Data leakage is one of the high potentials for criminal acts in cyberspace. The Indonesian government passed the Personal Data Protection Act (UU PDP) to ensure the security of every citizen's personal data. This study aims to compare the policies of the Personal Data Protection Act with the European Union General Data Protection Regulations (EU-GDPR). This study uses a qualitative descriptive analysis method with data from previous studies and official releases from the Indonesian government and the European Union. The results of this study illustrate that the PDP Law and the EU-GDPR have the same arrangements regarding the rights of personal data subjects. In the data processing aspect, the principle of processing personal data in the PDP Law is not mandatory. In contrast, in the EU-GDPR, the principle of processing personal data is mandatory. In the aspect of controlling and processing personal data, both rights and responsibilities are almost the same, both for the PDP Law and the EU-GDPR. In the aspect of imposing sanctions, EU-GDPR is more apparent in the mechanism of imposing sanctions in the form of fines. While in the PDP Law, sanctions consist of administrative sanctions, criminal sanctions, and criminal fines, the mechanism of imposing sanctions is not yet clear.

Arif Rahman. (2019, May 30). Tiga Penyebab Kebocoran Data di Kasus SingHealth. https://cyberthreat.id/read/599/Tiga-Penyebab-Kebocoran-Data-di-Kasus-SingHealth

BBC. (2021, May 24). Three years of GDPR: the biggest fines so far. https://Www.Bbc.Com/News/Technology-57011639.

Devira Prastiwi. (2022, September 12). 8 Fakta Terkait Kemunculan Hacker Bjorka yang Bocorkan Data Penting Indonesia. https://Www.Liputan6.Com/News/Read/5067499/8-Fakta-Terkait-Kemunculan-Hacker-Bjorka-Yang-Bocorkan-Data-Penting-Indonesia

Direktorat Jenderal Aplikasi Informatika, dan tim. (2021). Dinamika Data Aplikasi Informasi Indonesia. In Jakarta Pusat (Issue 9).

DW. (2021, February 9). Ireland fines WhatsApp €225 million for privacy breach. https://Www.Dw.Com/En/Ireland-Fines-Whatsapp-225-Million-for-Eu-Privacy-Breach/a-59065206.

GDPR.EU. (n.d.). GDPR Subject-matter and objectives. https://Gdpr.Eu/Article-1-Subject-Matter-and-Objectives-Overview/.

Jung, K. (2021). Extreme Data Breach Losses: An Alternative Approach to Estimating Probable Maximum Loss for Data Breach Risk. North American Actuarial Journal, 25(4), 580–603. https://doi.org/10.1080/10920277.2021.1919145

Natha, K. D. R., Budiartha, N. P., & Astiti, N. G. K. S. (2022). Perlindungan Hukum atas Kebocoran Data Pribadi Konsumen pada Perdagangan Elektronik Lokapasar (Marketplace). Jurnal Preferensi Hukum, 3(1), 143-148.

Peraturan Menteri Komunikasi dan Informatika Republik Indonesia Nomor 20 Tahun 2016 tentang Perlindungan Data Pribadi dalam Sistem Elektronik, Berita Negara Republik Indonesia Tahun 2016 Nomor 1829 (2016).

Peraturan Pemerintah Nomor 17 Tahun 2019 tentang Penyelenggaraan Sistem dan Transaksi Elektronik, Lembaran Negara RI Tahun 2019 Nomor 185 (2019).

Putri, D. D. F., & Fahrozi, M. H. (2021). Upaya Pencegahan Kebocoran Data Konsumen Melalui Pengesahan RUU Perlindungan Data Pribadi (Studi Kasus E-Commerce Bhinneka. com). Borneo Law Review, 5(1), 46-68.

Pusat Operasi Keamanan Siber Nasional. (2021). Laporan Monitoring Keamanan Siber Nasional.

Todt, K. E. (2019). Data Privacy and Protection. The Cyber Defense Review, 4(2), 39-46. https://doi.org/10.2307/26843891

Schauer, F. (1997). Internet privacy and the public-private distinction. Jurimetrics, 38, 555.

Sholikhah, V. H., Sejati, N. R. F. F., & Shabitah, D. (2021). Personal Data Protection Authority: Comparative Study between Indonesia, United Kingdom, and Malaysia. Indonesian Scholars Scientific Summit Taiwan Proceeding, 3, 54–63. https://doi.org/10.52162/3.2021112

Simon Kemp. (2022). Digital 2022 April Global Statshot Report . https://datareportal.com/reports/digital-2022-april-global-statshot

Sitania, F. D. (2010). Analisis Keandalan Produk Dengan Pola Penggunaan Intermittent. Arika, 4(2), 175-184.

Undang-Undang Republik Indonesia Nomor 27 Tahun 2022 tentang Pelindungan Data Pribadi, Lembaran Negara RI Tahun 2022 Nomor 196 (2022).

Wikina, S. B. (n.d.). What Caused the Breach? An Examination of Use of Information Technology and Health Data Breaches.

Zha, L. F., Nie, S. F., Chen, Q. W., Liao, Y. H., Zhang, H. S., Dong, J. T., Xie, T., Wang, F., Tang, T. T., Xia, N., Xu, C. Q., Zhou, Y. C., Zeng, Z. P., Jiao, J., Wang, P. Y., Wang, Q. K., Tu, X., & Cheng, X. (2018). IL-13 may be involved in the development of CAD via different mechanisms under different conditions in a Chinese Han population. Scientific Reports, 8(1). https://doi.org/10.1038/s41598-018-24592-9