<![CDATA[This study aims to analyze the effectiveness of Indonesia’s Personal Data Protection Law (Law No. 27 of 2022) in protecting social media users from the perspective of data subjects. The research employs an empirical legal method with a socio-legal approach, integrating normative analysis of statutory provisions with primary data obtained through an online questionnaire distributed to social media users in Indonesia. The collected data were examined using descriptive-qualitative analysis to identify patterns of understanding, experience, and perception regarding personal data protection. The findings reveal that although the law establishes a relatively comprehensive regulatory framework, including recognition of data subject rights and obligations of data controllers, its practical implementation remains in an early stage. A significant proportion of respondents demonstrate limited understanding of the broader scope of personal data and insufficient awareness of their rights, such as the rights to access, rectification, and erasure. While many respondents report experiences related to suspected data misuse, including unsolicited marketing and online fraud attempts, most are unfamiliar with available complaint and enforcement mechanisms. The effectiveness of the law is further constrained by low levels of digital and legal literacy, limited public dissemination, and enforcement challenges involving cross-border social media platforms. The study concludes that legal effectiveness depends not only on normative adequacy but also on public awareness, institutional capacity, and consistent enforcement.]]>
Copyrights © 2025
