Personal data protection in fintech: A case study from Indonesia

Abstract

Personal data privacy regulation and mitigation are critical in implementing financial technology (fintech). Problems with fintech users’ data might result from data breaches, improper usage, and trade. Issues with personal data will result in financial losses, crimes, and violations of personal information. This legal research used three approaches: conceptual, comparative, and statute-based. In order to implement the statutory method, all laws and regulations pertaining to the legal concerns of information technology, fintech, personal data security, and protection are reviewed. Due to the nature of the sources of data, this study mainly used literature study and document observation to collect the data. Then, legal interpretation, legal reasoning, and legal argumentation are all included in the qualitative juridical analysis. This article recommends two strategies that Indonesia should take to provide personal data protection, including: 1) establishing the Personal Data Protection Commission (PDPC); and 2) improving the financial literacy of consumers.