The Legal Responsibilities of Advocates in the Digital Era for Client Data Protection Following the Enactment of Law No. 27 of 2022 on Personal Data Protection

Abstract

In practice, Advocates are involved with their client's data contained in the legal documents they create and have a responsibility to maintain the confidentiality of the information contained in the records they hold. The birth of the PDP Law to provide legal certainty and security for the community amidst the massive use of personal data. This research discusses the history of personal data protection and the implications of the PDP Law for the obligations and responsibilities of advocates in the event of a client data leak according to national law. The results of the research show that the history of the right to privacy can be seen from the Dutch presence in Indonesia on July 25, 1893, through the decision of the King of the Netherlands No.36 and the Criminal Code through Koninklijk Besluit No.33 (Stbl.1915 No.732), constitutionally a right This was recognized after the second amendment to the 1945 Constitution. Later, a new historical milestone was recorded on October 17, 2024, in the sector of cyber security and privacy regulations, specifically in Indonesia, because of establishing the Law PDP. After the PDP Law comes into effect, advocates are considered Personal Data Controllers. They have obligations as mandated by the PDP Law and carry out the obligations regulated by the Advocate Law. Therefore, advocates can be held responsible if client data is leaked in their documents by referring to the principle of responsibility for mistakes and absolute commitment.