PELINDUNGAN DATA PRIBADI DALAM BISNIS KOMPUTASI AWAN DI INDONESIA: TRANSFER DATA LINTAS NEGARA DAN AKSES OLEH OTORITAS PUBLIK

Konrardus Elias Liat; Sih Yuliana Wahyuningtyas

doi:10.24246/jrh.2025.v9.i2.p195-214

Authors

Konrardus Elias Liat LDS & Partners Attorney at Law
Sih Yuliana Wahyuningtyas Universitas Katolik Indonesia Atma Jaya

DOI:

https://doi.org/10.24246/jrh.2025.v9.i2.p195-214

Keywords:

personal data, cloud computing, public authority, transfer data

Abstract

Cloud computing is a computing service model that relies on easily accessible resources due to its flexibility, elasticity, ability to perform on-demand services, and low management effort. While offering various advantages, it poses risks to users' personal data, such as access to such data by a public authority in the absence of a legal framework to limit such access. The research employs juridical normative methods. The study shows that companies are responsible for ensuring the security of personal data under their control and preventing unauthorized access by third parties, including public authorities. This research aims to bridge the gap between the need for personal data protection and the growing cloud computing business, as well as the regulatory vacuum, and theoretically contribute to the development of theories on personal data protection through a legislative and comparative law approach.

Downloads

Download data is not yet available.

Author Biography

Konrardus Elias Liat, LDS & Partners Attorney at Law

LDS & Partners, Office 8 Building Lt 15, Suite 15i SCBD Lot 28, Jl. Jenderal Sudirman Kav. 52-53, Jakarta 12190

References

Buku

Plotkin D, Data Stewardship - an Actionable Guide to Effective Data Management and Data Governance (2nd edition, Academic Press is an imprint of Elsevier 2021).

Voigt P, dan Bussche AVD, The EU General Data Protection Regulation (GDPR): A Practical Guide (Cham, Pringer 2017).

Jurnal

Altman M, Wood A, O’Brien DR, Vadhan S, dan Gasser U, ‘Towards a Modern Approach to Privacy-Aware Government Data Releases’ (2015) 3 Berkeley Technology Law Journal.

Burmeister C, Lüttgens D, dan Piller FT, ‘Business Model Innovation for Industrie 4.0: Why the ‘Industrial Internet’ Mandates a New Perspective on Innovation’ (2016) 72 (2) Die Unternehmung.

Borgman CL, ‘Open Data, Grey Data, and Stewardship: Universities at the Privacy Frontier’ (2018) 33 Berkeley Technology Law Journal.

Custers B, dan Vrabec H, ‘Tell Me Something New: Data Subject Rights Applied to Inferred Data and Profiles (2024) 52 Computer Law and Security Review.

Ciclosi F, dan Massacci F, ‘The Data Protection Officer: A Ubiquitous Role That No One Really Knows’ (2023) 21 (1) IEEE Security and Privacy.

Donge WV, Bharosa N, dan Janssen MFWHA, ‘Data-Driven Government: Cross-Case Comparison of Data Stewardship in Data Ecosystems’ (2022) 39 (2) Government Information Quarterly.

Voss WG, ‘Cross-Border Data Flows, The GDPR, and Data Governance’ (2020) 29 (3) Washington International Law Journal.

Brier TF, ‘Defining the limits of Govermental Access to Personal Data Stored in the Cloud’ (2017) 7 Journal of Information Policy.

Taupitz J, and Weigel J, ‘The Necessity of Broad Consent and Complementary Regulations for the Protection of Personal Data in Biobanks: What Can We Learn from the German Case?’ (2012) 15 (5) Public Health Genomics.

Jandhyala S, and Phene A, ‘The Role of Intergovernmental Organizations in Cross-Border Knowledge Transfer and Innovation’ (2015) 60 (4) Administrative Science Quarterly.

Javaida M, et al, ‘Evolutionary Trends in Progressive Cloud Computing Based Healtcare: Ideas, Enablers, and Barriers’ (2022) 3 International Journal of Cognitive Computing in Engineering.

Kaneen CK, et al ‘Towards Evaluating GDPR Compliace in IoT Applications’ (2020) 176 Procedia Computer Science.

Kulkarni G, Gambhir J, Palwe R, ‘Cloud Computing-Software as Service’ (2012) 1 (1) International Journal of Cloud Computing and Services Science (IJ-CLOSER).

Li J et al, ‘Development of A Risk Index for Cross-Border Data Movement’ (2022) 5 (3) Data Science and Management.

Lee S, Choi Y, Ra J, Kim J, dan Ashihara K, ‘Impact of Cloud Computing Service in Korea Government Organization’ (2020) 11 (3) International Conference Information Commissioners.

Maietta A, ‘The Right to Be Forgotten’ (2020) 12 (2) Revista de Estudos Constitucionais, Hermeneutica e Teoria Do Direito (RECHTD).

Mattoo A, dan Meltzer JP, ‘International data flows and privacy: The conflict and its resolution’ (2019) 21 (4) Journal of International Economic Law.

Newton J, ‘Is Cloud Computing Green Computing?’ (2010) 27 (8) GPSolo.

Parikh S, et al, ‘Securiåty and Privacy Issue in Cloud, Fog and Edge Computing’ (2019) 160 Procedia Computer Science.

Parker JS, ‘Lost In The Cloud: Protecting End-User Privacy In Federal Cloud Computing Contracts’ (2012) 41 (2) Public Contract Law Journal.

Peihani M, ‘Financial Regulation And Disruptive Technologies: The Case Of Cloud Computing In Singapore’ [2017] Singapore Journal of Legal Studies.

Rose J, Langton M, Smith K, dan Clinch D, ‘Indigenous Data Governance in Australia: Towards A National Framework’ (2023) 14 (1) International Indigenous Policy Journal.

Rojszczak M, ‘CLOUD Act Agreements from An EU Perspective’ (2020) 38 Computer Law & Security Review.

Schwartz MP, ‘Information Privacy in The Cloud’ (2013) 161 (6) University of Pennsylvania Law Review.

Smith RB, Perry M, and Smith NN, ‘Three Shades of Data: Australia, Philippines, Thailand’ [2021] Singapore Journal of Legal Studies 76, 80.

Sun D, Changb G, Suna L, dan Wang X, ‘Surveying and Analyzing Security, Privacy and Trust Issues in Cloud Computing Environments’ (2011) 15 Procedia Engineering.

Wolff J, dan Atallah N, ‘Early GDPR Penalties - Analysis of Implementation and Fines Through May 2020’ (2021) 11 Journal of Information Police.

Zhao Z, ‘The Dilemma of Cross-Border Data Flow and the Construction of Mutual Trust Platform in Asia’, (2024) 11 (4) Asian Journal of Law and Society

Laporan Penelitian

Sri Handayani Nasution ‘Conclusion and Recommendation’ (2021) Improving Data Governance and Personal Data Protection through ASEAN Digital Masterplan 2025. Center for Indonesian Policy Studies 1 <https://www.econstor.eu/bitstream/10419/251310/1/CIPS-PolicyPaper46.pdf>.

Proceeding

April D. Lambert, Michelle Parker, and Masooda Bashir, ‘Library Patron Privacy in Jeopardy an Analysis of the Privacy Policies of Digital Content Vendors’ (Proceedings of the Association for Information Science and Technology, Januari 2015) 3-4.

Peraturan Perundangan

Undang-Undang Republik Indonesia Nomor 11 Tahun 2008 Tentang Informasi dan Transaksi Elektronik Sebagaimana Diubah Oleh Undang Undang Republik Indonesia Nomor 19 Tahun 2016 dan Undang-Undang Republik Indonesia Nomor 1 Tahun 2024, diundangkan di Jakarta pada tanggal 21 April 2008, Lembaran Negara Republik Indonesia Tahun 2008 Nomor 58, Tambahan Lembaran Negara Republik Indonesia Nomor 4843.

Undang-Undang No. 27 Tahun 2022 tentang Pelindungan Data Pribadi, diundangkan di Jakarta pada tanggd 17 Oktober 2022, Lembaran Negara Republik Indonesia Tahun 2022 Nomor 196.

The Lawful Use of Overseas Act of 2018, Pub. L. No. 115-141, 132 Stat., 348

Directive (EU) 2016/680 of the European Parliament an of the Council of 27 April 2016 in the Protection of Natural Person ... Repealing Council Framework Decision 2008/977/JHA

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movements of such data, and repealing Directive 95/46/EC, OJ L 119/1

Peraturan Pemerintah Republik Indonesia Nomor 71 Tahun 2019 Tentang Penyelenggaraan Sistem dan Transaksi Elektronik, diundangkan di Jakarta, pada Tanggal 10 Oktober 2019, Lembaran Negara Republik Indonesia Tahun 2019 Nomor 185.

Peraturan Menteri Komunikasi dan Informatika Republik Indonesia Nomor 5 Tahun 2020 Tentang Penyelenggara Sistem Elektronik Lingkup Privat, diundangkan Di Jakarta, pada Tanggal 24 November 2020, Berita Negara Republik Indonesia Tahun 2020 Nomor 1376.