Perbandingan Normatif Regulasi Perlindungan Data Pribadi Amerika Serikat dan GDPR Uni Eropa dalam Perspektif Transfer Data Lintas Batas

Authors

  • Josua Ferdinand Sihotang Universitas Pembangunan Nasional Veteran Jakarta, Jakarta, Indonesia

DOI:

https://doi.org/10.37893/abioso.v17i1.1351

Keywords:

General Data Protection Regulation, Perlindungan Data Pribadi, Transfer Data Lintas Batas

Abstract

Perkembangan era digital global telah menjadikan perlindungan data pribadi sebagai isu hukum yang sangat krusial, terutama akibat kemajuan teknologi kecerdasan buatan dan meningkatnya intensitas serangan siber. Pada tahun 2025, rata-rata biaya pelanggaran data tercatat mencapai USD 4,88 juta per insiden. Penelitian ini mengkaji perbandingan normatif antara regulasi perlindungan data pribadi di Amerika Serikat, khususnya California Consumer Privacy Act, dengan General Data Protection Regulation (GDPR) Uni Eropa. Kajian tersebut dipilih karena relevansinya terhadap mekanisme transfer data lintas batas serta urgensinya bagi reformasi Undang-Undang Nomor 27 Tahun 2022 tentang Perlindungan Data Pribadi di Indonesia, terutama dalam konteks hubungan perdagangan bilateral antara Indonesia dan Amerika Serikat. Penelitian ini menggunakan metode hukum normatif dengan pendekatan perundang-undangan, pendekatan konseptual, dan pendekatan komparatif. Data penelitian bersumber dari bahan hukum sekunder berupa regulasi, jurnal ilmiah, dan laporan yang relevan hingga September 2025. Hasil penelitian menunjukkan adanya perbedaan mendasar antara sistem perlindungan data pribadi Amerika Serikat dan GDPR, khususnya dalam aspek yurisdiksi dan prinsip akuntabilitas. GDPR menerapkan yurisdiksi ekstrateritorial berdasarkan Pasal 3 serta prinsip akuntabilitas proaktif sebagaimana diatur dalam Pasal 35, sedangkan regulasi di Amerika Serikat cenderung bersifat sektoral dan terfragmentasi berdasarkan negara bagian. Perbedaan tersebut menimbulkan konflik norma, kekosongan norma, dan ketidakpastian hukum dalam mekanisme transfer data lintas batas, termasuk dalam implementasi EU-US Data Privacy Framework. Penelitian ini merekomendasikan reformasi Undang-Undang Nomor 27 Tahun 2022 tentang Perlindungan Data Pribadi melalui penguatan prinsip-prinsip GDPR guna mendukung harmonisasi regulasi global, meningkatkan kepastian hukum, serta mencegah terjadinya pelanggaran data pribadi di era digital.

Downloads

Download data is not yet available.

References

Aidun, E. (2025). Data Privacy in the Digital Age: A Comparative Analysis of U.S. and EU Regulations. University of Cincinnati Law Review, 93. https://uclawreview.org/2025/03/05/data-privacy-in-the-digital-age-a-comparative-analysis-of-u-s-and-eu-regulations/

Asmadi, E., Mansar, A., & Eddy, T. (2023). Actualization of Criminal Liability for Personal Data Protection in the Use of Financial Technology: A Comparative Study of Law Number 11 of 2008 Concerning Information and Electronic Transactions and Law Number 27 of 2022 Concerning Protection of Personal Data. De Lega Lata: Jurnal Ilmu Hukum, 8(2). https://doi.org/10.30596/dll.v8i2.15252

Austin. (2025). 2025 Global Threat Report. https://go.crowdstrike.com/rs/281-OBQ-266/images/CrowdStrikeGlobalThreatReport2025.pdf?version=0

Buckley, G., Caulfield, T., & Becker, I. (2024). How Might the Gdpr Evolve? A Question of Politics, Pace and Punishment. SSRN Electronic Journal. https://doi.org/10.2139/ssrn.4830619

Chance, C. (2025). Data Privacy Legal Trends 2025. https://www.cliffordchance.com/content/dam/cliffordchance/briefings/2025/02/data-privacy-legal-trends-2025.pdf

De Bruin, R. (2022). A Comparative Analysis of the EU and U.S. Data Privacy Regimes and the Potential for Convergence. SSRN Electronic Journal. https://doi.org/10.2139/ssrn.4251540

Hoofnagle, C. J., Van Der Sloot, B., & Borgesius, F. Z. (2019). The European Union General Data Protection Regulation: What it is and What it Means. Information & Communications Technology Law, 28(1), 65–98. https://doi.org/10.1080/13600834.2019.1573501

IBM Security. (2025). Cost of A Data Breach Report 2025. https://www.ibm.com/reports/data-breach

Jain, A. (2025). AI and Privacy 2024 to 2025: Embracing the Future of Global Legal Developments. cloudsecurityalliance.org. https://cloudsecurityalliance.org/blog/2025/04/22/ai-and-privacy-2024-to-2025-embracing-the-future-of-global-legal-developments

Khan, M. N. I. (2025). Cross-Border Data Privacy and Legal Support: A Systematic Review of International Compliance Standards and Cyber Law Practices. American Journal of Scholarly Research and Innovation, 04(01), 138–174. https://doi.org/10.63125/a4gbeb22

Lim, S., & Oh, J. (2025). Navigating Privacy: A Global Comparative Analysis of Data Protection Laws. IET Information Security, 2025(1), 5536763. https://doi.org/10.1049/ise2/5536763

Martono, Akbar, M. G. G., & Rahmatiar, Y. (2025). Law Enforcement of Transnational Cybercrime: Case Study in Indonesia. De Lega Lata: Jurnal Ilmu Hukum, 10(2). https://jurnal.umsu.ac.id/index.php/delegalata/article/view/24627

Prastyanti, R. A., Rahayu, I., Yafi, E., Wardiono, K., & Budiono, A. (2022). Law and Personal Data: Offering Strategies for Consumer Protection in New Normal Situation in Indonesia. Jurnal Jurisprudence, 11(1), 82–99. https://doi.org/10.23917/jurisprudence.v11i1.14756

Samin, H. H., Ismail, D. E., & Rahim, E. I. (2024). The Urgency of Legal Protection of Personal Data. De Lega Lata: Jurnal Ilmu Hukum, 9(2). https://jurnal.umsu.ac.id:444/index.php/delegalata/article/view/19768

Skillcast. (2025). Biggest GDPR Fines of 2026. https://www.skillcast.com/blog/biggest-gdpr-fines-2026

Stanford Human-Centered AI. (2025). AI Index Report 2025. https://hai-production.s3.amazonaws.com/files/hai_ai_index_report_2025.pdf

Sulubara, S. M., Tasril, V., & Nurkhalisah. (2025). Legal Protection of Cybercrime Crimes From Ransomware Attacks and Evaluation of The Cyber Security and Resilience Bill 2025 in Indonesia’S Defense. De Lega Lata: Jurnal Ilmu Hukum, 10(2). https://jurnal.umsu.ac.id:444/index.php/delegalata/article/view/25786

Tschider, C., Compagnucci, M. C., & Minssen, T. (2024). The New EU–US Data Protection Framework’s Implications for Healthcare. Journal of Law and the Biosciences, 11(2), lsae022. https://doi.org/10.1093/jlb/lsae022

Wilson, J. M. (2022). Cross-Border Data Transfers: A Balancing Act Through Federal Law. The Business, Entrepreneurship & Tax Law Review, 6(2). https://scholarship.law.missouri.edu/betr/vol6/iss2/10/

Downloads

Published

25-05-2026

How to Cite

Sihotang, J. F. (2026). Perbandingan Normatif Regulasi Perlindungan Data Pribadi Amerika Serikat dan GDPR Uni Eropa dalam Perspektif Transfer Data Lintas Batas. Begawan Abioso, 17(1), 37–51. https://doi.org/10.37893/abioso.v17i1.1351

Issue

Vol. 17 No. 1: Begawan Abioso (In press)

Section

Articles

License

Copyright (c) 2026 Josua Ferdinand Sihotang

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.