Publication Search

The digital transformation in Indonesia’s banking sector has significantly increased the use of digital banking services; however, it has not been fully accompanied by optimal customer trust. This study aims to examine the effect of perceived risk, data privacy protection, and digital service quality on customer trust, both partially and simultaneously. A quantitative approach was employed using survey data collected from 150 digital banking users in Indonesia. Data were analyzed using Structural Equation Modeling based on Partial Least Square (SEM-PLS). The results indicate that perceived risk has a negative and significant effect on trust, while data privacy protection and digital service quality have positive and significant effects on trust. Simultaneously, all variables significantly influence trust, with an R² value of 0.672, indicating strong explanatory power. Compared to prior studies, this research contributes novelty by integrating these three variables into a comprehensive model. The findings reveal that digital service quality is the most dominant factor influencing customer trust. This study concludes that enhancing customer trust requires an integrated approach through effective risk management, strengthened data protection, and continuous improvement in digital service quality.

Phishing is a form of cybercrime that has experienced a significant increase in frequency within Indonesia. This fraudulent practice aims to deceive victims into surrendering personal data or sensitive financial information by impersonating trusted institutions. Such crimes result in substantial losses for both individuals and the business sector, particularly concerning personal data protection and digital transaction security. This research aims to analyze the legal regulations and the role of supervisory institutions in addressing phishing threats in Indonesia using a normative legal research method. The legal analysis encompasses the implementation of the Electronic Information and Transactions Law (UU ITE), specifically Article 28, paragraph (1), and the Personal Data Protection Law (UU No. 27 of 2022), which serves as the primary foundation for privacy rights. Furthermore, this study examines the Consumer Protection Law and the Indonesian Criminal Code (KUHP) as enforcement instruments. The strategic roles of the Financial Services Authority (OJK) and Bank Indonesia (BI) are also discussed in the context of risk mitigation within the financial sector. The findings indicate that law enforcement effectiveness is still hindered by low digital literacy, limited forensic technology infrastructure, and jurisdictional challenges in tracking cross-border perpetrators. Consequently, a synergy between regulatory strengthening, international collaboration, and massive public education is required to comprehensively suppress these cybercriminal activities.

This study aims to examine the influence of local wisdom as a living law on personal data protection behavior, as well as assess the role of Islamic law ethics and digital literacy in the context of intimate digital crime in Indonesia. The background of this research is based on the increasing cases of misuse of personal data in the digital space that have not been fully responded to effectively through formal legal approaches. The method used a quantitative approach with a correlational explanatory design. Data were obtained through the distribution of a questionnaire based on the Likert scale to 150 respondents who were selected purposively, then analyzed using descriptive statistics, Pearson correlation, and simple linear regression. The results showed that local wisdom of alwasliyahan had a positive and significant influence on personal data protection behavior (β = 0.42; p < 0.05). Islamic legal ethics serve as a mediating variable that strengthens the relationship, while digital literacy provides a positive influence at a moderate level. These findings show that the internalization religious and cultural values plays an important role in shaping individual awareness and behavior in protecting personal data in the digital era. The conclusion of this study emphasizes that local wisdom can function effectively as a living law in supporting the protection of personal data. This research makes theoretical contribution the development of the study of Islamic law and the sociology of law, as well as practical implications for policy formulation that integrates formal regulations, cultural values, and digital literacy.

This study aims to evaluate the effectiveness of implementing Law Number 27 of 2022 concerning Personal Data Protection in Indonesia's efforts to prevent and combat phishing crimes. This research employs a normative legal method to analyze the implementation of the PDP Law in the context of preventing and combating phishing crimes. The findings indicate that the PDP Law has provided a comprehensive legal framework for protecting personal data, including data that is often targeted by phishing attacks.The implementation of the PDP Law is overseen by the Personal Data Protection Authority, which has the authority to impose administrative sanctions, support law enforcement processes, and evaluate cross-border data transfers. To achieve maximum effectiveness in combating phishing crimes, strong synergy is needed between the government, private sector, and the public. The PDP Law has provided a good legal framework, but the success of its implementation is highly dependent on the commitment of all parties to work together in protecting personal data.

The development of technology-based peer-to-peer financing services (LPBBTI) in Indonesia, including platforms like Shopee Paylater, has facilitated easier access to credit. However, this progress is accompanied by cybersecurity risks, such as unauthorized use and account breaches. This study aimed to (1) analyze the operation of LPBBTI under prevailing regulations, and (2) examine the legal liability of parties in cases of Shopee Paylater credit breaches.The study employed a normative legal approach with prescriptive characteristics, combining statutory, conceptual, and case-based analyses. Primary and secondary legal materials were obtained through literature review of Law No. 8 of 1999, POJK No. 10 of 2022, POJK No. 40 of 2024, and personal data protection regulations. The analysis was conducted descriptively and qualitatively. The findings indicate that, despite OJK regulations, Shopee Paylater’s electronic agreements still contain standard clauses that unilaterally shift all account security risks to users. This practice potentially violates Article 18(1)(a) of the Consumer Protection Law and is void under Article 18(3). Consequently, consumers remain liable for payments even if transactions are conducted illegally by third parties. In line with Article 19 of the Consumer Protection Law, service providers should assume liability, as system security is under their control.

Article 20 of the Personal Data Protection Law (UU PDP) normatively regulates the protection of data subjects and constitutes a key provision emphasizing the principle of consent as the legal basis for the processing of personal data for commercial purposes. This norm safeguards individual privacy rights, including the validity of explicit consent, the right to withdraw consent, and the responsibility of data controllers. Furthermore, Articles 65–70 of the UU PDP substantively regulate various forms of criminal violations in the context of personal data protection, including the acquisition, disclosure, processing, falsification, and illegal use of personal data, demonstrating the state’s commitment to providing criminal law protection against personal data breaches. This study employs doctrinal legal research with a descriptive-normative approach to address two main issues. First, it aims to examine and identify the legal protection of personal data trading under the UU PDP. Second, it seeks to analyze and identify the legal certainty of personal data trading as regulated by the UU PDP. Although Article 20 of the UU PDP is intended to provide strong protection against the commercial use of personal data, the provision still gives rise to legal uncertainty due to the lack of clear regulation of several crucial aspects. Similarly, Articles 65–70 contain significant legal uncertainties, particularly with regard to the elements of criminal offenses, forms of harm, corporate criminal liability, overlap with other regulations, and the absence of clear enforcement mechanisms and implementing institutions.  

Article 20 of the Personal Data Protection Law (PDP Law) normatively regulates the protection of data subjects and constitutes a pivotal provision that underscores the principle of consent as the legal basis for the processing of personal data for commercial purposes. This normative framework safeguards individuals’ right to privacy, encompassing the validity of explicit consent, the right to withdraw such consent, and the accountability of data controllers. In parallel, Articles 65 to 70 of the PDP Law substantively establish various categories of criminal offenses within the context of personal data protection. These include the unlawful acquisition, disclosure, processing, falsification, and utilization of personal data. Collectively, these provisions reflect the State’s commitment to ensuring criminal legal protection against violations of personal data.This research adopts a doctrinal legal methodology with a descriptive-normative approach to address two primary issues: First, to examine and identify the scope of legal protection concerning the trade of personal data under the PDP Law; and Second, to assess and determine the degree of legal certainty afforded to the trade of personal data within the framework of the PDP Law.Notwithstanding the protective intent embodied in Article 20—particularly concerning the commercial use of personal data—this provision gives rise to legal uncertainty due to the absence of comprehensive regulatory clarity on several critical aspects. Similarly, Articles 65 to 70 continue to exhibit significant legal ambiguities, particularly with respect to the constituent elements of offenses, the definition of harm, corporate liability, regulatory overlap with other legislative instruments, and the lack of clear enforcement mechanisms and implementing institutions.

The rapid development of information technology has increased the use of online lending services, including illegal platforms that impose excessive interest rates, misuse personal data, and employ intimidating debt collection practices. Limited legal and digital literacy has made communities more vulnerable to these risks. This Community Service Program aims to enhance the understanding of residents in Kradenan Village, Tuban Regency regarding the characteristics of illegal online loans, their social, economic, and psychological impacts, and the relevant legal protections under regulations such as the Electronic Information and Transactions Law, the Personal Data Protection Law, and OJK Regulation No. 77/2016. Through participatory legal education and interactive discussions, the program achieved full participation and improved participants’ knowledge by up to 75%. Residents became more capable of identifying illegal loan applications, recognizing data misuse risks, and understanding preventive measures and available legal remedies. This program effectively increased public awareness to use digital financial services more responsibly and avoid the dangers of illegal online lending.

Information security incidents within government institutions have become a critical issue due to their potential impact on public trust and socio-economic stability. This study examines the social and economic impacts of information security incidents at the General Election Commission (KPU) of Jambi Province. The research aims to identify the types of security incidents that occurred, analyze their social and economic consequences, and evaluate mitigation efforts implemented by the institution. This study employs a qualitative case study approach, using data collection techniques including document analysis, media reports, and interviews with relevant stakeholders. The findings indicate that information security incidents significantly affect public trust in electoral institutions, increase public anxiety regarding personal data protection, and generate additional economic costs related to system recovery, security enhancement, and administrative delays. Furthermore, the incidents also indirectly affect voter participation and institutional reputation. The study highlights the importance of strengthening information security governance, improving human resource awareness, and implementing comprehensive risk management strategies. The results of this research are expected to contribute to the development of more resilient information security policies in public sector institutions, particularly in electoral management bodies.

The rapid rise of Indonesia’s digital economy is changing how people participate as citizens and how their consumer rights are protected. This study explores the legal dimensions of digital citizenship through a normative juridical review of the Consumer Protection Law, the Electronic Information and Transactions Law, and the Personal Data Protection Law. Although these laws provide basic safeguards, significant problems remain such as data privacy violations, unclear algorithmic practices, cross-border legal barriers, and deceptive online advertising. Low public legal awareness and the absence of a unified dispute-resolution system further leave consumers vulnerable to powerful global digital platforms. The study argues that stronger protection requires embedding digital citizenship principles into Indonesia’s legal framework, harmonizing national rules with international standards, enhancing platform oversight, and improving digital literacy. In conclusion, a flexible and forward-looking legal approach is crucial to making consumer protection a core part of digital citizenship and ensuring public trust and human rights in the digital era.

The development of artificial intelligence technology has given birth to deepfake technology which has the potential to be misused to damage a person's digital identity. This research aims to analyze the mode of misuse of deepfake technology in Indonesia, examine its legal implications based on applicable laws and regulations, and examine the urgency of special regulation of deepfake in the Indonesian legal system. Applicable, as well as examining the urgency of special arrangements against deepfake in the Indonesian legal system. The research method used is normative juridical legal research with statutory and conceptual approaches, and data collection is carried out through literature study of primary, secondary, and tertiary legal materials tertiary. The results show that deepfake abuse can take the form of spreading fake videos, face forgery and digital identity-based fraud that harms victims socially, legally and psychologically. Although several articles in the ITE Law, Personal Data Protection Law, and Criminal Code can be used to charge perpetrators, these regulations have not specifically and explicitly regulated the characteristics and technical aspects of deepfake-based crimes. This creates obstacles in law enforcement and victim protection. Therefore, it is necessary to establish special regulations or amend existing laws so that the legal system in Indonesia is able to answer the challenges of deepfake technology appropriately, fairly, and effectively.

Development technology information , especially use WhatsApp application , has bring up phenomenon use stickers and memes as means expression in digital communication . However , misuse face somebody without permission in meme form or sticker cause problem serious law . Research This aim study provision related laws in Indonesia editing and distribution face individual without consent , use method study normative based studies library . Study results show that action the violate Copyright Act , Act Information and Electronic Transactions (ITE Law), as well as Constitution Personal Data Protection . Violations This can charged sanctions criminal Because concerning moral rights , rights economy and privacy individual . In addition to the aspects law , abuse this is also influenced by factors economy , environment social , and digital culture of society . Therefore that , is necessary education and enforcement more laws firm in order to create ethical and responsible digital space answer .

Marketing activities of limited liability companies (LLC) in Indonesia are not merely business strategies but also legal activities that entail juridical consequences. The increasingly complex dynamics of modern marketing, including digital marketing, e-commerce, and the utilization of consumer personal data, demonstrate that marketing activities cannot be separated from business law regulations, whether related to consumer protection, fair competition, electronic information, or personal data protection. Marketing by LLC in Indonesia is regulated by various laws aimed at creating fair, transparent transactions while avoiding practices that could harm consumers. From a business law perspective, marketing in Indonesia, especially within limited liability companies, plays a crucial role in maintaining the smooth operation of businesses that benefit not only the company but also the wider society, including consumers. Marketing activities by LLC must consistently adhere to the principles of law, including consumer protection and the obligation to ensure transparency in every promotional activity or advertisement. This study employs a normative juridical method with both statutory and conceptual approaches. The analysis is conducted qualitatively through systematic and teleological legal interpretation, supported by secondary legal materials such as academic literature and recent scholarly articles on business law and marketing. The findings reveal that marketing activities of limited liability companies are closely intertwined with business law, as all contracts, promotions, and marketing strategies constitute legal acts that must adhere to the principles of honesty, transparency, and fair competition. Revenue growth through effective marketing can only be achieved sustainably if it is designed in accordance with the principles of good corporate governance and legal compliance. Thus, marketing in the perspective of business law functions not only as a commercial tool but also as an instrument for creating legitimate, ethical, and equitable value for both the company and society.

This study analyzes the impact of implementing Indonesia’s Law No. 27 of 2022 on Personal Data Protection (PDP Law) on cybersecurity in the e-business sector. Using a normative qualitative approach through literature analysis, this research examines the regulation’s implications for technical infrastructure, compliance procedures, and human resource capacity development within e-business operations. The findings indicate that although the PDP Law provides a comprehensive legal framework and human-centered principles for personal data protection, its implementation faces technical, operational, and economic challenges, particularly for micro, small, and medium enterprises (MSMEs). These challenges include limited security infrastructure, lack of technical expertise, and high investment costs. Nevertheless, adopting strategies such as multi-layer security architecture, zero-trust security model, privacy by design, and strengthening human resource capacity can enhance consumer trust, industry credibility, and the global competitiveness of Indonesia’s e-business sector. This study contributes to the literature by bridging the gap between personal data protection regulation and cybersecurity practices while offering strategic recommendations for both business actors and regulators.

This study employs a normative juridical approach to examine the legal aspects of implementing financial technology (fintech) in healthcare financing in Indonesia. The rapid development of fintech offers potential solutions for addressing financial barriers in healthcare access. However, it also presents legal and regulatory challenges, particularly concerning consumer protection, data privacy, and institutional coordination. The analysis focuses on several key legal instruments, including Law No. 8 of 1999 on Consumer Protection, Law No. 11 of 2008 on Electronic Information and Transactions (ITE), Law No. 17 of 2023 on Health and its implementing regulation, Government Regulation No. 28 of 2024, and Law No. 27 of 2022 on Personal Data Protection. Additionally, regulations issued by the Financial Services Authority (OJK), which govern the operations of fintech companies in Indonesia, are also considered. The findings indicate that while there is a growing regulatory framework supporting fintech integration into the health sector, several gaps remain, particularly in terms of coordination between regulatory bodies and stakeholders in health and finance. The study identifies the need for comprehensive policy harmonization to ensure that fintech-based healthcare financing systems are secure, transparent, and inclusive. Furthermore, it emphasizes the importance of strengthening data protection mechanisms and enhancing regulatory oversight, especially for fintech services operating in partnership with healthcare providers. As fintech continues to reshape the landscape of healthcare financing, robust legal safeguards must be developed to mitigate potential risks and ensure equitable access to health services. The study concludes by recommending an integrated legal and institutional approach to support the safe and ethical implementation of fintech in Indonesia's healthcare sector.

The development of information technology has brought about significant changes in the social, economic, and legal life of global society. On the one hand, digitalization creates efficiency and convenience in various activities, such as financial transactions, communications, and access to information. However, on the other hand, this progress has also given rise to a new form of crime known as cybercrime. Cybercrime differs from conventional crime in that it is committed through electronic systems that can cross national borders and involve a large number of victims. This crime encompasses various forms, such as data hacking, online fraud, and malware distribution. This research aims to examine the development of cybercrime as a form of modern crime in the digital era and to assess the response of Indonesian criminal law to these challenges. The method used is normative legal, with a statutory, conceptual, and case study approach. This research also examines existing regulations, such as Law Number 11 of 2008 concerning Electronic Information and Transactions (ITE) and Law Number 27 of 2022 concerning Personal Data Protection, in addressing cybercrime issues. The research results show that although Indonesia has several regulations related to cybercrime, their implementation still faces various obstacles. Some of the main obstacles include suboptimal law enforcement, limited technology and human resources, and low levels of public digital awareness. Therefore, regulatory reform, institutional capacity development, and increasing public digital literacy are essential. This is part of a national strategy to address cybercrime comprehensively and sustainably, in order to create a safer and more trustworthy digital environment.

The rapid expansion of Indonesia’s digital economy and the enactment of the Personal Data Protection Law (Law 27/2022) have exposed significant shortcomings in the resolution of data-related disputes under existing judicial and administrative frameworks. Public adjudication of sensitive data conflicts can erode trust, impose reputational damage, and delay reparative outcomes, while courts often lack specialized expertise in technology and privacy. Drawing upon international precedents including the European Data Protection Board’s Article 65 GDPR mechanism, the EU–US Data Privacy Framework arbitration annex, and the European Patent Office’s data-protection arbitration rules this study examines the urgency and feasibility of establishing a dedicated Data Dispute Arbitration Forum in Indonesia. Through comparative analysis, it identifies core design elements such as expert-appointed tribunals, streamlined online procedures, confidentiality safeguards, clear enforcement under the New York Con-vention, and mechanisms for restorative remedies beyond fines. Anchored in Pancasila’s social-justice ethos and Indonesia’s ADR law (Law 30/1999) and ITE Law, the proposed institutional architecture integrates online dispute resolution (ODR) protocols, data-minimization and cybersecurity guidelines, and publicly anonymized award publication to foster legal certainty and raise awareness of data-protection obligations. A stakeholder impact assessment demonstrates that such a forum would benefit individual data subjects through low-cost, expeditious relief; controllers and processors through predictability and trade-secret protection; regulators through expert findings; and foreign investors through alignment with global data-governance standards. By aligning domestic legal values with international best practices, the specialized forum promises to bolster enforcement, restore public trust, and strengthen Indonesia’s competitiveness in the global digital marketplace.

Indonesia's digital transformation has accelerated dramatically, creating unprecedented opportunities alongside significant cybersecurity challenges. This article examines the current state (das sein) and normative expectations (das sollen) of Indonesia's cybersecurity and data protection legal framework through a comprehensive normative legal analysis. The study reveals critical gaps in existing legislation, particularly the Information and Electronic Transactions Law (UU ITE). It evaluates the potential impact of emerging regulatory frameworks, including the Draft Law on Personal Data Protection (RUU PDP). Using normative legal research methodology, this analysis draws from statutory regulations, policy documents, and comparative legal studies to assess Indonesia's legal preparedness for evolving cyber threats. The findings indicate that while foundational legal instruments exist, significant normative reforms are required to address sophisticated cybercrime, protect individual privacy rights, and maintain national digital security. The research concludes with actionable recommendations for legislative enhancement, institutional strengthening, and public-private collaboration to establish a robust, adaptive cybersecurity legal regime that meets international standards while addressing Indonesia's unique socio-legal context.

In the rapidly evolving digital era, data breaches have emerged as a serious threat, particularly in the e-commerce sector which handles vast amounts of customers’ personal data. The protection of personal data has therefore become a crucial issue, requiring effective regulation to ensure digital privacy. In response to this growing concern, Indonesia enacted the Personal Data Protection Law (UU PDP) in 2022 as a significant step toward strengthening digital privacy and security. This study aims to evaluate the effectiveness of the 2022 PDP Law in addressing customer data breach incidents on e-commerce platforms in Indonesia. Using a qualitative approach and case study method, this research analyzes several high-profile data breach cases involving major e-commerce companies in the country. The findings indicate that, although the PDP Law has established a clear legal framework regarding the obligations of reporting and managing data breaches, its implementation still faces multiple challenges. Some companies have not fully complied with the legal timeframes for notifying users, and there is a general lack of transparency in how data breach incidents are managed. These shortcomings reveal a gap between the regulatory framework and practical enforcement in the field. Furthermore, the study highlights the limited public awareness and the insufficient preparedness of some companies in responding to data security incidents in accordance with the law. As a result, the rights of consumers to be informed and protected are not always upheld effectively. This research recommends stronger supervision by relevant authorities to ensure stricter enforcement of the PDP Law. It also underscores the need for ongoing education and intensive training for e-commerce companies to enhance their capacity to prevent, detect, and respond to data breaches in compliance with the legal standards. By reinforcing regulatory implementation and organizational readiness, Indonesia can better safeguard digital consumer rights in the growing e-commerce landscape.

The digital era has brought significant changes in the way humans access, store, and share information. Amidst these technological advances, major challenges have emerged to the protection of individual privacy rights. Personal information is increasingly easy to collect and process by various parties, both by state institutions, technology companies, and individual users. On the other hand, the need for freedom of information is also increasing, especially in the context of transparency, public participation, and data openness. The balance between cybersecurity and freedom of information is a crucial issue that must be addressed comprehensively. This paper aims to examine the protection of privacy rights in the digital era by highlighting the tension between data security efforts and demands for information openness. The method used is a literature study with a qualitative approach. The results of the study show that privacy protection requires clear regulations, such as the Personal Data Protection Law in Indonesia, as well as public awareness in protecting personal data. On the other hand, freedom of information must still be maintained so that it is not misused to violate individual rights. Therefore, a balanced approach is needed between regulation, education, and technology to create a digital space that is safe, fair, and respects human rights.