The Legal Responsibility of the General Elections Commission in the 2024 Election Data Leak: Integration of Personal Data Protection Laws and the Principle of Sadd al-Dharī‘at

Siti Nur Syifa; Muhammad Torieq Abdillah; Fadil SJ

Authors

Siti Nur Syifa Postgraduate UIN Maulana Malik Ibrahim Malang
Muhammad Torieq Abdillah Faculty of Sharia UIN Antasari Banjarmasin https://orcid.org/0009-0005-5565-2107
Fadil SJ Postgraduate UIN Maulana Malik Ibrahim Malang

Abstract

Indonesia’s transition to digital governance has amplified the urgency of personal data protection, especially following the 2024 General Election data leaks, which exposed over 204 million voter records. This study investigates the legal responsibility of the General Election Commission (KPU), as the institution mandated to organize general elections, under Law Number 27 of 2022 concerning Personal Data Protection (UU PDP) and Islamic legal doctrine, particularly the principle of sadd al-dharī‘at (preventing harm). This study uses normative legal research methods with statutory, conceptual, and comparative approaches. The study analyzes primary legal materials and comparative frameworks such as the General Data Protection Regulation (GDPR). The findings reveal that despite UU PDP’s existence, implementation remains weak due to inadequate digital infrastructure and limited institutional accountability. The research highlights a dual legal gap: insufficient positive law enforcement and underutilization of preventive Islamic principles. The novelty of this study lies in integrating sadd al-dharī‘at with UU PDP to offer a preventive legal solution that strengthens institutional data security. The implication suggests the urgency of harmonizing regulatory frameworks and enhancing legal awareness within electoral institutions to ensure public trust and uphold digital democracy.

References

Abrahams, Temitayo Oluwaseun, Sarah Kuzankah Ewuga, Samuel Onimisi Dawodu, Abimbola Oluwatoyin Adegbite, and Azeez Olanipekun Hassan. “A Review of Cybersecurity Strategies in Modern Organizations: Examining the Evolution and Effectiveness of Cybersecurity Measures for Data Protection.” Computer Science & IT Research Journal 5, no. 1 (January 9, 2024): 1–25. https://doi.org/10.51594/csitrj.v5i1.699.

Alkhalil, Zainab, Chaminda Hewage, Liqaa Nawaf, and Imtiaz Khan. “Phishing Attacks: A Recent Comprehensive Study and a New Anatomy.” Frontiers in Computer Science 3 (March 9, 2021). https://doi.org/10.3389/fcomp.2021.563060.

Amnesti, Sheila Kusuma Wardani, Siti Zulaichah, and Nurul Istiqomah. “Legal Protection of Personal Data Security in Indonesian Local Government Apps: Al Farabi’s Perspective.” Legality: Jurnal Ilmiah Hukum 33, no. 1 (2025): 1–19. https://doi.org/10.22219/ljih.v33i1.34623.

Asmadi, Erwin, Adi Mansar, Triono Eddy, Mukti Fajar Nur Dewata, Farid Wajdi, and Norhasliza binti Ghapa. “Data Theft and the Law on Protection of Personal Data: A Thematic Analysis.” Jurnal Hukum Novelty 15, no. 2 (November 2, 2024): 268–85. https://doi.org/10.26555/jhn.v15i2.27661.

asy-Syathibi. Al-Muwafaqat. Vol. 3. Kairo: Mathba’ah al-Maktabah at-Tijariyah, n.d.

Auda, Jasser. Maqasid Al-Shariah as Philosophy of Islamic Law: A Systems Approach. International Institute of Islamic Thought (IIIT), 2008.

Badar, Eryna Syahadatina, Ahmad Fauzi, and Ahya Jazuli. “Personal Data Protection Policy in Law Number 27 of 2022 in the Perspective of Positive Law and Islamic Law.” Hukum Islam 23, no. 1 (July 12, 2023): 61–74. https://doi.org/10.24014/jhi.v23i1.20465.

Bahtiar, Naylawati. “Darurat Kebocoran Data: Kebuntuan Regulasi Pemerintah.” Development Policy and Management Review (DPMR), March 20, 2024, 85–100.

Bakare, Seun Solomon, Adekunle Oyeyemi Adeniyi, Chidiogo Uzoamaka Akpuokwe, and Nkechi Emmanuella Eneh. “Data Privacy Laws and Compliance: A Comparative Review of the EU GDPR and USA Regulations.” Computer Science & IT Research Journal 5, no. 3 (March 9, 2024): 528–43. https://doi.org/10.51594/csitrj.v5i3.859.

Bintarawati, Fenny. “The Influence of the Personal Data Protection Law (UU PDP) on Law Enforcement in the Digital Era.” Anayasa: Journal of Legal Studies 1, no. 2 (January 22, 2024): 135–43. https://doi.org/10.61397/ays.v1i2.92.

Bofa, Maya, Arifin Sudirman, and Darmawan Wawan Budi. “Data Rights Di Era Surveillance Capitalism: Skandal Data Cambridge Analytica & Facebook Dalam Pemilihan Presiden Amerika Serikat 2016.” Hasanuddin Journal of International Affairs 2, no. 2 (2022). https://doi.org/10.31947/hjirs.v2i2.22686.

Bungin, Burhan. Metodologi Penelitian Kualitatif: Aktualisasi Metodologis Ke Arah Ragam Varian Kontemporer. Jakarta: Rajawali Press, 2017.

Chase, Peter. “Perspectives on the General Data Protection Regulation Of the European Union,” 2024.

Cheng, Long, Fang Liu, and Danfeng Yao. “Enterprise Data Breach: Causes, Challenges, Prevention, and Future Directions.” Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery 7, no. 5 (2017): e1211. https://doi.org/10.1002/widm.1211.

Dinata, M. Ruhly Kesuma. Ilmu Hukum. Kotabumi: Sai Wawai Publishing, 2019.

Dobinson, Ian, and Francis Johns. “Qualitative Legal Research.” In Research Methods for Law. Edinburgh: Edinburgh University Press, 2007.

Fad, Mohammad Farid. “Perlindungan Data Pribadi Dalam Perspektif Sadd Dzari’ah.” Muamalatuna 13, no. 1 (2021): 33–69. http://dx.doi.org/10.37035/mua.v13i1.4674.

Fajar, Mukti, and Yulianto Ahmad. Dualisme Penelitian Hukum Normatif Dan Hukum Empiris. Yogyakarta: Pustaka Pelajar, 2010.

Farayola, Oluwatoyin Ajoke, Oluwabukunmi Latifat Olorunfemi, and Philip Olaseni Shoetan. “Data Privacy and Security in IT: A Review of Techniques and Challenges.” Computer Science & IT Research Journal 5, no. 3 (March 27, 2024): 606–15. https://doi.org/10.51594/csitrj.v5i3.909.

Fauzy, Elfian, and Nabila Alif Radika Shandy. “Hak Atas Privasi Dan Politik Hukum Undang-Undang Nomor 27 Tahun 2022 Tentang Pelindungan Data Pribadi.” Lex Renaissance 7, no. 3 (2022): 445–61.

General Data Protection Regulation (GDPR). “General Data Protection Regulation (GDPR) – Legal Text.” Accessed January 23, 2025. https://gdpr-info.eu/.

Halif, Halif, Ainul Azizah, and Prisma Diyah Ratrini. “Regulating Doxing and Personal Data Dissemination in Indonesia.” Jurnal Kajian Pembaruan Hukum 3, no. 1 (2023): 61–90. https://doi.org/10.19184/jkph.v3i1.33938.

Halilah, Siti, and Mhd. Fakhrurrahman Arif. “Asas Kepastian Hukum Menurut Para Ahli.” Siyasah: Jurnal Hukum Tata Negara 4, no. II (2021).

Hoofnagle, Chris Jay, Bart van der Sloot, and Frederik Zuiderveen Borgesius. “The European Union General Data Protection Regulation: What It Is and What It Means.” Information & Communications Technology Law 28, no. 1 (January 2, 2019): 65–98. https://doi.org/10.1080/13600834.2019.1573501.

Husamuddin MZ. “Hifzh Al-Irdh Dalam Transformasi Sosial Modern (Upaya Menjadikan Hifzhu Al-Ird Sebagai Maqashid Al-Dharuriy).” At-Tasyri’: Jurnal Ilmiah Prodi Muamalah 11, no. 2 (2019): 119–32. https://doi.org/10.47498/tasyri.v11i2.298.

Hussein, Hawraa Taher. “Exploring the Social Impact of Cyber Extortion : A Sociolinguistic Study” 2, no. 79 (2024): 86.

Indonesia, Badan Pusat Statistik. “Jumlah Penduduk Pertengahan Tahun - Tabel Statistik.” Accessed May 22, 2025. https://www.bps.go.id/id/statistics-t.

Jusuf, Muhamad Bacharuddin, and Adara Khalfani Mazin. “Penerapan Teori Hans Kelsen Sebagai Bentuk Upaya Tertib Hukum Di Indonesia.” Das Sollen: Jurnal Kajian Kontemporer Hukum Dan Masyarakat 2, no. 01 (January 8, 2024). https://journal.forikami.com/index.php/dassollen/article/view/519.

Kesuma, I Gusti Made Jaya, Ida Ayu Putu Widiati, and I Nyoman Gede Sugiartha. “Penegakan Hukum Terhadap Penipuan Melalui Media Elektronik.” Jurnal Preferensi Hukum 1, no. 2 (2020): 72–77. https://doi.org/10.22225/jph.1.2.2345.72-77.

KOMPAS.tv. “AJI Indonesia: 14 Kasus Serangan Digital Kepada Jurnalis dan Media, 8 Diantaranya Kasus Doxing.” Accessed May 1, 2024. https://www.kompas.tv/.

KPU. “DPT Pemilu 2024 Dalam Negeri Dan Luar Negeri, 204,8 Juta Pemilih.” Accessed April 30, 2024. https://www.kpu.go.id/berita/

———. “Siaran Pers Terkait Informasi Dugaan Kebocoran Data Milik KPU.” Accessed May 22, 2025. https://www.kpu.go.id/berita/

Kristanto, Asa Pramudya. “Perlindungan Terhadap Data Pribadi Dalam Aplikasi Digital Sebagai Bentuk Perlindungan Hak Asasi Manusia.” UNES Law Review 5, no. 3 (2023): 952–60. https://doi.org/10.31933/unesrev.v5i3.367.

Kristianto, Dhani, and Azis Budianto. “Guaranteed Legal Protection for Malware Victims in Indonesia.” In Proceedings of the 4th International Conference on Law, Social Sciences, Economics, and Education, ICLSSEE 2024, 25 May 2024, Jakarta, Indonesia, 1. Jakarta, Indonesia: EAI, 2024. https://doi.org/10.4108/eai.25-5-2024.2349181.

Kukul, Batuhan. “Personal Data and Personal Safety: Re-Examining the Limits of Public Data in the Context of Doxing.” International Data Privacy Law 13, no. 3 (2023): 182–93. https://doi.org/10.1093/idpl/ipad011.

Lee, Hema Nadarajah, Alberto Iskandar, Sasha Lee, Sasha. “Indonesian Government Under Fire for String of Cyber Breaches.” Asia Pacific Foundation of Canada. Accessed April 11, 2025. https://www.asiapacific.ca/publication/

Li, Yao-Tai, Katherine, and Whitworth. “Coordinating and Doxing Data: Hong Kong Protesters’ and Government Supporters’ Data Strategies in the Age of Datafication.” Social Movement Studies 23, no. 3 (May 3, 2024): 355–72. https://doi.org/10.1080/14742837.2023.2178404.

Lubis, Muharman, and Mira Kartiwi. “Privacy and Trust in the Islamic Perspective: Implications of the Digital Age.” In 2013 5th International Conference on Information and Communication Technology for the Muslim World (ICT4M), 1–6, 2013. https://doi.org/10.1109/ICT4M.2013.6518898.

“Maraknya Penipuan Digital Di Indonesia | Indonesia Baik.” Accessed May 1, 2024. https://indonesiabaik.id/.

Muhaimin. Metode Penelitian Hukum. Mataram: Mataram University Press, 2020.

nasional. “BSSN Ungkap Kronologi Kebocoran Data Pemilih KPU di Sidang DKPP.” Accessed May 22, 2025. https://www.cnnindonesia.com/nasional/

Nuriyah, Sinta, and Wiwik Afifah. “Analisis Kasus Pemerasan Akibat Penyalahgunaan Pada Sosial Media.” Bureaucracy Journal: Indonesia Journal of Law and Social-Political Governance 2, no. 3 (December 7, 2022): 1241–51. https://doi.org/10.53363/bureau.v2i3.116.

Okezone. “Heboh Situs KPU Dibobol, 204 Juta Data DPT Bocor Dijual Peretas Miliaran Rupiah : Okezone Nasional.” https://nasional.okezone.com/, accessed November 28, 2023. https://nasional.okezone.com/

Qamar, Nurul, and Farah Syah Rezah. Ilmu Dan Teknik Pembentukan Peraturan Perundang-Undangan. Makassar: Social Politic Genius, 2019.

Rahman, Faiz. “Pelindungan Data Pribadi dan Integritas Pemilu.” kompas.id, December 19, 2023. https://www.kompas.id/baca/opini/.

Ramadhan, Kiki Rezki, and Chandra Wijaya. “The Challenges of Personal Data Protection Policy in Indonesia: Lesson Learned from the European Union, Singapore, and Malaysia.” Technium Social Sciences Journal 36 (2022).

RI, Setjen DPR. “204 Juta DPT Pemilu Bocor, Sukamta Ingatkan KPU Tindaklanjuti Secara Serius.” Accessed April 30, 2024. http://www.dpr.go.id/berita/detail/id/47962.

Rosadi, Sinta Dewi. Pembahasan UU Pelindungan Data Pribadi (UU RI No. 27 Tahun 2022). Jakarta Timur: Sinar Grafika, 2024.

Rupp, Valentin, and Max von Grafenstein. “Clarifying ‘Personal Data’ and the Role of Anonymisation in Data Protection Law: Including and Excluding Data from the Scope of the GDPR (More Clearly) through Refining the Concept of Data Protection.” Computer Law & Security Review 52 (April 1, 2024): 105932. https://doi.org/10.1016/j.clsr.2023.105932.

Rusli, Tami. Pengantar Ilmu Hukum. Lampung: Universitas Bandar Lampung (UBL) Press, 2017.

Sandiza, Miftahul Heldra, Sinta Dewi Rosadi, and Rahmat Suparman. “Towards Personal Data Protection in Structural Leadership Training: An Analysis of Maqāshid al-Sharī’ah Perspective.” Mazahib 23, no. 2 (December 23, 2024): 631–68. https://doi.org/10.21093/mj.v23i2.8986.

Sari, Purnama, and Tata Sutabri. “Analisis Kejahatan Online Phising Pada Institusi Pemerintah/Pendidik Sehari-Hari.” Jurnal Digital Teknologi Informasi 6, no. 1 (2023). https://doi.org/10.32502/digital.v6i1.5620.

Sautunnida, Lia, Izura Masdina Mohamed Zakri, and Faisal Ahmadi. “Dispute Resolution Mechanisms in Personal Data Leakages: An Analysis of OJK’s Role and Functions in Indonesia.” Samarah: Jurnal Hukum Keluarga Dan Hukum Islam 9, no. 1 (January 15, 2025): 23–44. https://doi.org/10.22373/sjhk.v9i1.21102.

Oktavira, Bernadetha Aurelia, and Hukumonline. “Arti Ius Constitutum dan Ius Constituendum,” July 7, 2018. https://www.hukumonline.com/klinik/.

Sihombing, Josua. “Menkomdigi: Indonesia Pengguna Internet Terbesar Di Dunia.” rri.co.id - Portal berita terpercaya. Accessed May 20, 2025. https://www.rri.co.id/.

Silalahi, Putri Hasian, and Fiorella Angella Dameria. “Perlindungan Data Pribadi Mengenai Kebocoran Data Dalam Lingkup Cyber Crime Sebagai Kejahatan Transnasional.” Wajah Hukum 7, no. 2 (2023): 614–27. http://dx.doi.org/10.33087/wjh.v7i2.1244.

Sinaga, Erlina Maria Christin, and Mery Christian Putri. “Formulasi Legislasi Perlindungan Data Pribadi Dalam Revolusi Industri 4.0.” Jurnal Rechts Vinding: Media Pembinaan Hukum Nasional 9, no. 2 (2020): 237. https://dx.doi.org/10.33331/rechtsvinding.v9i2.428.

Soekanto, Soerjono. “Kesadaran Hukum Dan Kepatuhan Hukum.” Jurnal Hukum & Pembangunan 7, no. 6 (1977).

Soeprapto, Maria Farida Indrati. Ilmu Perundang-Undangan Proses Dan Teknik Pembentukannya. Yogyakarta: Kanisius, 2007.

Sulaiman, Abdullah. Pengantar Ilmu Hukum. Jakarta: UIN Jakarta bersama Yayasan Pendidikan dan Pengembangan Sumber Daya Manusia, 2019.

Sutarli, Ananta Fadli, and Shelly Kurniawan. “Peranan Pemerintah Melalui Undang-Undang Perlindungan Data Pribadi Dalam Menanggulangi Phising Di Indonesia.” Innovative: Journal of Social Science Research 3, no. 2 (2023): 4208–21.

Sutopo, Umarwan, Achmad Hasan Basri, and Hilman Rosyidi. “Presidential Threshold in the 2024 Presidential Elections: Implications for the Benefits of Democracy in Indonesia.” Justicia Islamica 21, no. 1 (June 25, 2024): 155–78. https://doi.org/10.21154/justicia.v21i1.7577.

Syarifuddin, Amir. Ushul Fiqh (2). Jakarta: Kencana, 2011.

Syukur, Syarmin. Sumber-Sumber Hukum Islam. Surabaya: Usana Ofset Printing, 1993.

Tempo. “252 Juta Data DPT Pemilu 2024 Bocor, Apa Tanggapan KPU dan Menkominfo? | tempo.co,” November 30, 2023. https://www.tempo.co/politik/

Tempo. “Begini Kronologi Data 204 Juta DPT Pemilu 2024 Milik KPU Bocor Dibobol Hakcer | tempo.co,” November 29, 2023. https://www.tempo.co/.

Umagapi, Juniar Laraswanda. “Kebocoran Data Pemilih Pemilu 2024.” Pusaka, Desember 2023.