<![CDATA[Digitalisation developments in Indonesia are unfolding at a rapid pace, shifting the paradigm of personal data collection and utilisation. However, the significant increase in use has not been matched by an equally rapid development of adequate legal protection frameworks. This study aims to analyse the implementation of the personal data protection policy as outlined in Law Number 27 of 2022 (PDP Law), within the context of Indonesia's digital legal system. Qualitative-descriptive research with a case study method was employed, whereby in-depth interviews, semi-structured questionnaires, and document analysis were used to collect data on 20 participants from the government, the digital industry, and civil society. As the study reveals, significant challenges to the implementation of the PDP Law include low levels of public digital literacy (62%), limited institutional capacity, and resistance from the digital industry. Enabling factors include cross-sectoral collaboration and pressures from global markets. The study contributes theoretically through applications of a multi-actor Digital Governance framework. In contrast, the study's practical contribution appears to be the strategic recommendations to strengthen regulation, institutional capacity, and public literacy. Among the implications is the need to synergise the state, private sector, and civil society to stimulate the establishment of a fair, adaptive, and competitive data protection ecosystem.]]>
