulations, and examine the urgency of special regulation of deepfake in the Indonesian legal system. Applicable, as well as examining the urgency of special arrangements against deepfake in the Indonesian legal system. The research method used is normative juridical legal research with statutory and conceptual approaches, and data collection is carried out through literature study of primary, secondary, and tertiary legal materials tertiary. The results show that deepfake abuse can take the form of spreading fake videos, face forgery and digital identity-based fraud that harms victims socially, legally and psychologically. Although several articles in the ITE Law, Personal Data Protection Law, and Criminal Code can be used to charge perpetrators, these regulations have not specifically and explicitly regulated the characteristics and technical aspects of deepfake-based crimes. This creates obstacles in law enforcement and victim protection. Therefore, it is necessary to establish special regulations or amend existing laws so that the legal system in Indonesia is able to answer the challenges of deepfake technology appropriately, fairly, and effectively.

Development technology information , especially use WhatsApp application , has bring up phenomenon use stickers and memes as means expression in digital communication . However , misuse face somebody without permission in meme form or sticker cause problem serious law . Research This aim study provision related laws in Indonesia editing and distribution face individual without consent , use method study normative based studies library . Study results show that action the violate Copyright Act , Act Information and Electronic Transactions (ITE Law), as well as Constitution Personal Data Protection . Violations This can charged sanctions criminal Because concerning moral rights , rights economy and privacy individual . In addition to the aspects law , abuse this is also influenced by factors economy , environment social , and digital culture of society . Therefore that , is necessary education and enforcement more laws firm in order to create ethical and responsible digital space answer .