<![CDATA[Indonesia’s digital economy has undergone an accelerated transformation following the enactment of Law No. 27 of 2022 on Personal Data Protection (PDP Law) and the amendment of Law No. 11 of 2008 on Information and Electronic Transactions (ITE Law) via Law No. 1 of 2024. This systematic review analyses the transformation of normative policies and the realities of regulatory implementation using a literature review method. Key findings highlight progressive regulatory synergy that is, however, hampered by a policy-practice gap, low compliance among businesses (35%), weak institutional coordination within the Personal Data Protection Commission (KPDP), and adaptation costs that burden SMEs. The Tokopedia-Akulaku data breach case study illustrates enforcement challenges, whilst private initiatives such as ‘Privacy by Design’ demonstrate the potential for collaboration. This article recommends accelerating the establishment of the Personal Data Protection Agency (KPDP), harmonising implementing regulations, conducting national digital literacy training, and adopting a multi-stakeholder model to bridge the regulatory-practice gap, thereby supporting the target of the digital economy contributing 25% of GDP by 2029.]]>
Copyrights © 2026
