Protecting Our Mosts Valuable Personal Data: A Comparison Of Transborder Data Flow Laws In The European Union, United Kingdom, And Indonesia

Abstract

Information technology and its relationship with data protection is a crucial area that needs to be addressed, especially for data flows among different countries. In the majority of jurisdictions, international data transfers are restricted unless specific requirements stipulated by data protection laws are met. However, in the European Union (EU) and the United Kingdom (UK) there are three exceptions, adequacy, appropriate safeguards, and derogations. This paper conducts a comparative legal analysis of the regulations governing the cross-border transfer of personal data in the EU, UK, and Indonesia. The research method is normative, while the approaches employed are statutory and conceptual with an analytical and descriptive research design. The study focuses on the legal framework and the various mechanisms to protect personal data during transborder flows. The research identified both commonalities and disparities in data protection regulations in Indonesia, the EU, and the UK. Notably, differences appeared in the application of appropriate safeguards and the use of criminal sanctions in Indonesia. Finally, the study concludes by providing recommendations for future developments in the legal frameworks for cross-border data transfer in the EU, UK, and Indonesia.