Privacy and Data Protection in The Digital Era

Article 1365 Burgerlijk Wetboek regulates that "every tort that brings harm to other people, obliges the person because of his wrongdoing to issue the loss, to compensate for the loss".

From this article, the elements of tort:

1. there is a tort;

2. there is an error;

3. there is a causal relationship between loss and action;

4. There is a loss.

The four elements must have a causal relationship. The problem here is the difficulty in proving the existence of tort and its errors.  The easiest way is to find mistakes made by platform providers based on existing regulations, for example, article 28 of No. 20 of 2016 (Permenkominfo), which in principle is a violation of the law of the platform provider to protect its users. But it isn't easy to do.

Based on the explanation of these matters, Indonesia has not had strong regulations to resolve these problems. So cases of Identity theft in Indonesia may continue to be repeated. Therefore, there must be a solution to deal with the situation.  One possible solution is to approve laws on personal data protection. This law is expected to be a solution because it can regulate personal data protection by applying criminal sanctions.

Many European countries have made regulations on personal data, which are the world's main references through The EU General Data Protection Regulation (GDPR), such as the UK, Portugal, Denmark, France, Ireland, and others. Many Asian countries have also adopted these regulations, including Singapore, Japan, Australia, Taiwan, Thailand, and Malaysia.

The most urgent matter to be regulated in Indonesia is criminal sanctions, not only limited to hackers who steal data but also to platforms that neglect to safeguard their users' data, aiming to fulfill a sense of security. Users submit their data to the platform so that the platform must try to keep the data from being stolen. The expected outcome of personal data protection regulations is a sense of security and comfort in using the platform.