Developing a Legal Framework of Personal Data Protection in the Indonesian Criminal Procedure Law

Searching and seizing voluminous data is a challenge that Indonesian law enforcement authorities should resolve. Indonesia does not have a comprehensive regime on personal data protection. The absence of a coherent legal framework on personal data protection does not negate the obligation of Indonesian law enforcement authorities to protect personal data of Indonesian subjects. However, the absence of the framework may lead to uncertainties or ambiguities on how the authorities should protect personal data. Against the uncertainties and ambiguities, Indonesian law enforcement authorities should resolve issues of voluminous data in obtaining e-information with the prevailing legislation. This article attempts to answer the question: how may Indonesian law enforcement authorities interpret the current law to establish a coherent legal framework to protect personal data in searching or seizing voluminous data? The interpretation is instrumental in supporting the development of the Indonesian regime on personal data protection. It proposes that the Indonesian criminal procedure law should emphasise the active role of the chief judges of competent district courts and should incorporate particularity and proportionality as conditions and safeguards in the execution of search and seizure.