The Urgency of Compliance Audit 5.0 Through an Approach to Personal Data Protection Law
Pentingnya Audit Kepatuhan 5.0 Melalui Pendekatan terhadap Undang-Undang Perlindungan Data Pribadi
DOI:
https://doi.org/10.30649/ph.v26i1.433Keywords:
Data Protection, Privacy, Legal Audit, CybercrimeAbstract
Datacrime is increasing massively and collectively in the era of Society 5.0. The era of data digitization has given rise to advances in information technology that affect all aspects of human life. The victims not only suffered material losses, but also immaterial. In Indonesia, there are not only cases of crimes against personal data in the financial sector (theft of customer data), but also in the public service sector, namely the leakage of voter data from the Indonesian Election Commission. This study aims to provide a comprehensive picture of personal data crimes, including descriptions of modus operandi and of how compliance audits are conducted from a personal data protection law perspective. The researcher used normative legal research, with a case approach, to explore the series of crimes and to unravel the ratio decidendi of the court's decision. This article also uses a conceptual approach, namely the perspective of Lex Specialist Data, and the regulation of digital data privacy. The technical regulation of data privacy legal aspects in the legal compliance audit aligns with the strengthening of personal data protection laws. The idea of a legal compliance audit through a personal data protection approach helps prevent and even mitigate the risk of data privacy crimes.
Downloads
References
Adami Chazawi, Ardi Ferdian, Tindak Pidana Informasi & Transaksi Elektronik Penyerangan terhadap Kepentingan Hukum Pemanfaatan Teknologi Informasi dan Transaksi Elektronik, (Malang: Media Nusa Creative, Malang, 2015)
Akyuwen, Roberto, Keamanan Siber Bank, (Jakarta: Infobank Publishing, 2024)
Budhijanto, Danrivanto, Hukum Perlindugan Data Pribadi Di Indonesia Cyberlaw & Cybersecurity, (Bandung: PT. Refika Aditama, 2023)
Kania, Aisha Pasaman, et al, Indonesia Gen Z Report 2024 Understanding and Uncovering the Behavior, Challenges, and Opportunities (IDN Media, 2024)
Lessig, Lawrence., Code and Other Laws of Cyberspace, (New York: Basic Books, 1999)
Marzuki, Peter Mahmud, Penelitian Hukum Edisi Revisi, (Jakarta: Kencana Predana Media Group, 2021)
Otoritas Jasa Keuangan, Pedoman Keamanan Siber Bagi Penyelenggara ITSK, (Jakarta: Kelompok Spesialis Layanan Digital dan Keamanan Siber (KSLK), 2021)
Ramli A.M., & Ramli T.S., Hukum Sebagai Infrastruktur Transformasi Indonesia Regulasi dan Kebijakan Digital, (Bandung: PT. Refika Aditama,2022)
Romli, A.M., Undang-Undang Perlindungan Data Pribadi dan Korporasi Pembahasan Isu -Isu Aktual Undang-Undang Nomor 27 tahun 2022 tentang Perlindungan Data Pribadi, (Bandung: PT. Refika Aditama, 2023)
Smith, Jan, Komputer: Suatu Tantangan Baru di Bidang Hukum, (Surabaya: Airlangga University Press, 1991)
Adebowale, Moruf Akin, Khin T. Lwin, and M. A. Hossain. “Intelligent Phishing Detection Scheme Using Deep Learning Algorithms.” Journal of Enterprise Information Management 36, no. 3 (April 24, 2023): 747–66. https://doi.org/10.1108/JEIM-01-2020-0036.
Aidonojie, Paul Atagamen, Toyin Afolabi Majekodunmi, Obieshi Eregbuonye, and Isaac Ottah Ogbemudia. “Legal Issues Concerning of Data Security and Privacy in Automated Income Tax Systems in Nigeria.” Hang Tuah Law Journal 8, no. 1 (2024): 14–41. https://doi.org/10.30649/htlj.v8i1.223.
Alfawzan, Najd, Markus Christen, Giovanni Spitale, and Nikola Biller-Andorno. “Privacy, Data Sharing, and Data Security Policies of Women’s MHealth Apps: Scoping Review and Content Analysis.” JMIR MHealth and UHealth 10, no. 5 (2022). https://doi.org/10.2196/33735.
Althabhawi, Nabeel Mahdi, Zinatul Ashiqin Zainol, and Parviz Bagheri. “Society 5.0: A New Challenge to Legal Norms.” Sriwijaya Law Review 6, no. 1 (2022): 41–54. https://doi.org/10.28946/slrev.Vol6.Iss1.1415.pp41-54.
Baik, Jeeyun (Sophia). “Data Privacy against Innovation or against Discrimination?: The Case of the California Consumer Privacy Act (CCPA).” Telematics and Informatics 52 (September 1, 2020). https://doi.org/10.1016/j.tele.2020.101431.
Balachandar, V., and K. Venkatesh. “Privacy-Enhanced Secure Framework for Educational Data Protection and Analysis.” International Journal of Information Technology (Singapore) 17, no. 5 (2025): 2887–2904. https://doi.org/10.1007/s41870-025-02458-4.
Bolton, Tom, Tooska Dargahi, Sana Belguith, Mabrook S. Al-Rakhami, and Ali Hassan Sodhro. “On the Security and Privacy Challenges of Virtual Assistants.” Sensors 21, no. 7 (2021): 1–19. https://doi.org/10.3390/s21072312.
Budiartha, I Nyoman Putu, I Made Pria Dharsana, and Indrasari Kresnadjaja. “Penguatan Konstruksi Hukum Perihal Perlindungan Data Pribadi.” Jurnal Magister Hukum Udayana 12, no. 1 (2023): 56–65. https://doi.org/10.24843/JMHU.2023.v12.i0 1.p05.
Chen, Yu Chen, Jiann Liang Chen, and Yi Wei Ma. “AI@TSS- Intelligent Technical Support Scam Detection System.” Journal of Information Security and Applications 61 (September 1, 2021). https://doi.org/10.1016/j.jisa.2021.102921.
Gill, Sajid Habib, Mirza Abdur Razzaq, Muneer Ahmad, Fahad M. Almansour, Ikram Ul Haq, Nz Jhanjhi, Malik Zaib Alam, and Mehedi Masud. “Security and Privacy Aspects of Cloud Computing: A Smart Campus Case Study.” Intelligent Automation and Soft Computing 31, no. 1 (2022): 117–28. https://doi.org/10.32604/IASC.2022.016597.
Handayani, Amiliya. “Perlindungan Hukum Terhadap Tindakan Pencurian Data Pribadi Pada Layanan Fintech Lending Atas Ancaman Cyber Security Di Indonesia.” Jurist-Diction 6, no. 4 (October 1, 2023): 605–30. https://doi.org/10.20473/jd.v6i4.51212.
Humayun, Mamoona, N. Z. Jhanjhi, Ahmed Alsayat, and Vasaki Ponnusamy. “Internet of Things and Ransomware: Evolution, Mitigation and Prevention.” Egyptian Informatics Journal. Elsevier B.V., March 1, 2021. https://doi.org/10.1016/j.eij.2020.05.003.
Kavoliūnaitė-Ragauskienė, Eglė. “Right to Privacy and Data Protection Concerns Raised by the Development and Usage of Face Recognition Technologies in the European Union.” Journal of Human Rights Practice 16, no. 2 (2024): 658–74. https://doi.org/10.1093/jhuman/huad065.
Lee, In. “Cybersecurity: Risk Management Framework and Investment Cost Analysis.” Business Horizons 64, no. 5 (2021): 659–71. https://doi.org/10.1016/j.bushor.2021.02.022.
Lei, Jian, Quanwang Wu, and Jin Xu. “Privacy and Security-Aware Workflow Scheduling in a Hybrid Cloud.” Future Generation Computer Systems 131 (2022): 269–78. https://doi.org/10.1016/j.future.2022.01.018.
Lois, Petros, George Drogalas, Alkiviadis Karagiorgos, and Kostantinos Tsikalakis. “Internal Audits in the Digital Era: Opportunities Risks and Challenges.” EuroMed Journal of Business 15, no. 2 (June 22, 2020): 205–17. https://doi.org/10.1108/EMJB-07-2019-0097.
Maiorescu, Irina, Larisa Gabudeanu, Alexandru Lucian Vîlcea, Gabriel Cristian Sabou, and Marian Dârdală. “Intrusiveness And Data Protection In Iot Solutions For Smart Homes.” Amfiteatru Economic 23, no. 57 (2021): 429–47. https://doi.org/10.24818/EA/2021/57/429.
Marzuki, Peter Machmudz. “The Essence of Legal Research Is to Resolve Legal Problems.” Yuridika 37, no. 1 (March 1, 2022): 37–58. https://doi.org/10.20473/ydk.v37i1.34597.
Peter, Dede Ibiere, and Ben Collin Emeka Ndinojuo. “Privacy Awareness and Social Media: Personal Data Protection among Facebook** and Instagram** Users.” Galactica Media: Journal of Media Studies 6, no. 3 (2024): 168–98. https://doi.org/10.46539/gmd.v6i3.489.
Pleger, Lyn E., Katharina Guirguis, and Alexander Mertes. “Making Public Concerns Tangible: An Empirical Study of German and UK Citizens’ Perception of Data Protection and Data Security.” Computers in Human Behavior 122, no. February 2020 (2021): 106830. https://doi.org/10.1016/j.chb.2021.106830.
Ramli, Tasya Safiranita, Ahmad M. Ramli, Huala Adolf, Eddy Damian, and Miranda Risang Ayu Palar. “Over-the-Top Media in Digital Economy and Society 5.0.” Journal of Telecommunications and the Digital Economy 8, no. 3 (2020): 60–67. https://doi.org/10.18080/jtde.v8n3.241.
Romansky, Radi P., and Irina S. Noninska. “Challenges of the Digital Age for Privacy and Personal Data Protection.” Mathematical Biosciences and Engineering 17, no. 5 (August 10, 2020): 5288–5303. https://doi.org/10.3934/MBE.2020286.
Sani, Anita, Joni Emirzon, and Annalisa Yahanan. “Keseimbangan Perlindungan Hukum Antara Konsumen Dan Pelaku Usaha.” Jurnal Magister Hukum Udayana 13, no. 2 (2024): 302–18. https://doi.org/10.24843/JMHU.2024.v13.i0.
Shahul Ikram, Nur Adlin Hanisah. “Data Breaches Exit Strategy: A Comparative Analysis of Data Privacy Laws.” Malaysian Journal of Syariah and Law 12, no. 1 (2024): 135–47. https://doi.org/10.33102/mjsl.vol12no1.458.
Supriyadi, Daniar. “The Regulation of Personal and Non-Personal Data in the Context of Big Data.” Journal of Human Rights, Culture and Legal System 3, no. 1 (2023): 33–69. https://doi.org/10.53955/jhcls.v3i1.71.
Tao, Lei, Jinhan Wan, and Bo Wen. “The Effects of Artificial Intelligence and Victims’ Deservingness Information on Citizens’ Blame Attribution towards Administrative Errors.” Public Management Review 27, no. 12 (2025): 3104–24. https://doi.org/10.1080/14719037.2024.2411632.
Tsohou, Aggeliki, Emmanouil Magkos, Haralambos Mouratidis, George Chrysoloras, Luca Piras, Michalis Pavlidis, Julien Debussche, Marco Rotoloni, and Beatriz Gallego-Nicasio Crespo. “Privacy, Security, Legal and Technology Acceptance Elicited and Consolidated Requirements for a GDPR Compliance Platform.” Information and Computer Security 28, no. 4 (October 1, 2020): 531–53. https://doi.org/10.1108/ICS-01-2020-0002.
Utama, Frendika Suda, Didik Endro Purwoleksono, and Taufik Rachman. “Data Leakage of the Indonesian Elections Commission in Legal Aspects of Personal Data Protection.” Media Iuris 7, no. 3 (2024): 479–98. https://doi.org/10.20473/mi.v7i3.55931.
Xu, Yao, Jixin Wei, Ting Mi, and Zhihua Chen. “Data Security in Autonomous Driving: Multifaceted Challenges of Technology, Law, and Social Ethics.” World Electric Vehicle Journal 16, no. 1 (2025): 1–27. https://doi.org/10.3390/wevj16010006.
Zhanbayev, Rinat A., Muhammad Irfan, Anna V. Shutaleva, Daniil G. Maksimov, Rimma Abdykadyrkyzy, and Şahin Filiz. “Demoethical Model of Sustainable Development of Society: A Roadmap towards Digital Transformation.” Sustainability (Switzerland) 15, no. 16 (2023): 1–25. https://doi.org/10.3390/su151612478.
Indonesian Internet Service Providers Association, "Indonesian Internet Penetration Survey 2024", Indonesian Internet Service Providers Association, http://survei.apjii.or.id (accessed March 21, 2025)
International Telecomunication Union, “Global Cybersecurity Index 2020”, ITU Publications, http:// www.itu.int/en/ITU-D/Cybersecurity/Pages/global-cybersecurity-index.aspx (accessed March 21, 2025)
Juniar Laraswanda Umagapi, "Leak of Voter Data 2024," Brief Info of the Parliamentary Analysis Center of the Expertise Body of the House of Representatives of the Republic of Indonesia, http: //berkas.dpr.go.id/pusaka/files/info_singkat/Info%20Singkat-XV-23-I-P3DI-Desember-2023-2044.pdf (accessed March 20, 2025).
Law Number 11 of 2008 concerning Electronic Information and Transactions (Indonesian State Gazette Year 2008 Number 58, Additional of Indonesian State Gazette Number 4843)
Law Number 27 of 2022 concerning Personal Data Protection (Indonesian State Gazette Year 2022 Number 196, Additional of Indonesian State Gazette Number 6820)
Decision Number 2575/Pid.Sus/2022/PN. Sby, dated February 17, 2023
Decision Number 4-PKE-DKPP/I/2024 dated April 17, 2024.
Downloads
Published
How to Cite
License
Copyright (c) 2026 All writings published in this journal are personal views of the authors and do not represent the views of this journal and the author's affiliated institutions. Author(s) retain copyrights under the licence of Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0).
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
