Implementation Of Personal Data Protection Regulations In Digital Services In Indonesia: A Systematic Review

https://doi.org/10.56370/jhlg.v6i12.3170

The advancement of digital services in Indonesia has significant implications for personal data protection as an integral part of the right to privacy and human dignity. The right to privacy serves as a prerequisite for individual autonomy within a constitutional state (Rechtsstaat). The increasing utilization of data prompted the enactment of Law Number 27 of 2022 concerning Personal Data Protection (PDP Law), which replaces the partial regime of the Electronic Information and Transactions (ITE) Law. This research employs a Systematic Literature Review (SLR) using the PRISMA protocol on 30 national and international journals (2018–2025) to examine the implementation of the PDP Law, data breach cases, as well as normative and practical gaps. The results indicate that while the PDP Law is more comprehensive, its implementation faces several obstacles: low data literacy, limited capacity of data controllers, the absence of an independent supervisory authority, and weak enforcement mechanisms. Effective data protection requires regulatory strengthening, the establishment of an independent supervisory body, and capacity building for all stakeholders.