Kebuntuan Pembentukan Lembaga Pelindungan Data Pribadi dan Implikasinya terhadap Efektivitas UU PDP di Indonesia

Authors

  • Gusti Ramadhani Universitas 17 Agustus 1945 Jakarta
  • Cecep Suhardiman Universitas 17 Agustus 1945 Jakarta

DOI:

https://doi.org/10.55606/jurrish.v5i2.8513

Keywords:

Administrative Sanctions, Indonesia, Personal Data Protection, Public Policy, Supervisory Authority

Abstract

This article examines Indonesia’s public policy on personal data protection in light of Law No. 27/2022, which mandates the establishment of an independent Personal Data Protection Authority (PDP Authority). Despite this legal requirement (Article 58 UU PDP), no such institution has been formed. As a result, there is currently no supervisory authority with the mandate to audit compliance, impose administrative sanctions, or resolve data protection disputes. Enforcement of the law has thus remained reactive rather than preventive, with violations prosecuted only after harm occurs. Experts warn that without a strong implementing agency, deterrence is weak: administrative sanctions cannot be effectively applied and punished violations continue unchecked. Cybersecurity analysts even describe this gap as a national digital protection crisis, as personal data leaks (e.g. millions of citizens’ records exposed in recent breaches) continue unabated. Using a normative legal research approach and literature review, this study analyzes how the lack of the mandated PDP Authority undermines the effectiveness of data protection in Indonesia. The article reviews relevant legal theory on regulatory independence and deterrence, and compares with international best practices (e.g. EU/GDPR). We find that the absence of the agency creates serious implementation gaps, and we urge the government to immediately form the PDP Authority and clarify its powers.

Downloads

Download data is not yet available.

References

Alfianto, R. (2025, October 21). Keterlambatan Badan PDP: Ancaman terhadap keamanan data warga. JawaPos.

Astuti, E. F., Hidayanto, A. N., Nurwardani, S., & Salsabila, A. Z. (2024). Assessing Indonesian MSMEs' awareness of personal data protection by PDP Law and ISO/IEC 27001:2013. IIETA Journal. https://doi.org/10.18280/ijsse.140523

Badan Legislasi DPR RI. (2024). Analisis yuridis terhadap ketiadaan lembaga penyelenggara perlindungan data pribadi. Pusat Penelitian dan Pengabdian Masyarakat DPR RI.

Breyer, S. (1982). Regulation and its reform. Harvard University Press. https://doi.org/10.4159/9780674028760

Djafar, W., et al. (2019). Studi perbandingan GDPR dan otoritas perlindungan data. LP3TI Press.

Haris, A. (2021). Good governance. Zahir Publishing.

Komisi Pemilihan Umum. (2014). Laporan kebocoran data pribadi pemilih (sekitar 2,3 juta data). Jakarta: KPU.

Laelaturramadani, R. (2023). Tinjauan terhadap efektivitas regulasi perlindungan data pribadi di Indonesia. Mandalika Law Journal, 4(1), 263-275.

Lukman, A., & Agustini, V. A. (2023). Penerapan manajemen nutrisi pada asuhan keperawatan diabetes melitus tipe II dengan masalah keperawatan defisit nutrisi. Jurnal Aisyiyah Palembang, 8.

Mardalis. (1999). Metode penelitian suatu pendekatan proposal. Bumi Aksara.

Marzuki, P. M. (2016). Penelitian hukum: Edisi revisi. Kencana Prenada Media Group.

Nafisah, S., & Diniyanto, A. (2024). Independensi lembaga perlindungan data pribadi di Indonesia. Manabia, 7(1), 1-20. https://doi.org/10.28918/manabia.v4i01.8664

Nagin, D. S. (2013). Deterrence in the twenty-first century. The University of Chicago Press. https://doi.org/10.1086/670398

PeriksaData (Tim Periksa Data). (2021, September 3). Rilis media: Dugaan kebocoran data aplikasi eHAC.

Persadha, P. (2025, October 22). Data pribadi jadi komoditas gelap, pakar nilai Indonesia krisis perlindungan digital di tengah mandeknya UU PDP. JawaPos.

Republik Indonesia. (1945). Undang-Undang Dasar Negara Republik Indonesia Tahun 1945.

Republik Indonesia. (2022). Undang-Undang Nomor 27 Tahun 2022 tentang Pelindungan Data Pribadi. Lembaran Negara RI Tahun 2022 Nomor 196. Sekretariat Negara. Jakarta.

Soekanto, S. (2019). Pengantar penelitian hukum. UI Press.

Soekanto, S., & Mamudji, S. (2012). Penelitian hukum normatif: Suatu tinjauan singkat. Raja Grafindo Persada.

Sugiarto, N., Yuliawan, I., & Irawati, A. C. (2026). Perlindungan data pribadi sebagai instrumen hukum dalam menanggulangi kejahatan perbankan. Pendas: Jurnal Ilmiah Pendidikan Dasar, 11(1), 260-275.

Wahyudi Djafar, dkk. (2019). Studi perbandingan GDPR dan otoritas perlindungan data. LP3TI Press.

Downloads

Published

2026-02-19

How to Cite

Gusti Ramadhani, & Cecep Suhardiman. (2026). Kebuntuan Pembentukan Lembaga Pelindungan Data Pribadi dan Implikasinya terhadap Efektivitas UU PDP di Indonesia. Jurnal Riset Rumpun Ilmu Sosial, Politik Dan Humaniora, 5(2), 793–805. https://doi.org/10.55606/jurrish.v5i2.8513

Issue

Vol. 5 No. 2 (2026): JURRISH: Jurnal Riset Rumpun Ilmu Sosial, Politik dan Humaniora

Section

Articles

License

Copyright (c) 2026 Jurnal Riset Rumpun Ilmu Sosial, Politik dan Humaniora

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Similar Articles

1 2 3 4 5 6 7 8 9 10 > >> 

You may also start an advanced similarity search for this article.