<![CDATA[This research discusses the handling of personal data abuse in the form of phishing carried out by paid verified accounts on social media according to Law Number 27 of 2022 concerning Personal Data Protection. The problem raised in this study is the rampant phishing crime against personal data abuse on social media. The research method used in this study is juridical-normative with sources of legal materials, namely: Laws, previous legal research results, opinions of legal experts, works from legal experts and other sources of information that are useful for this study. The results of this study reveal that the Personal Data Abuse Law in tackling phishing crime against personal data abuse, by strengthening personal data protection through several efforts, such as imposing sanctions, establishing a special authority agency, encouraging the government to strengthen cyber security and increasing digital literacy for the community as a form of participation. with the aim of minimizing the possibility of personal data abuse, such as phishing on social media by paid verified accounts. The handling of personal data abuse through the Personal Data Protection Law is good if it is fully implemented, but it would be even better if various modus operandi of personal data abuse could be explicitly or clearly written in it, so that there are no gaps for violators to escape from the articles of the Personal Data Protection Law. Then regarding the Personal Data Protection Authority Agency must stand independently and independently, so that there is no conflict of interest that can injure and disrupt the enforcement of personal data protection in Indonesia.]]>
