Indonesia's rapidly expanding digital market presents both opportunities and challenges, particularly in balancing innovation with the protection of personal data and fair competition. This research examines the intersection of personal data protection and competition law within the Indonesian legal framework, analyzing the foundational concepts of each and their interrelation in the digital market. Indonesia has taken steps to address these concerns through Law No. 27 of 2022 on Personal Data Protection and Law No. 5 of 1999 on Competition. However, the research argues that these frameworks require strengthening to address the unique challenges posed by data-driven dominance. The reliance on user consent for data processing is challenged, given the potential for exploitation by dominant players. The research highlights the limitations of traditional competition metrics in the digital age and advocates for a more nuanced approach. This includes recognizing data-driven barriers to entry, rethinking the efficacy of consent, and empowering consumers through data portability and digital literacy initiatives. By strengthening legal frameworks and adopting a more comprehensive approach, Indonesia can foster a digital ecosystem that is both innovative and fair, benefiting all stakeholders.

Personal Data Protection; Competition; Digital Market; Technology; Disruption

Bennett, C. J., & Raab, C. D. (2017). The governance of privacy: Policy instruments in global perspective. Routledge.

Bradford, A. (2020). The Brussels effect: How the European Union rules the world. Oxford University Press, USA.

Chalmers, D., Davies, G., Monti, G., & Heyvaert, V. (2024). European Union law: Text and materials. Cambridge University Press.

Craig, P., & De Búrca, G. (2021). The evolution of EU law. Oxford University Press.

Jones, A., & Sufrin, B. (2016). EU competition law: Text, cases, and materials. Oxford University Press.

Lloyd, I. (2020). Information technology law. Oxford University Press, USA.

Solove, D. J., & Schwartz, P. M. (2020). Information privacy law. Aspen Publishing.

Voigt, P., & Von Dem Bussche, A. (2017). The EU General Data Protection Regulation (GDPR). Cham: Springer International Publishing.

Wallace, H., Pollack, M. A., Roederer-Rynning, C., & Young, A. R. (2020). Policy-making in the European Union. Oxford University Press, USA.

Whish, R., & Bailey, D. (2021). Competition law. Oxford University Press.

Albrecht, J. P. (2016). How the GDPR Will Change The World. Eur. Data Prot. L. Rev., 2, 287.

Anginer, D., Demirguc-Kunt, A., & Zhu, M. (2014). How does competition affect bank systemic risk? Journal of Financial Intermediation, 23(1), 1–26.

Botta, M., & Wiedemann, K. (2018). EU competition law enforcement vis-à-vis exploitative conducts in the data economy exploring the Terra Incognita. Max Planck Institute for Innovation & Competition Research Paper, (18–08).

Floridi, L. (2018). Soft ethics, the governance of the digital and the General Data Protection Regulation. Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences, 376(2133), 20180081.

Hildebrandt, M. (2019). Privacy as Protection of the Incomputable Self: From Agnostic to Agonistic Machine Learning. Theoretical Inquiries in Law, 20(1), 83–121.

Hoofnagle, C. J., Van Der Sloot, B., & Borgesius, F. Z. (2019). The European Union general data protection regulation: What it is and what it means. Information & Communications Technology Law, 28(1), 65–98.

Jain, P., Gyanchandani, M., & Khare, N. (2016). Big data privacy: A technological perspective and review. Journal of Big Data, 3(1), 25.

Kurniawan, F., Taufiqurrohman, M. M., & Nugraha, X. (2022). Legal Protection Of Trade Secrets Over The Potential Disposal Of Trade Secrets Under The Re-Engineering Precautions. Jurnal Ilmiah Kebijakan Hukum 16 (2), 267-282.

Li, Q., Wen, Z., Wu, Z., Hu, S., Wang, N., Li, Y., … He, B. (2021). A survey on federated learning systems: Vision, hype and reality for data privacy and protection. IEEE Transactions on Knowledge and Data Engineering, 35(4), 3347–3366.

Liang, G., Weller, S. R., Luo, F., Zhao, J., & Dong, Z. Y. (2018). Distributed blockchain-based data protection framework for modern power systems against cyber attacks. IEEE Transactions on Smart Grid, 10(3), 3162–3173.

Mantelero, A. (2016). Personal Data For Decisional Purposes In The Age Of Analytics: From An Individual To A Collective Dimension Of Data Protection. Computer Law & Security Review, 32(2), 238–255.

Martin, K. D., Borah, A., & Palmatier, R. W. (2017). Data Privacy: Effects on Customer and Firm Performance. Journal of Marketing, 81(1), 36–58.

Martin, K. D., & Murphy, P. E. (2017). The role of data privacy in marketing. Journal of the Academy of Marketing Science, 45(2), 135–155.

Porter, M. E., & Heppelmann, J. E. (2014). How smart, connected products are transforming competition. Harvard Business Review, 92(11), 64–88.

Solove, D. J., & Hartzog, W. (2014). The FTC and the new common law of privacy. Colum. L. Rev., 114, 583.

Stucke, M. E. (2017). Should we be concerned about data-opolies? Geo. L. Tech. Rev., 2, 275.

Taufiqurrohman, M. M. (2020a). Model Konsultasi Digital Dalam Membantu Tim Pengawal, Pengamanan Pemerintahan Dan Pembangunan Daerah (TP4D) Guna Mewujudkan Kejaksaan Yang Profesional, Komunikatif, Dan Akuntabel. Jurnal Media Komunikasi Pendidikan Pancasila dan Kewarganegaraan 2 (2), 267-276.

Taufiqurrohman, M. M. (2024). OTOMATISASI DAN KECERDASAN BUATAN PADA PROFESI HUKUM: KERANGKA TEORITIS DAN NARASI IDEAL DI MASA DEPAN. Jurnal Rechts Vinding: Media Pembinaan Hukum Nasional, 13 (2), 223-239.

Taufiqurrohman, M. M., Alfaris, M. R., Ningrum, D. A. W., Setiawan, A., & Umami, A. B. (2020) Evaluasi Terhadap Undang-Undang Dasar Negara Republik Indonesia Tahun 1945. Badan Pengkajian Majelis Permusyawaratan Rakyat Republik Indonesia.

Taufiqurrohman, M. M., & Gultom, E. (2023). Corporate Digital Responsibility: Tanggung Jawab Etis Penggunaan Teknologi Digital dalam Bisnis Perusahaan. Humani (Hukum dan Masyarakat Madani) 13 (2), 311-326.

Taufiqurrohman, M. M., & Yusril, M. (2024). QUO VADIS REGULASI KAMPANYE PARTAI POLITIK MELALUI MEDIA SOSIAL: PERMASALAHAN DAN FORMULASI. Majalah Hukum Nasional, 54(1), 103-126.

Taufiqurrohman, M. M., Fahri, M. T., Wijaya, K., & Wiranata, I. G. P. (2021a). Meninjau Perang Siber: Dapatkah Konvensi-Konvensi Hukum Humaniter Internasional Meninjau Fenomena Ini? Jurnal Kawruh Abiyasa 1 (2), 145-165.

Taufiqurrohman, M. M., Lita, H. N., & Pah, G. G. A. (2024). Tech Giants’ Non-Negotiable Privacy Policies Strategy VS Indonesian Competition Law. Jurnal Bina Mulia Hukum, 9 (1).

Taufiqurrohman, M. M., Lita, H. N., & Pah, G. G. A. (2025). Digital Markets and Data Exploitation: Addressing Abuse of Dominance Under Indonesian Competition Law. Jurnal Penelitian Hukum De Jure, 24(3).

Taufiqurrohman, M. M., Pambudi, B. R., & Maulana, M. I. (2023). RECALL ELECTION: MEKANISME DEMOKRATISASI PASCA PEMILU. Majalah Hukum Nasional, 53(1), 18-48

Thoben, K.-D., Wiesner, S., & Wuest, T. (2017). “Industrie 4.0” and smart manufacturing-a review of research issues and application examples. International Journal of Automation Technology, 11(1), 4–16.

Tikkinen-Piri, C., Rohunen, A., & Markkula, J. (2018). EU General Data Protection Regulation: Changes and implications for personal data collecting companies. Computer Law & Security Review, 34(1), 134–153.

Wachter, S., & Mittelstadt, B. (2019). A right to reasonable inferences: Re-thinking data protection law in the age of big data and AI. Colum. Bus. L. Rev., 494.

Wachter, S., Mittelstadt, B., & Floridi, L. (2017). Why a right to explanation of automated decision-making does not exist in the general data protection regulation. International Data Privacy Law, 7(2), 76–99.

Xu, L., Jiang, C., Wang, J., Yuan, J., & Ren, Y. (2014). Information Security In Big Data: Privacy And Data Mining. Ieee Access, 2, 1149–1176.

Yang, Q., Liu, Y., Chen, T., & Tong, Y. (2019). Federated Machine Learning: Concept and Applications. ACM Transactions on Intelligent Systems and Technology, 10(2), 1–19.

Zarsky, T. Z. (2016). Incompatible: The GDPR in the Age of Big Data. Seton Hall L. Rev., 47, 995.