<![CDATA[This research aims (1) to find out how legal protection is for consumers regarding personal data leaks in a comparative perspective, (2) to find out what legal remedies are for consumers who experience losses due to personal data leaks. The type of research used by researchers is normative legal research, namely through a statutory and regulatory approach, a conceptual approach and a comparative approach. This research is supported by legal materials consisting of statutory regulations, journals, articles, literature and scientific papers that are relevant to the subject matter being studied. The results of the research show that (1) there is a comparison between the Personal Data Protection Act 2020 (PDPA) belonging to the Singapore state and Law Number 27 of 2022 concerning Personal Data Protection (UU PDP) within the scope of regulation, regulatory objectives, definition of personal data, scope scope of protection, institutional aspects, and sanctions imposed. (2) The PDP Law has created 3 cyber security indicators, namely Confidentiality, Integrity, and Availability so that it has protected the personal data of the Indonesian people, but there needs to be an amendment to the PDP Law because there are still several articles that can reduce or instead eliminating legal protection for consumers, the government must also create a special institution to handle personal data leaks in Indonesia as has been done by Singapore, this can help the public to make reporting and handling easier if personal data leaks occur. Then there are legal remedies that can be taken for consumers who experience losses due to data leaks to guarantee consumer rights.]]>
