Comparative study of personal data protection regulations in Indonesia, Hong Kong and Malaysia

Published date20 October 2021
Date20 October 2021
Subject MatterAccounting & finance,Financial risk/company failure,Financial crime
AuthorAl Sentot Sudarwanto,Dona Budi Budi Kharisma
Comparative study of personal data
protection regulations in Indonesia,
Hong Kong and Malaysia
Al Sentot Sudarwanto and Dona Budi Budi Kharisma
Department of Business Law, Faculty of Law, Universitas Sebelas Maret,
Surakarta, Indonesia
Purpose The purposeof this paper is two-fold: to explore the legal issue of the importanceof personal data
protection in the digital economy sector andto propose a legal framework for personal data protection as a
consumerprotection strategy and accelerate the digital economy.
Design/methodology/approach This study is legal research. The research approach used was the
comparative approach and statuteapproach. The legal materials used are all regulations regarding personal
data protectionthat apply in Indonesia, Hong Kong and Malaysia. The techniqueof collecting legal materials
is done by using libraryresearch techniques.
Findings The value of Indonesias digital economyis the biggest in the Southeast Asia region, but data
breach is still a big challengeto face. The IndonesianConsumers Foundation (Yayasan Lembaga Konsumen
Indonesia) recorded 54 cases of a data breachin e-commerce, 27 cases in peer-to-peerlending and 5 cases in
electronic money. Basedon the results of a comparative study with Hong Kong and Malaysia,Indonesia has
yet no specic Act that comprehensively regulatespersonal data protection. Indonesia also does not have a
personal data protection commission.Criminal sanctions and civil claims related to data breaches have not
yet been regulated.
Research limitations/implications This study examines the data breach problemin the Indonesian
digital economy sector.However, the legal construction of personal data protectionregulations is built on the
resultsof acomparative study with Hong Kong and Malaysia.
Practical implications The results of this study can be useful for constructing the ideal regulation
regardingthe protection of personal data in the digital economy sector.
Social implications The results of the recommendations in this study are expected to develop and
strengthenthe protection of personal data in the Indonesiandigital economy sector. Besides aimingto prevent
the misuse of personaldata, the regulation aims to protect consumers and acceleratethe growth of the digital
Originality/value Indonesia needs to createa personal data protection act. The act should at least cover
such issues: personal data protection principles; types of personal data; management of personal data;
mechanism of personal data protection and security; commission of personal data protection; transfers of
personaldata; resolution mechanism of personal data dispute and criminal sanctions and civil claims.
Keywords Data breaches, Personal data protection, Digital economy
Paper type Research paper
1. Introduction
The Indonesian president, Joko Widodo (Jokowi)envisioned the Indonesian digital economy
as the largest in Southeast Asia, with a value estimateof US$133m by 2025. This prediction
does not seem too far off, as the COVID-19 pandemic has seen rapid growth in the sector.
Jokowi has emphasized that Indonesiashould be able to turn around the crisis the pandemic
brought and benet from it to acceleratethe development of the digital economy (Sekretariat
Kabinet Republik Indonesia,2020).
Personal data
Journalof Financial Crime
Vol.29 No. 4, 2022
pp. 1443-1457
© Emerald Publishing Limited
DOI 10.1108/JFC-09-2021-0193
The current issue and full text archive of this journal is available on Emerald Insight at:

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT