<![CDATA[Hacking and unauthorized access to electronic systems constitute one of the most fundamental forms of cybercrime, threatening the confidentiality, integrity, and availability of data. This article examines the legal construction of hacking and illegal access under Indonesian criminal law, particularly the Electronic Information and Transactions Law (ITE Law) and the Penal Code, and evaluates whether these provisions adequately distinguish malicious actors (black hat hackers) from ethical hackers. Using normative legal research with statutory, conceptual, and comparative approaches, the study finds that the key phrase “without right or unlawfully” under Article 30 of the ITE Law generates interpretative uncertainty and risks criminalizing legitimate cybersecurity research. The absence of regulations on bug bounty programs and the doctrine of implied consent further places security researchers in a vulnerable legal position. The article concludes that Indonesian criminal law should adopt a differentiated approach recognizing ethical hacking through explicit safe harbor provisions and clearer enforcement guidelines. Keywords: Hacking, Illegal Access, Ethical Hacking, Electronic Information and Transactions Law (ITE Law), Bug Bounty..]]>
Copyrights © 2023
