Abstract:
A personal data breach is a violation faced by businesses, particularly those
directly tied to technology. In Indonesia, there are numerous incidents of personal
data breach E-Commerce Businesses such as Tokopedia. This study attempts to
assess the legal responsibilities of perpetrators of consumer data security along with
the implementation of Data Protection Officer roles within companies such as
Tokopedia. This is a normative legal research analysis with a statue approach and
a conceptual approach. The data was gathered through library research and
examined prescriptively. The study’s findings are: 1. Legal protection for clients in
the event of misuse of their personal data. Protecting customers data in advance of
a failure to do so might hurt customers; hence, preventative measures include legal
protection that is preventative in nature. As a result of the losses suffered by
customers as a result of the failure to secure the confidentiality of their personal
data, repressive protection is carried out in the protection of consumer personal data
by involving the role of the business and the government in providing legal
protection. 2. The Data Protection Officer can provide valuable assistance to the
company in conducting assessment of the potential impact on personal protection
with regard to new policies. Conclusion of this topic are: 1. In the event of a Breach
of Personal Data in Company, it is mandatory for the company as a company
involved to inform the Data Owner related to the breach, and assume of full
responsibility for mishandling related to the existing data. 2. The implementation
of Tokopedia has implements a data protection officer to maintain all process in
protecting personal data in accordance with the applicable PDP Law.
