Legal Weak Protection of Personal Data in the 4.0 Industrial Revolution Era

This study aims to discuss the legal weak protection of personal data which is motivated by the phenomenon of society today which is like living in a world without borders so that it impacts on easy access to one's personal information, the impact of begins to spread illegal practices by irresponsible parties in the illegal use of personal information. In addition, there are no laws that specifically regulate the protection of personal data/information in the 4.0 Industrial Revolution era. The approach method used is a conceptual and case approach, with the purpose of the research is to analyze the weakness of legal protection for personal data in the 4.0 Industrial Revolution era in Indonesia. The results of the study, the spread of personal data protection arrangements in various laws and regulations indicate the protection of personal data is not yet a national legal priority and results in legal weak protection of the personal data of citizens so as to position Indonesian citizens in a vulnerable position, which is certainly not in line with the legal objectives namely provide legal certainty, justice, and expediency. The various cases that exist and pay attention to the phenomenon of digitalization in the era of the industrial revolution 4.0 illustrate the urgency of the need for the legal protection of personal data a state priority. Legal reform through the legitimacy of protecting personal data as a responsive and progressive legal policy is a must so that legal protection in the form of legal guarantees can be carried out properly in order to create a safe and comfortable digital ecosystem for the community.

This study aims to discuss the legal weak protection of personal data which is motivated by the phenomenon of society today which is like living in a world without borders so that it impacts on easy access to one's personal information, the impact of begins to spread illegal practices by irresponsible parties in the illegal use of personal information. In addition, there are no laws that specifically regulate the protection of personal data/information in the 4.0 Industrial Revolution era. The approach method used is a conceptual and case approach, with the purpose of the research is to analyze the weakness of legal protection for personal data in the 4.0 Industrial Revolution era in Indonesia. The results of the study, the spread of personal data protection arrangements in various laws and regulations indicate the protection of personal data is not yet a national legal priority and results in legal weak protection of the personal data of citizens so as to position Indonesian citizens in a vulnerable position, which is certainly not in line with the legal objectives namely provide legal certainty, justice, and expediency. The various cases that exist and pay attention to the phenomenon of digitalization in the era of the industrial revolution 4.0 illustrate the urgency of the need for the legal protection of personal data a state priority. Legal reform through the legitimacy of protecting personal data as a responsive and progressive legal policy is a must so that legal protection in the form of legal guarantees can be carried out properly in order to create a safe and comfortable digital ecosystem for the community.

Introduction
The problem of protecting personal data is serious today amid the rapid use of technology and information in the 4.0 Industrial Revolution era, creating conditions where personal data can easily become a broad public consumption. "This ongoing digital age has triggered an explosion in the growth of personal data created, stored, and transmitted on computers, internet sites, and even social media." 4 Sharing your full name, email address, cellphone number, and social media id account is something that happens in everyday life in this digitalization era. Various services in the form of applications embedded in electronic devices, often require the user's data, especially in the process of registering an account in the application as the main requirements for using the application, where the designation has various purposes depending on the policy of the application vendor. Based on the experience of researchers, most of these purposes are intended to verify the identity of the application used to obtain services from the application. One application vendor, Strongbee in his privacy policy, stressed that "By visiting or using the Service and/or registering a STRONGBEE account, you agree and agree to the collection, use, disclosure, and processing of your Personal Data by this Privacy Policy. Please note that if you do not provide complete information as STRONGBEE requires, STRONGBEE may not be able to provide all of the services to you." 5 A similar policy was also made by the Linkaja Application, an application that provides electronic money services which the privacy policy states "We use user data to enable us to transmit the functions of the application / Site, resolve technical difficulties, provide you with the correct and up-to-date version of the application / Site, and to improve the function of the application / Site." 6 These two applications are just examples, two of the many applications that are growing and present in the digital age, it seems that personal data is an important requirement for getting excellent service from the application.
Personal data is like a valuable asset, which in the view of M. Arsyad Sanusi "like a commodity with high economic value," 7 so it must be maintained and managed properly in today's digitalized world. Digitalization on the one hand brings benefits to civilization, but on the other hand, digitalization brings new problems as well as challenges in the 4.0 Industrial Revolution era. The rapid development of information and communication which includes "the stages of collecting, storing, processing, producing and sending data to and from industry or society effectively and efficiently" 8 not accompanied by optimal legal protection, as expressed by Wahyudi Djafar, "There is no adequate legal umbrella governing the matter of personal data protection in Indonesia. Regulations scattered in various laws have not yet fully referred to the principles of personal data protection." 9 The same thing was expressed by Ni Gusti Ayu Putu Nitayanti and Ni Made Ari Yuliartini Griadhi who stated that "Until now, Indonesia doesn't have specific rules governing the protection of personal data. Arrangements regarding the protection of personal data are still separate in several laws and regulations, so a separate special regulation regarding the protection of personal data information is needed to create legal certainty." 10 In line with this statement, Donny B.U., The Expert Minister of Communication and Information in the field of Digital Literacy and Internet Governance stated that "at present, the substance of personal data protection is spread at least in 32 laws. Each of them overlaps because they are not integrated into the big concept of personal data 7 Sanusi, M. Arsyad. (2004 protection." 11 So that within the scope of the use and utilization of personal data, placing it in conditions that are vulnerable to illegal actions by irresponsible partie.
A series of cases of personal data abuse colored the stage of digitalization in Indonesia in the era of the industrial revolution 4.0. Jakarta Legal aid colaborated with the Personal Data Protection Advocacy Coalition noted, "There are five thousand cases that depart from the misuse of personal data. Some cases, for example, personal data are used by individuals for sexual harassment, harassment, persecution, and data misuse for online lending. Bank. The latest case in 2020 is the leakage of users' data experienced by large startups that fall into the Unicorn and even Hectocorn categories. The leakage of users' personal data is certainly very dangerous because it puts the user in an unfavorable condition.
The writing of this law when compared with previous studies have similarities in terms of the topic of discussion, namely discussing personal data, but different from the main analysis which emphasizes the weakness of personal data protection in the 4.0 industrial revolution era and also the writing of this law moved from the many cases.
Cases that are raised today, so writing this law becomes important because in addressing these cases legal research is needed as problem-solving. 11 Ibid. 12

Problem Statement
Based on this background, the authors raise the problem namely about the cause of the legal weak protection of personal data in the era of Industrial Revolution 4.0 in Indonesia

Method
The approach method used in studying the problem is "the conceptual approach method in which this research focuses on the views and doctrines that develop in the science of law. By studying these views and doctrines, researchers will find ideas that give birth to legal understandings, legal concepts, and legal principles that are relevant to the issue at hand." 14 The author also uses a case approach by moving on some case data that the author obtained from various news sources which the author later described in the discussion to later become material for legal analysis.

Revolution 4.0 in Indonesia
Southeast Asia Freedom of Expression Network (SAFEnet) notes, three things motivate the violation of personal data in Indonesia, namely "firstly, an economic motive where there are illegal buying and selling of personal data of the Indonesian people which brings enormous potential profits, secondly, political motives by collecting personal data to be shown to the public to bring down political opponents and thirdly, threat motives in the hope of profiting from threatening actions using that personal data." 15 The main problem with the weak protection of personal data law is that until now there is no legal patron that explicitly covers the handling of legal issues of personal data misuse. The spread of personal data protection arrangements to various existing laws and regulations only seems like a gun without a bullet because the law enforcers must 14  mess around with the overlapping of existing rules and on the other hand, the current legal conditions in the view of researchers, indicate crimes against personal data, not a specific crime but a general crime. As a consequence, the handling is only general without special action needed, whereas, in the constitution of the Republic of Indonesia, Article 28G Paragraph (1) of the 1945 Constitution affirms "Every person has the right to protect themselves, family, honor, dignity, and property under his authority and entitled to a sense of security and protection from the threat of fear to do or not do something that is a human right." In the international context, protection of personal data is regulated in Article 12 Universal Declaration of Human Rights, i.e. "No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks." Where according to Gudmundur, in this article 12 "the term privacy is considered as umbrella terms because it is associated with the protection of other rights, namely family, residence, the correspondence also includes respect and good name." 16 Other arrangements namely in Article 17 of the International Covenant on Civil and Political Rights which reads: 1. "No one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honour and reputation" 2. "Everyone has the right to the protection of the law against such interference or attacks" Reinforced in Article 32 of Law No. 39 of 1999 concerning Human Rights, which among others states that "independence and confidential communication via electronic means must not be disturbed except by order of a judge or other legal authority according to the law." It appears that the protection of personal data is a necessity to answer the mandate of existing legal instruments to guarantee the freedom, security, and dignity of citizens.     Facebook as one of the most popular social media in Indonesia and even the world has experienced a leak of user data since the last few years, even the most recent in Interestingly, when the COVID-19 pandemic that hit Indonesia today, which took place since early 2020, personal data from patients with COVID-19 also spread widely so easily through chain messages in various online media such as Whatsapp and

1) "menggunakan Data Pribadi Penduduk atau Data Kependudukan melampaui batas kewenangannya; atau 2) menjadikan Data Pribadi Penduduk atau Data Kependudukan sebagai bahan informasi publik sebelum mendapat persetujuan dari Menteri; 3) Pelanggaran atas ketentuan ini dikenakan sanksi administratif berupa
Facebook. This scattered personal data covers the full name, age, residential address, and even displays a profile photo of the person concerned. In addition to causing the personal data of the patient concerned to be vulnerable to abuse by irresponsible parties, on the other hand, psychologically makes the patient stressed and mentally disturbed.
This results in a psychological effect, where it is expected that someone can recover physically even sicker because of his mind and mental illness as well as the effects of stress which cause emotional reactions which include "anxiety, anger, and aggression, as well as apathy and depression," 28 as testimony from Patient 03 COVID-19 in Indonesia, who has now recovered, said 29 27 CNBC Indonesia. (2020). "Kacau, 530.000 Data Akun Zoom Dijual Hacker di Dark Web". Retrieved from CNBC Indonesia: https://www.cnbcindonesia.com/tech/20200416082700-37-152270/kacau-530000-data-akun-zoom-dijual-hacker-di-dark-web The author is of the view, moving on from the various cases presented along with the elaboration of their impact, it needs quick steps for the government to immediately make legal reforms to improve the weak protection of personal data law by making special laws related to the protection of personal data as a responsive legal policy whereby "The law as a means of response to social provisions and the aspirations of the community" 33 and progressive wherein "the law must serve the interests of citizens" 34 so that legal protection in the form of legal guarantees can be carried out properly to create a safe and comfortable digital ecosystem for the community that has an impact on economic growth and public welfare as the legal goals set forth by Nonet and Sleznick that "the law must truly prosper the community in the interests of bigger, not only for the interests of those in power." 35 It is worth noting that the legal instrument for protecting personal data will later fulfill several criteria, according to Sinta Dewi Rosadi and Garry Gumelar Pratama, that "have an international character, protect the privacy and personal data as positive rights and are an element of individual glue and economic society." 36 The Government of Indonesia itself can learn from the legal policies adopted in several It is time for Indonesia to improve and immediately adapt to current global developments. The problem of legal protection regulations for personal data that is scattered in various regulations in Indonesia must be resolved immediately. Too many personal data protection rules make the regulations that govern them fat, ineffective, and inefficient. This is like a sandcastle, which looks magnificent but fragile. The consequence that arises is the clash in the field in the process of law enforcement and legal protection as a correlation of overlapping rules which of course will complicate the government and law enforcement agencies and become a barrier that complicates development and economic acceleration.

Conclusion
The spread of legal arrangements regarding personal data in Indonesia to various rules that do not specifically regulate the protection of personal data is a serious problem that weakens the legal protection of personal data in Indonesia so it must be resolved