Legal Protection of Citizens' Privacy Rights Based on the Principle of Jus

The digital era has brought significant changes in the way humans access, store, and share information. Amidst these technological advances, major challenges have emerged to the protection of individual privacy rights. Personal information is increasingly easy to collect and process by various parties, both by state institutions, technology companies, and individual users. On the other hand, the need for freedom of information is also increasing, especially in the context of transparency, public participation, and data openness. The balance between cybersecurity and freedom of information is a crucial issue that must be addressed comprehensively. This paper aims to examine the protection of privacy rights in the digital era by highlighting the tension between data security efforts and demands for information openness. The method used is a literature study with a qualitative approach. The results of the study show that privacy protection requires clear regulations, such as the Personal Data Protection Law in Indonesia, as well as public awareness in protecting personal data. On the other hand, freedom of information must still be maintained so that it is not misused to violate individual rights. Therefore, a balanced approach is needed between regulation, education, and technology to create a digital space that is safe, fair, and respects human rights.

Introduction to the Special Issue: The Right to the Protection of One's Own Image in Ibero-America and Its Relevance for the Right of Publicity in Common Law Countries

The distribution of personal data is not only related to misuse of data in banking cases. Currently there are many posts on social media related to videos or photos of other people for the benefit of personal accounts, organizations or companies, as well as the distribution of documentation in social media groups without the consent of the person concerned, so that someone in the photo or video experiences a violation of their personal rights and right to privacy. Seeing the phenomenon of people who are still not fully aware of the personal rights and privacy rights of other people, it is very interesting to research related to maintaining privacy in the digital era.This research will be carried out using the Juridical-Normative research method, which has the character of a perspective or applied science, Legal Science as Sui Generis. Researchers use a statutory approach and a comparative approach.Awareness of the right to privacy and protection of personal data increases every year but is still relatively low when compared to electronic media users. The development of digital technology, social media, and the use of online platforms in everyday life has had a significant impact on people's understanding and awareness of the importance of protecting privacy and personal data. On the other hand, despite increasing awareness, there is still ignorance, a lack of understanding of the law, and a lack of attention to the potential risks of personal data breaches in the digital world. Factors that influence public awareness of the protection of privacy rights and personal data protection in Indonesia are the lack of understanding and education regarding digital literacy from the perspective of privacy rights and protection of personal rights.

This research is library research that is normative jurisprudence. With a statue approach and a conceptual approach (conceptual approach), We conduct the analysis by descriptively examining the pertinent legal documents, specifically the laws pertaining to the safeguarding of Indonesian citizens' personal data. The purpose of this research is to study the privacy rights regulation in Indonesia and to examine the authority of the parties related to the protection of privacy rights in Indonesia, as well as to study legal protection related to privacy protection in the future. The results of this study show that there are three conclusions: first: the legal protection of the right to privacy through repressive law enforcement in cases of data leakage in Indonesia. Second, the jurisdiction in the judicial protection of privacy rights against data leaks has not been implicitly found in existing regulations, so it requires a specific authority. Third: The legal protection related to privacy protection in Indonesia must be conceived and structured effectively by looking at the legal culture of the people through the mechanisms of the legal tradition in Indonesia in accordance with the theory of the existing system. Abstrak Penelitian ini bertujuan untuk mengkaji perlindungan hukum terhadap hak privasi warga negara Indonesia terkait kebocoran data pribadi dan kewenangan pihak yang berkompeten dalam penanggulangan masalah ini. Penelitian ini merupakan jenis penelitian yuridis normatif yang bersifat library research atau kepustakaan, serta pendekatan Undang-Undang (statute approach) dan konseptual (conceptual approach) untuk menganalisis peraturan yang ada terkait perlindungan data pribadi. Hasil penelitian ini menunjukkan tiga kesimpulan utama: pertama, perlindungan hukum terhadap hak privasi lebih mengandalkan penegakan hukum represif atas kasus kebocoran data di Indonesia; kedua, kewenangan dalam perlindungan hak privasi terhadap kebocoran data belum diatur secara eksplisit dalam regulasi yang ada, sehingga diperlukan instansi yang memiliki kewenangan khusus; ketiga, perlindungan hukum terkait hak privasi di Indonesia di masa depan perlu terkonsep dengan lebih terstruktur dan efektif, memperhatikan budaya hukum masyarakat Indonesia melalui mekanisme tradisi hukum sesuai dengan teori sistem yang ada.

The development of technology in the legal system in Indonesia has brought significant changes to the judicial process. Digitalization of law through the implementation of e-Court, artificial intelligence (AI), big data, and blockchain provides great opportunities to increase efficiency, accessibility, and transparency in law enforcement. Various regulations have been drafted to support the integration of technology in the judicial system, including Law No. 11 of 2008 concerning Electronic Information and Transactions (UU ITE), Law No. 27 of 2022 concerning Personal Data Protection, and Supreme Court Regulation No. 3 of 2018 concerning e-Court. However, the implementation of this technology also raises various challenges, such as the validity of digital evidence, protection of privacy rights, and the readiness of legal infrastructure and human resources. This study uses normative legal methods with a statutory, conceptual, jurisprudential, and comparative approach to evaluate how the legal system in Indonesia adapts to technological developments in law enforcement. The results of the study show that although regulations related to legal technology have been implemented, there are still weaknesses in the mechanisms for protecting human rights, authenticating digital evidence, and protecting data in the legal process. In addition, a comparison with regulations in the European Union and the United Kingdom shows that the legal system in Indonesia needs to improve the standards for validating electronic evidence and protecting personal data. Therefore, a more comprehensive legal reform is needed to ensure that the use of technology in the legal system remains in line with the principles of justice and legal certainty. By strengthening regulations, increasing the capacity of law enforcement officers, and synergy between the government, academics, and legal practitioners, the Indonesian legal system can develop adaptively and continue to uphold the principles of justice in the digital era

The abuse of personal data for certain interests and causing harm to other parties is often occur so that this raises concerns as a large community in conducting online transactions, in 2022 the President together with the Indonesian Parliament has enacted Law Number 27 of 2022 on Personal Data Protection (PDP) which aims to provide legal protection for the community against their personal data, this provides good hope to ward off various kinds of acts of misuse of personal data, the purpose of this study is to reveal the legal protection of customer data in online transactions after the legalization of personal data protection law seen from legal theory and how the personal data dispute resolution model is in line with the ultimum remidium principle. The type of research used is juridical-normative law using normative and theoretical approaches. The results showed that the protection of one’s privacy rights in online transactions is an embodiment of absolute right theory because the protection of privacy rights is a basic right that everyone must respect, the utilization of one’s privacy rights without the approval of the right owner is a violation of the law, the personal data dispute resolution model in the personal data protection law is not in following with the ultimum remidium principle, the personal data dispute by special organ with like such as the General Data Protection Regulation (GDPR) in the European Union, because it can resolve cross-border personal data cases.

This study aims to examine the extent to which wiretapping regulations in Indonesia prioritise the protection of privacy rights and how these regulations will be utilised to reform the criminal justice system in the future. This study is a normative legal analysis that employs a comparative approach, examining the laws of the United States and the United Kingdom. Based on the results of the study, it was concluded that wiretapping regulations in Indonesia do not yet provide protection of privacy rights and do not yet accommodate Constitutional Court Decision Number 006/PUU-I/2003 and Constitutional Court Decision Number/5/PUU-VIII/2010, which mandate that wiretapping regulations be regulated in a special law and uphold human rights. Based on a comparative study with the wiretapping legal systems in the United States and the United Kingdom, it was found that in order to achieve ideal wiretapping regulations, in addition to being regulated in a special law, there is also a need for checks and balances to prevent arbitrariness and rigid and biased rules, as well as stipulating that every wiretapping action must be proportional to the objectives to be achieved. There must also be a strict internal, external and independent monitoring system covering the application for authorisation, implementation and termination of wiretapping, with an emphasis on the protection of personal data and the privacy of citizens. In addition, the following aspects must also be reflected: a. Legality; b. Due process. Safeguards Against Illegitimate Access; and d. Legitimate Aims, Necessity and Proportionality

This research aims to find out how legal protection is for personal data in online loan services after the enactment of "Law Number 27 of 2022 concerning Personal Data Protection" and also find out what legal steps are taken by victims if there is misuse of personal data. by the lender. This research uses nomative-empirical research methods. This method combines normative legal elements which are then supported by data or empirical elements. The results of this research contain that in protecting personal data, the government has passed several new regulations that specifically protect a person's personal data. The law in question is "Law Number 27 of 2022 concerning Protection of Personal Data" or abbreviated as "PDP Law". The Financial Services Authority also regulates online loan services with "Financial Services Authority Regulation Number 10 /POJK.05/2022 concerning Information Technology-Based Joint Funding Services". These two laws guarantee the protection of borrowers' personal data. If there is misuse of personal data by the lender, legal steps can be taken, such as the borrower can report criminally to the police or can also report to the Financial Services Authority. Advice, be careful when using personal data and do not carelessly give this data to anyone so that it will not be misused.

Since the birth of the right to privacy, more and more attention has been paid to the protection of the right to privacy. In China, since the introduction of privacy rights from the West, the protection of privacy rights has been focused on civil law, while the protection of privacy rights in legislation and judicial practice in other branches of law has only been superficial but not in-depth. The effect of civil law on the protection of privacy rights is undeniable, especially after the introduction of the Civil Code, which provides more thorough and complete regulations on privacy rights in the field of civil law. However, with the development of society, relying on civil law alone to protect the right to privacy has become a challenge. The protection of the right to privacy of public figures is even more lacking. For example, the case of Li Yundi’s prostitution, which was publicly reported by the Beijing Chaoyang Public Security Bureau on 21 October 2021, reveals the loopholes in the protection of privacy and the privacy of public figures in China. Firstly, civil law in China has been effective in protecting the right to privacy, but in this case, the right of public security to disclose Li Yundi’s private life involves the infringement of citizens’ privacy by public power. Secondly, in China, public figures are often involved in the public interest, and it is the consensus of the academia and society as a whole that anyone in conflict with the public interest should give way to the public interest. However, in judicial practice, the author believes that it is unfair to treat public figures and ordinary citizens differently in terms of privacy rights when the public interest is not seriously endangered. Therefore, this article aims to analyse the current status and shortcomings of the legislation and judicial practice on the protection of the privacy of public figures in China on the basis of the right to privacy and the privacy of public figures, and to draw on the advanced experience of other countries in order to establish and improve the privacy protection mechanism of public figures in China.

Personal data leakages have been experienced by both Indonesia and South Korea. To ensure the protection of privacy rights relating to personal data, both countries have promulgated special laws, namely the Indonesian Personal Data Protection Law (PDP Law) and the South Korean Personal Information Protection Act (PIPA). This study aims to compare the two laws to ascertain their similarities and differences by adopting a comparative law approach. The study found that similarities exist in the two laws. They are to protect personal data and confer rights on data subjects. In the absence of explicit consent given by data subjects, data controllers and processors are prohibited from collecting and processing the data with some exceptions. They also mandate a special institution that is tasked to investigate and sanction data controllers and processors when they conduct data infringement. There are inherent differences in the two laws. PIPA is designed to be the framework legislation and PDP is designed to be a special statute. Additionally, PIPA mandates the institution dealing with personal data protection without referring to any other law but the Act itself.  PDP Law clearly states that further provisions relating to this institution will be governed by Presidential Regulation.

In an increasingly fast-paced and connected digital era, the protection of personal data privacy has become a very urgent and complex issue. Information and communication technologies have facilitated the widespread collection, storage and distribution of personal data, presenting new challenges to the protection of privacy rights, particularly in Indonesia. This phenomenon is exacerbated by various cases of data leakage and misuse of personal information that emphasize the importance of a strong and effective legal framework to protect individual privacy. This study aims to evaluate the effectiveness of existing regulations, such as Article 26 of the ITE Law and PP PSTE, in protecting personal data privacy in Indonesia, and to examine the draft personal data protection law (RUU PDP) which is expected to provide more comprehensive protection. The research method used is a normative juridical approach, with literature study as the main tool for collecting data. The results show that although the existing regulations already provide an important legal foundation, there are still weaknesses in implementation and law enforcement. Lack of public awareness about privacy rights, as well as weak law enforcement against data privacy violations, are the main obstacles in the protection of personal data privacy. The conclusion of this study is that improvements in regulation, stricter law enforcement, and better education to the public are needed to improve the protection of personal data privacy. The PDP Bill is expected to address some of these weaknesses by providing a clearer and more comprehensive legal framework.

Consent is one of the foundations for data processing in the Operation of Electronic Systems by government and private institutions. Implementing consent as a basis for data processing has several shortcomings, particularly as it primarily relies on individuals being aware in providing authentic consent. In practice, individuals often give consent without considering any terms and conditions. Consent obtained without knowledge of data processing can jeopardize the right to privacy and the protection of personal data. This paper examines dynamic consent as a means to optimize the protection of privacy rights. The findings indicate that the concept of dynamic consent that prioritizes its approach to Data Subjects serves as a means to optimize personal data protection. Dynamic consent can strike a balance between on the one hand, the simplicity of the consent mechanism, and, on the other hand, the personal data protection standards and the right to privacy. Formulating dynamic consent should be based on legal elements, societal practices, technological features, and the involvement of personal data protection authorities. Additionally, as a form of implementing accountability for Electronic System Organizers as data controllers or processors, an effective mechanism for resolving personal data disputes is needed. These elements, when combined, can provide optimal personal data protection.

Modern digital-based justice is the answer to the challenges of the development of the times. Although modern justice reflects an adaptive judicial body, it must still be equipped with established regulations. This study aims to examine the harmonization of personal data protection principles between the Supreme Court Regulation No. 7/2022 concerning electronic case administration and trials and Law No. 27/2022 concerning Personal Data Protection (PDP Law). In this case, the researcher uses a normative juridical method, with a statutory regulatory and comparative combined approach. This study highlights the norms gap in the Supreme Court Regulation No. 7/2022, particularly in the aspect of protecting the personal data of the parties input into the electronic justice administration system. The main findings exhibited are that the Supreme Court Regulation No. 7/2022 does not regulate the basic principles of data protection as mandated by the PDP Law, which has the potential to cause legal uncertainty and privacy right violations. The fact that the principle of personal data protection in the Supreme Court regulation has not been absorbed is due to the PDP Law, which only came into effect in 2024, even though both were enacted in the same year in 2022. This is seen as weakening the legitimacy of electronic justice in Indonesia. This study is expected to provide a positive contribution in the form of regulatory reform through the revision of the Supreme Court regulations, the establishment of data protection units in the judicial environment, and strengthening institutional coordination. The results of the comparative analysis of common law systems such as England show the importance of integrating data protection principles into the legal infrastructure and institutions of electronic justice to be aware of the protection of privacy rights that intersect with the guarantee of the human rights of justice seekers.

The rapid development of information technology is significantly impacting the lives of humans. This technology enables transfer between regions, thereby threatening the right to privacy. However, the progress of the era related to electronic transactions will continue, necessitating the protection of privacy rights in electronic transactions, through harmonization with the legal principles of Roscoe Pound. A normative legal study was conducted with a statutory and conceptual method, then data were collected through literature studies and analyzed using descriptive-qualitative statistics. Privacy data protection has been implicitly regulated in Electronic Information and Transactions (ITE) and Personal Data Protection (PDP) Law, as well as Government Regulation concerning the Implementation of Electronic Systems and Transactions (PP PSTE). The concept of law as social engineering positions ITE and PDP as key instruments in the formation and development of society. Meanwhile, the balance is seen when a regulation has accommodated the interests, of both state, community, and individual, showing the legal thinking side of Roscoe Pound. Policymakers need to pay more attention to how policies are made in accordance with Roscoe Pound's legal principle to achieve the main objective.

Cyberspace, like other communication platforms, has specific characteristics and a set of regulations that govern it, subjecting individuals to international laws in certain cases and potentially leading to the violation of user rights. Given the significance of this issue, the present study aims to examine user rights in cyberspace and analyze the legal challenges and requirements related to the protection of users' personal data. The research follows a descriptive-analytical method. According to the findings, data protection regulations, emphasizing the necessity of safeguarding the privacy of data subjects, have established a set of mandatory rules for software owners and personal data processors. If an individual or an organization intentionally or unintentionally violates a user's rights, they must accept liability for compensating the damages. Regarding online messaging applications, civil liability may encompass responsibility for the content published by users, breaches of privacy, or non-compliance with data protection regulations. However, due to the lack of updates, ambiguity, lack of specificity, insufficiency of related laws, and disproportionate treatment compared to traditional offenses, legal regulations gradually lose their effectiveness. In many cases, such as the protection of privacy rights concerning users' personal data—which holds substantial importance—these regulations appear inadequate.