<![CDATA[The protection of personal data is a crucial aspect of the digital ecosystem, particularly within e-commerce platforms such as Tokopedia. The personal data breach incident that occurred on May 2, 2020—exposing sensitive information such as full names, email addresses, and phone numbers—raised serious concerns regarding data security. This study aims to analyze the legal protection afforded to Tokopedia users against personal data breaches from the perspective of Law Number 27 of 2022 concerning Personal Data Protection. The research method employed is normative juridical, using statutory and case approaches. The findings indicate that although Law Number 27 of 2022 provides a comprehensive legal framework to safeguard personal data, its implementation still faces challenges, especially in terms of supervision, law enforcement, and the accountability mechanisms of electronic system operators. As a data controller, Tokopedia holds a legal obligation to ensure the security of users’ personal data; however, in practice, such protection remains suboptimal. Therefore, it is necessary to strengthen internal corporate policies and foster collaboration between the government and the private sector to enhance compliance with personal data protection regulations.]]>
Copyrights © 2025
