<![CDATA[The rapid expansion of Indonesia’s e-commerce sector has increased the exposure of consumer data to security risks, as shown in the 2020 Tokopedia breach. This study examines the ethical and legal responsibilities of e-commerce companies in protecting personal data by assessing Tokopedia’s compliance with digital business ethics principles and national regulations. Using a qualitative case study approach, the analysis draws on secondary sources such as legal documents, incident reports, and scientific publications. The findings show that Tokopedia did not fully meet the standards of transparency, honesty, and privacy, and that its preventive and responsive measures were insufficient to safeguard user data. The company also failed to satisfy key obligations outlined in consumer protection rules and the Personal Data Protection Law, which serve as the benchmark for evaluating accountability. These shortcomings contributed to declining public trust and reputational harm. This study highlights the need for stronger ethical governance and more consistent legal compliance in digital platforms and recommends the integration of privacy-by-design principles, regular security audits, and a dedicated data ethics function to strengthen consumer data protection in Indonesia.]]>
Copyrights © 2026
