<![CDATA[This study is motivated by the increasing misuse of emergency contact data in the debt collection practices of fintech lending services, which may infringe upon personal data protection rights. Although Law Number 27 of 2022 on Personal Data Protection (PDP Law) provides a legal framework for the management and protection of personal data, its implementation in the fintech sector continues to face several challenges. This study aims to analyze the legal provisions governing the use and limitation of access to emergency contact data and to identify the challenges associated with enforcing laws against such misuse. The research employs a normative legal research method with statutory and conceptual approaches, relying on the analysis of legislation, academic literature, and relevant legal documents. The findings indicate that the PDP Law establishes key principles, including consent, purpose limitation in data processing, and the responsibilities of data controllers. However, instances of misuse persist due to weak regulatory oversight, limited institutional coordination, and low levels of public legal awareness. Therefore, strengthening supervisory mechanisms and enhancing the integration of law enforcement institutions are essential to improving personal data protection within the fintech lending ecosystem.]]>
Copyrights © 2026
