Digital Notarial Archives in Indonesia: Regulatory Challenges vs. the EU’s GDPR Data Protection Standards

  • Zakiah Noer Arif Rahman Hakim Street No. 2B, Kramatandap, Gapurosukolilo, Gresik District, Gresik Regency, East Java
  • Rizki Kurniawan Arif Rahman Hakim Street No. 2B, Kramatandap, Gapurosukolilo, Gresik District, Gresik Regency, East Java
Keywords: Digital Notarial Archives, Data Protection Compliance, GDPR

Abstract

This study examines the regulatory and operational challenges faced by Indonesian notarial institutions in complying with digital data protection standards. Using a qualitative approach through legal analysis and interviews with notaries in Jakarta, Surabaya, and Bandung, the research identifies major issues, including limited understanding of data governance, lack of sector-specific regulations, and weak cybersecurity infrastructure. Although Law No. 27/2022 on Personal Data Protection provides a legal foundation, it lacks clarity and enforcement tailored to notarial functions. A comparison with the European Union’s General Data Protection Regulation (GDPR) reveals significant gaps, particularly in accountability, transparency, and risk-based mechanisms. The absence of roles such as Data Protection Officers and mandatory data impact assessments highlights the institutional unpreparedness in Indonesia. These shortcomings expose sensitive legal data to potential breaches, reducing public trust and legal reliability. The study recommends the adoption of a sector-specific regulatory model aligned with GDPR principles, supported by standardized protocols, professional training, and oversight mechanisms. These efforts are essential to ensure data security, improve institutional credibility, and support Indonesia’s transition toward secure and professional digital legal services.

Downloads

Download data is not yet available.

References

[1] C. Bennett and C. Raab, The Governance of Privacy: Policy Instruments in Global Perspective, 2nd ed., Cambridge, MA: MIT Press, 2006. [Online]. Available: https://mitpress.mit.edu/books/governance-privacy
[2] V. Braun and V. Clarke, Thematic Analysis: A Practical Guide, London: SAGE Publications, 2021. [Online]. Available: https://books.google.com/books/about/Thematic_Analysis.html?id=mToqEAAAQBAJ
[3] J. W. Creswell and C. N. Poth, Qualitative Inquiry and Research Design: Choosing Among Five Approaches, 4th ed., Thousand Oaks, CA: SAGE Publications, 2018. [Online]. Available:https://books.google.com/books/about/Qualitative_Inquiry_and_Research_Design.html?id=DLbBDQAAQBAJ
[4] European Union, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the Protection of Natural Persons with Regard to the Processing of Personal Data and on the Free Movement of Such Data (General Data Protection Regulation), Official Journal of the European Union, L 119, 4 May 2016. [Online]. Available: https://eur-lex.europa.eu/eli/reg/2016/679/oj
[5] L. Edwards, "Privacy, Security and Data Protection in Smart Cities: A Critical EU Law Perspective," European Data Protection Law Review, vol. 2, no. 1, pp. 28–58, 2016. [Online]. Available: https://doi.org/10.21552/EDPL/2016/1/6
[6] S. Gutwirth, R. Leenes, and P. de Hert, Reloading Data Protection: Multidisciplinary Insights and Contemporary Challenges, Dordrecht: Springer, 2014. [Online]. Available: https://doi.org/10.1007/978-94-017-9980-3
[7] M. Hildebrandt, Smart Technologies and the End(s) of Law, Cheltenham: Edward Elgar Publishing, 2015. [Online]. Available: https://doi.org/10.4337/9781781954044
[8] Republic of Indonesia, Law No. 27 of 2022 on Personal Data Protection, Jakarta: Ministry of Communication and Information Technology, 2022. [Online]. Available: https://peraturan.bpk.go.id/Home/Details/200200/uu-no-27-tahun-2022
[9] J. Smith, Y. Zhang, and A. Renshaw, "Strengthening cybersecurity in digital public services: A comparative study," Journal of Information Policy, vol. 11, pp. 35–58, 2021. [Online]. Available: https://doi.org/10.5325/jinfopoli.11.2021.0035
[10] N. van Dijk, B. van der Sloot, and C. Prins, "The New Privacy Regime for Biometric Data: A Critical Evaluation of the GDPR," Computer Law & Security Review, vol. 34, no. 1, pp. 1–12, 2018. [Online]. Available: https://doi.org/10.1016/j.clsr.2017.05.003
[11] P. Voigt and A. von dem Bussche, The EU General Data Protection Regulation (GDPR): A Practical Guide, Cham: Springer, 2017. [Online]. Available: https://doi.org/10.1007/978-3-319-57959-7
[12] D. Wright and P. De Hert, Privacy Impact Assessment, Dordrecht: Springer, 2012. [Online]. Available: https://doi.org/10.1007/978-94-007-2543-0
[13] R. K. Yin, Case Study Research and Applications: Design and Methods, 6th ed., Thousand Oaks, CA: SAGE Publications, 2018. [Online]. Available: https://books.google.com/books/about/Case_Study_Research_and_Applications.html?id=6DwmDwAAQBAJ
Published
2025-06-11
How to Cite
Zakiah Noer, & Rizki Kurniawan. (2025). Digital Notarial Archives in Indonesia: Regulatory Challenges vs. the EU’s GDPR Data Protection Standards. INFOKUM, 13(04), 1055-1060. Retrieved from https://www.infor.seaninstitute.org/index.php/infokum/article/view/2891
Issue
Vol. 13 No. 04 (2025): Infokum
Section
Articles