Perlindungan Hukum terhadap Data Pribadi Konsumen dalam Transaksi E-Commerce Shopee

Abstract

PayLater services have gained popularity due to their inclusivity, flexibility, simple registration process, and attractive promotions. However, the increasing use of PayLater, such as Shopee's SPayLater, raises concerns about credit default risks and personal data breaches. Several incidents, including unauthorized collections and ShopeePay balance hacks, highlight weaknesses in data security and management on e-commerce platforms. Therefore, research is needed to strengthen legal protections for consumers' personal data in Shopee's e-commerce transactions. The study addresses several key issues: the legal protection of consumer personal data in ecommerce transactions under Indonesian law, the obligations and responsibilities of e-commerce platform operators to ensure the protection of consumer personal data, and the implementation and legal resolution of personal data breaches affecting users of platforms managed by Shopee. The research employs a normative-juridical method with a statutory and literature approach. The data utilized includes legislation and scientific sources related to the protection of personal data for Shopee consumers. Data analysis is conducted in a normative-qualitative manner The findings of this research can be summarized in several conclusions, indicating that the legal protection of consumer personal data in e-commerce in Indonesia has undergone significant development, particularly with the enactment of Law No. 27 of 2022. Although e-commerce service providers are obligated to maintain the confidentiality and security of data, challenges in the implementation of laws and consumers' understanding of their rights still need to be addressed. Based on these conclusions, it is recommended that the government strengthen oversight and enforcement of Law No. 27 of 2022 on Personal Data Protection by tightening security requirements and conducting regular audits on e-commerce platforms. Shopee and other service providers should enhance educational programs for consumers regarding their rights related to personal data protection, enabling them to take a more active role in safeguarding their data. Furthermore, strengthening law enforcement and applying stricter penalties for violations are necessary to encourage compliance and implement preventive measures to protect consumer data.