<![CDATA[The protection of consumers’ personal data in digital MSME (Micro, Small, and Medium Enterprises) businesses poses a significant challenge in the era of digital transformation, particularly amid the rising cases of data breaches in Indonesia. Although Law No. 27 of 2022 on Personal Data Protection (PDP Law) has come into effect, its implementation still faces numerous obstacles, especially for MSMEs that are limited in terms of resources and technological understanding. By comparison, China, through its Personal Information Protection Law (PIPL), enforces strict supervision combined with AI-driven compliance technologies. This study aims to analyze the effectiveness of personal data protection frameworks in Indonesia and China and to propose a hybrid model that integrates government regulations with technological solutions. The research employs a normative juridical method using statutory, conceptual, and comparative law approaches, relying on secondary data such as regulations, academic journals, and policy documents. The findings indicate that adopting a hybrid model for the protection of consumers’ personal data in digital MSME businesses could serve as an effective solution. This model merges a compliance-based approach, as adopted under Indonesia’s PDP Law, with the strict oversight mechanisms implemented under China’s PIPL. By adapting mechanisms such as mandatory registration, periodic audits, and technology-based compliance incentives, Indonesia could enhance transparency, accountability, and data security within its digital MSME ecosystem.]]>
Copyrights © 2025
