<![CDATA[In the digital age, consumer data serves as a key driver of personalized marketing strategies. However, the increasing reliance on personal data has raised significant legal and ethical concerns regarding user privacy, consent, and data governance. This study provides a normative legal analysis of Indonesia’s Personal Data Protection Law (Law No. 27/2022) in comparison with the European Union’s General Data Protection Regulation (GDPR). Using a juridical-normative and comparative legal method, the study evaluates the adequacy of legal frameworks in regulating consent, profiling, user rights, enforcement mechanisms, and cross-border data flows. The findings reveal that while the UU PDP adopts foundational data protection principles, it remains limited in enforcement capacity and specificity compared to the GDPR. Gaps in regulatory detail, particularly in profiling and real-time bidding practices, present significant risks for consumer data exploitation. The study recommends strengthening regulatory clarity, accelerating the establishment of a supervisory authority, and improving legal literacy among businesses. These steps are crucial for ensuring ethical digital marketing practices and aligning national law with international standards]]>
Copyrights © 2024
