Protection of Data Privacy in Artificial Intelligence-Driven World: An Indonesian Perspective

Matthew Fabio; Sofiah Lailiyah; Jose Tjahjono

Authors

Matthew Fabio Faculty of Law, Universitas Surabaya https://orcid.org/0009-0008-5779-221X
Sofiah Lailiyah Faculty of Law, Universitas Surabaya https://orcid.org/0009-0003-4158-1593
Jose Tjahjono Faculty of Law, University of Waikato https://orcid.org/0009-0009-6372-3429

Abstract

Background: The increasing influence of AI has penetrated various sectors, including the domain of data privacy. Safeguarding data privacy is a fundamental human right necessitating robust legal protection. However, the advancement and application of AI technologies have prompted significant concerns regarding potential data privacy violations.

Methodology: This article employs doctrinal legal research with statutory approach.

Objectives: This article seeks to critically assess the extent to which the Indonesian Data Protection Act of 2022 addresses challenges arising from the proliferation of artificial intelligence (AI). This study will explore multiple dimensions: a) an analysis of the risks AI poses to data privacy; b) an examination of the implications of Article 20(2) (a) of the 2022 Data Protection Act in relation to AI development; and c) an evaluation of the existing legislative gaps that hinder effective regulation of AI's impact on data privacy.

Findings: The findings reveal notable deficiencies in Indonesia's current data protection laws, which inadequately address the challenges posed by AI advancements. Furthermore, the incorporation of responsible AI principles into the legislative framework, particularly under Article 3 of the Data Protection Act 2022, is essential. Developers face significant hurdles due to Article 20(2) (a), which mandates explicit consent from data owners prior to AI development. Incorporating responsible AI concepts could justify exemptions from this strict consent requirement, facilitating regulation that is more balanced.

Originality/Novelty: The novelty of this study lies in its comprehensive analysis of the Indonesian Data Protection Act 2022 through the lens of artificial intelligence (AI) governance, specifically highlighting the legislative gaps concerning data privacy risks posed by AI technologies. By focusing on Article 20(2) (a) and its implications for AI development, this research provides a novel perspective on how the strict consent requirement could hinder technological advancement. Furthermore, the study proposes a groundbreaking approach by advocating for the integration of responsible AI principles into Indonesia's data protection framework, emphasizing the need for a balanced consent mechanism under PDPA 2022. This innovative contribution addresses both regulatory insufficiencies and practical challenges faced by AI developers, offering a forward-looking perspective on harmonizing data protection with technological progress.