Threats and Strategies for Personal Data Protection in Digital Services: A Thematic Review and Regulatory Analysis

Djayanti; Wilma Silalahi

doi:10.53748/jbms.v5i2.123

Authors

Djayanti Tarumanagara University
Wilma Silalahi Tarumanagara University

DOI:

https://doi.org/10.53748/jbms.v5i2.123

Keywords:

personal data protection, digital security, PDP Law, digital literacy, data regulation

Abstract

This article aims to analyze the threats to personal data in digital services and the protection strategies used, by integrating legal, policy, information technology, and digital literacy approaches. This research uses a qualitative approach based on doctrinal, thematic, and comparative analysis. Data was collected from legal texts, policy documents, academic literature, and empirical studies to build a comprehensive analytical framework. The analysis was conducted to identify threat categories and protection strategies, and evaluate the effectiveness of regulatory frameworks such as the General Data Protection Regulation (GDPR) and the PDP Law. The research found that threats to personal data stem from both technical (phishing, malware, dark patterns) and non-technical factors (low digital literacy, weak regulation). An effective protection strategy is the integration of technical approaches such as encryption and digital auditing, as well as non-technical approaches such as education, regulation, and institutional transparency. This study distinguishes itself from previous literature by combining legal, technological, and social analysis in a unified synthesis, and provides a review of the effectiveness of the PDP Law as a public protection instrument.

Downloads

Download data is not yet available.

References

Aji, M. P. (2023). Sistem Keamanan Siber dan Kedaulatan Data di Indonesia dalam Perspektif Ekonomi Politik (Studi Kasus Perlindungan Data Pribadi). Jurnal Politica Dinamika Masalah Politik dalam Negeri dan Hubungan Internasional, 13(2), 222-238.

Erikha, A., & Hoesein, Z. A. (2025). Strategi Pencegahan Kebocoran Data Pribadi melalui Peran Kominfo dan Gerakan Siberkreasi dalam Edukasi Digital. Jurnal Retentum, 7(1), 48–64.

Faizal, M. A., Faizatul, Z., Asiyah, B. N., & Subagyo, R. (2023). Analisis Risiko Teknologi Informasi pada Bank Syariah: Identifikasi Ancaman dan Tantangan Terkini. Jurnal Asy-Syarikah: Jurnal Lembaga Keuangan, Ekonomi dan Bisnis Islam, 5(2), 87–100.

Gani, T. A. (2023). Kedaulatan Data Digital untuk Integritas Bangsa. Banda Aceh: Syiah Kuala University Press.

Handayani, A. (2023). Perlindungan Hukum atas Tindakan Pencurian Data Pribadi pada Layanan Fintech Lending Terhadap Ancaman Cyber Security di Indonesia. Jurist-Diction, 6(4), 605–630.

Huda, N. U., Astaruddin, T., Nasution, M. I., Al Haddad, A., & Gumelar, D. R. (2024). Data pribadi, hak warga, dan negara hukum: Menjaga privasi di tengah ancaman digital. Bandung: CV Widina Media Utama.

Husamuddin, H. M. Z., Efendi, S., Hamdi, S., Rahma, I., Erick, B., Heryanti, N., & Friwarti, S. D. (2024). Hukum Acara Pidana & Pidana Cyber. Medan: PT Media Penerbit Indonesia.

Isus, R., Kolesnikova, K., Khlevna, J., Oleksandr, T., & Liubov, K. (2024). Development of a model of personal data protection in the context of digitalization of the educational sphere using information technology tools. Procedia Computer Science, 231, 347–352.

Kurniawan, Maulana, A., & Iskandar, Y. (2023). The Effect of Technology Adaptation and Government Financial Support on Sustainable Performance of MSMEs during the COVID-19 Pandemic. Cogent Business & Management, 10(1). https://doi.org/10.1080/23311975.2023.2177400

Marikyan, D., Papagiannidis, S., Rana, O. F., & Ranjan, R. (2023). General Data Protection Regulation: A Study on Attitude and Emotional Empowerment. Behaviour & Information Technology, 43(14), 3561–3577.

Pratama, A. M., Syaiful, & Rahman, M. F. (2024). Keamanan Data dan Informasi. Bandung: Kaizen Media Publishing.

Rosadi, S. D. (2023). Pembahasan UU Pelindungan Data Pribadi (UU RI No. 27 Tahun 2022). Jakarta Timur: Sinar Grafika.

Runtuwene, S. J., Lambonan, O. M., Kasenda, S. R., Torar, E. J., Tumewan, V. V., & Tumewan, T. A. (2023). Penyalahgunaan Data Pribadi dalam Era Cybercrime. Jurnal Ilmu Komputer dan Sistem Informasi, 9(4), 123–125.

Rupp, V., & von Grafenstein, M. (2024). Clarifying “Personal Data” and the Role of Anonymisation in Data Protection Law: Including and Excluding Data from the Scope of the GDPR (More Clearly) Through Refining the Concept of Data Protection. Computer Law & Security Review, 52, 105932.

Santos, C., Morozovaite, V., & De Conca, S. (2025). No Harm No Foul: How Harms Caused by Dark Patterns Are Conceptualised and Tackled Under EU Data Protection, Consumer and Competition Laws. Information & Communications Technology Law, 1–47.

Yuniarti, D. R., Alfarizy, H. F., Siallagan, Z., & Rizkyanfi, M. W. (2023). Analisis Potensi dan Strategi Pencegahan Cyber Crim dalam Sistem Logistik di Era Digital. Jurnal Bisnis, Logistik dan Supply Chain (Blogchain), 3(1), 23–32.

Zahwani, S. T., & Nasution, M. I. P. (2024). Analisis Kesadaran Masyarakat Terhadap Perlindungan Data Pribadi di Era Digital. Journal of Sharia Economics Scholar (JoSES), 2(2), 105–109.