Analisis Yuridis Pasal 26 Undang-Undang Nomor 27 Tahun 2022 tentang Perlindungan Data Pribadi terhadap Kebocoran Data Digital di Indonesia
Article Sidebar
Main Article Content
Abstract
This study examines Article 26 of Law No. 27 of 2022 on Personal Data Protection (PDP Law) in Indonesia, focusing on its provisions related to digital data breaches. With the increasing use of digital platforms, the risk of personal data breaches has grown significantly, making data protection a critical issue for policymakers. Article 26 outlines the obligations of data controllers and processors in the event of a data breach, particularly requiring prompt notification to affected individuals and the relevant regulatory authority. This paper employs a normative legal analysis to assess the effectiveness of these provisions in safeguarding personal data, comparing them with international standards such as the European Union’s General Data Protection Regulation (GDPR). The analysis identifies strengths, including the obligation to notify breaches, while also highlighting weaknesses, such as the absence of clear deadlines for breach reporting and insufficient enforcement mechanisms. The study concludes with recommendations to strengthen the Personal Data Protection Law, including clarifying notification timelines, enhancing sanctions, and improving infrastructure for breach reporting and law enforcement.
Article Details
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
References
Amaro, M. C. (2020). La seguridad de los datos personales y la obligación de notificar las brechas de seguridad. Revista de Derecho, Empresa y Sociedad (REDS), 16, 151–162.
Arief, L. S., & Purwanto, R. (2025). Tinjauan Yuridis Undang-Undang Perlindungan Data Pribadi Tahun 2022 dalam Menangani Kebocoran Data Pelanggan E-Commerce. Pemuliaan Keadilan, 2(3), 85–102.
Asija, R., & Nallusamy, R. (2014). Data model to enhance the security and privacy of healthcare data. 2014 IEEE Global Humanitarian Technology Conference-South Asia Satellite (GHTC-SAS), 237–244.
Astuti, E. F., Hidayanto, A. N., Nurwardani, S., & Salsabila, A. Z. (2024). Assessing Indonesian MSMEs’ Awareness of Personal Data Protection by PDP Law and ISO/IEC 27001: 2013. International Journal of Safety & Security Engineering, 14(5).
Banisar, D., & Davies, S. (1999). Global trends in privacy protection: An international survey of privacy, data protection, and surveillance laws and developments. J. Marshall J. Computer & Info. L., 18, 1.
Chushairi, S. M., Fithry, A., & Rusfandi, R. (2025). Perlindungan Hukum Bagi Korban Atas Kebocoran Pusat Data Nasional Sementara (PDNs) Perspektif Perlindungan Data Pribadi. Jurnal Jendela Hukum, 12(2), 89–122.
Dewi, S. (2015). Privasi atas Data Pribadi: Perlindungan Hukum dan Bentuk Pengaturan di Indonesia. Jurnal De Jure, 15(2), 165.
Karnedi, G., & Alam, R. G. (2025). Evaluasi Regulasi Perlindungan Data Pribadi di Indonesia: Komparasi dengan GDPR Uni Eropa. El-Mujtama J. Pengabdi. Masy, 5(3), 610–622.
Kriswandaru, A. S., Pratiwi, B., & Suwardi, S. (2024). Efektivitas Kebijakan Perlindungan Data Pribadi di Indonesia: Analisis Hukum Perdata dengan Pendekatan Studi Kasus. Hakim: Jurnal Ilmu Hukum Dan Sosial, 2(4), 740–756.
Lutrianto, I., & Riswaldi, R. (2025). Legal Problems of Personal Data Protection in The Digital Era in Personal Data Protection Law in Indonesia. Greenation International Journal of Law and Social Sciences, 3(2), 345–350.
Natamiharja, R., Sabatira, F., Fakih, M., Davey, O. M., & Anam, H. (2022). Patient Rights During the Covid-19 Pandemic: The Dilemma between Data Privacy and Transparency in Indonesia. The Age of Human Rights Journal, 19, 121–136.
Olayinka, O., & Win, T. (2022). Cybersecurity and Data Privacy in the Digital Age: Two Case Examples. In Handbook of Research on Digital Transformation, Industry Use Cases, and the Impact of Disruptive Technologies (pp. 117–131). IGI Global.
Raib, M. I. E., Rosadi, S. D., & Cahyadini, A. (2025). Perbandingan penerapan prinsip transparansi antara Indonesia dengan Irlandia dalam hal terjadinya kegagalan pelindungan data pribadi. Eksekusi: Jurnal Ilmu Hukum Dan Administrasi Negara, 3(2), 51–71.
Rinjani, M. A., & Firmansyah, R. (2025). Hambatan Implementasi UU 27/2022 dan Strategi Penguatan Perlindungan Data Pribadi di Indonesia. Jurnal Analisis Hukum, 8(1), 70–83.
Rosadi, S. D. (2018). Protecting privacy on personal data in digital economic era: Legal framework in Indonesia. Brawijaya Law Journal, 5(1), 143–157.
Simanjuntak, P. H. (2024). Perlindungan hukum terhadap data pribadi pada era digital di Indonesia: Studi undang-undang perlindungan data pribadi dan general data protection regulation (gdpr). Esensi Hukum, 6(2), 105–124.
Taufiq, M., & Kenyo, A. S. (2025). The Legal Protection of Personal Data in the Digital Era: A Comparative Study of Indonesian Law and the GDPR. International Journal of Business, Law, and Education, 6(2), 1260–1268.
Utomo, S. (2024). Personal data protection through law number 27 of 2022: challenges of cybercrime in the era of globalization and digital. Pena Justisia: Media Komunikasi Dan Kajian Hukum, 23(2), 2967–2975.
Wijayanto, D. D., & Indrayanti, K. W. (2025). Personal Data Protection in Digital Business Based on the Law on Personal Data Protection. International Journal of Research in Social Science and Humanities (IJRSS) ISSN: 2582-6220, DOI: 10.47505/IJRSS, 6(8), 6–12.
Yuniarti, S. (2019). Perlindungan Hukum Data Pribadi Di Indonesia. Business Economic, Communication, and Social Sciences (BECOSS) Journal, 1(1), 147–154. https://doi.org/10.21512/becossjournal.v1i1.6030