<![CDATA[The practice of leaking customer data by banks to third parties, such as Mata elang, raises serious problems in the context of personal data protection in Indonesia. This action not only threatens the individual's right to privacy but also has the potential to violate the legal provisions stipulated in Law Number 27 of 2022 concerning Personal Data Protection. This article aims to analyze the legal basis violated by this practice and provide a legal solution in an effort to protect customer rights. The formulation of the problem in this study is what form of legal violation of data leaks by banks to Mata elang and what is the legal enforcement mechanism. This study uses a normative legal method with a statutory and conceptual approach. Data were obtained through a literature study of relevant regulations and supporting scientific literature. The results of the analysis show that leaking customer data to third parties without valid consent is a violation of the principles of data processing in the PDP Law, especially regarding legality, transparency, and protection of data subjects. Banks as data controllers are responsible for the leak and can be subject to administrative, civil, or criminal sanctions. In closing, this study recommends strengthening internal bank regulations, strict supervision by regulatory authorities, and increasing legal awareness for customers. This effort is important to ensure the security of personal data and uphold the right to privacy in the banking system.]]>
Copyrights © 2025
