<![CDATA[This study examines the responsibility of the state in protecting personal data within Indonesia’s Electronic-Based Government System. The objective is to analyze the legal obligations of government institutions as personal data controllers in digital public services and to formulate a normative framework that integrates the Personal Data Protection Law, SPBE governance, and the protection of citizens’ constitutional rights. This research employs a qualitative legal method with a normative-juridical and conceptual approach. Data were collected through documentary study of Indonesian legal instruments concerning personal data protection, public services, government administration, electronic systems, and electronic-based government, supported by relevant scholarly literature on data governance and digital public administration. The findings show that Indonesia already has an important legal foundation for personal data protection and digital government, but the Personal Data Protection Law and SPBE framework have not yet been fully integrated. This regulatory fragmentation creates risks related to unclear institutional responsibility, excessive data processing, weak citizen notification, inaccurate data use, data breaches, and limited remedies. The study proposes the concept of the state as a constitutional data controller, meaning that government responsibility extends beyond technical compliance toward the protection of privacy, dignity, legal certainty, equality, and access to public services. This study contributes to strengthening a rights-based model of SPBE in Indonesia.]]>
Copyrights © 2025
