Failure To Realize Constitutional Goals In Cyberspace: A Constitutional Law Review Of The National Data Center (PDN) Data Breach Incident
DOI:
https://doi.org/10.36526/sosioedukasi.v15i2.8027Keywords:
Digital Constitutionalism, National Data Center, Constitutional Supremacy, Right to Privacy, State ResponsibilityAbstract
The digital transformation of government services through the National Data Center (PDN) aims to realize effective and responsive public administration. However, a massive ransomware attack on the PDN in mid-2024 revealed a fatal vulnerability in Indonesia's cybersecurity governance architecture, paralyzing essential services and harming millions of citizens. This study analyzes the state's negligence in managing the PDN from a Constitutional Law perspective, evaluating it through the fulfillment of the functions, objectives, and supremacy of the constitution. This research employs a normative legal method using statutory and conceptual approaches. The findings indicate that the data breach at the PDN is not merely a technical IT failure, but a representation of a fundamental constitutional failure. First, the state failed to realize the constitutional objective of protecting the Indonesian nation as mandated by the Fourth Paragraph of the 1945 Constitution, and failed to guarantee the basic right to personal data protection enshrined in Article 28G Paragraph (1). Second, overlapping authority and blame-shifting between the Ministry of Communication and Informatics and the National Cyber and Crypto Agency (BSSN) demonstrate the failure of the constitution's function in limiting power and demanding institutional accountability. Third, the government's delay in establishing an independent Personal Data Protection Supervisory Authority, as mandated by Law No. 27 of 2022, constitutes an anomaly of constitutional supremacy, where the rule of law is defeated by bureaucratic sluggishness. This study recommends the immediate establishment of an independent supervisory agency, optimization of legislative oversight, and strict legal accountability for state institutions.
References
Alhakim, A., & Tantimin. (2024). The legal status of cryptocurrency and its implications for money laundering in Indonesia. Padjajaran Jurnal Ilmu Hukum, 11(2), 231–253. https://doi.org/10.22304/pjih.v11n2.a4
Asshiddiqie, J. (2005). Hukum tata negara dan pilar-pilar demokrasi. Konstitusi Press.
Asshiddiqie, J. (2021). Konstitusi dan hak asasi manusia di era digital. Kencana Prenada Media Group.
Celeste, E. (2019). Digital constitutionalism: a new systematic theorisation. International Review of Law, Computers & Technology, 33(1), 76–99. https://doi.org/10.1080/13600869.2019.1562604
Christine, B., & Kansil, C. S. . (2022). Hambatan penerapan perlindungan data pribadi di Indonesia setelah disahkannya Undang-Undang nomor 27 Tahun 2022 tentang perlindungan data pribadi. Syntax Literate: Jurnal Ilmiah Indonesia, 7(9), 16331–16339. https://doi.org/10.36418/syntax-literate.v7i9.13936
Dayang, S., Putri, S. O., & Putri, A. K. (2025). Urgensi pembentukan lembaga pengawas dalam pembaharuan hukum perlindungan data pribadi menurut Undang-Undang PDP. Locus :Journal of Academic Literature Review, 4(2), 106–113. https://jurnal.locusmedia.id/index.php/jalr/article/view/433
Fauzi, E., & Shandy, N. A. R. (2022). Hak atas privasi dan politik hukum Undang-Undang nomor 27 Tahun 2022 tentang perlindungan data pribadi. Lex Renaissance, 3(7), 445–461. https://doi.org/10.20885/JLR.vol7.iss3.art1
Ghafur, J. (2022). Demokratisasi internal partai politik era reformasi : Antara das sollen dan das sein. Jurnal Hukum Ius Quai Iustum, 30(1), 1–25. https://doi.org/https://doi.org/10.20885/iustum.vol30.iss1.art1
Huda, N. (2021). Hukum tata negara Indonesia (edisi revisi). Rajawali Pers.
Mahfud, M. (2006). Membangun politik hukum, menegakkan konstitusi. Rajawali Pers.
Mardiana, N., & Arsanti, M. (2023). Urgensi perlindungan data pribadi dalam perspektif hak asasi manusia. Jurnal Rechten: Riset Hukum Dan Hak Asasi Manusia, 5(1), 16–23. https://doi.org/10.52005/rechten.v5i1.108
Marzuki, M. (2017). Penelitian Hukum: Edisi Revisi. Prenada Media.
Peraturan Presiden Republik Indonesia Nomor 82 Tahun 2022 Tentang Perlindungan Infrastruktur Informasi Vital.
Ridwan, H. R. (2014). Hukum administrasi negara (edisi revisi). Rajawali Pers.
Rosadi, S. D., & Pratama, G. G. (2018). Perlindungan privasi dan data pribadi dalam era ekonomi digital di Indonesia. Veritat et Justitia, 4(1), 88–110. doi.org/10.25123/vej.2916
Saleh, G. (2021). The constitutionality of the electronic information and transaction law : Towards overcoming SARA conflict on social media. Jurnal Konstitusi, 18(4), 846–868. https://doi.org/10.31078/jk1846
Surbakti, F. P. S. (2024). Personal data protection in public services. Community Empowerment, 9(12), 1864–1870.
Suzor, N. (2018). Digital constitutionalism : Using the rule of law to evaluate the legitimacy of governance by platforms. Social Media + Society, 4(3), 1–11. https://doi.org/10.1177/2056305118787812
Takariawan, A., & Putri, S. A. (2018). Perlindungan hukum terhadap korban human trafficking dalam perspektif hak asasi manusia. Jurnal Hukum Ius Quai Iustum, 25(2), 237–255. https://doi.org/10.20885/iustum.vol25.iss2.art2
Undang-Undang Dasar Negara Republik Indonesia Tahun 1945.
Undang-Undang Republik Indonesia Nomor 27 Tahun 2022 Tentang Perlindungan Data Pribadi.
Yuniarti, S. (2019). Perlindungan hukum data pribadi di indonesia. Jurnal Becoss, 1(1), 147–154.
.png)
