The Legal Protection of Personal Data in Fintech peer-to-peer (P2P) Lending Practices: Orientation and Formulation

Abstract

In the era of digital transformation, one prominent model of Fintech is Peer-to-Peer (P2P) lending, which offers alternative financing access through digital platforms. The protection of personal data in P2P lending becomes crucial as sensitive information such as financial and credit history is collected and processed by these platforms. Data protection regulations, like GDPR, play a vital role in maintaining the balance between Fintech innovation and individual privacy rights. This research aims to discuss the legal protection of personal data within the context of Peer-to-Peer (P2P) Lending in the realm of Financial Technology (Fintech) in Indonesia. The research methodology employed is normative law, using descriptive legal analysis. Data is gathered from various sources, including legal statutes, court decisions, legal literature, and government guidelines related to Fintech and personal data protection. Qualitative analysis is conducted to identify relevant legal provisions, explain their legal implications, and formulate improvement recommendations. The research findings reveal that personal data protection within Indonesian Fintech P2P Lending is governed by a range of regulations, including the Electronic Information and Transactions Law (UU ITE), the amended UU ITE, OJK regulations, and the Ministry of Communication and Informatics regulations. Moreover, the Omnibus Law on Job Creation provides a strong foundation for the protection of consumer personal data. Key principles in personal data protection encompass transparency, explicit consent, data security, limited data usage, fair and ethical business practices, individual rights over personal data, and data integration