An Analysis of Digital Institutional Capacity and Personal Data Protection Policy Implementation in Indonesia : A Systematic Literature Review

Authors

  • Abednego Briantama Universitas Indonesia
  • Muhamad Yopan Universitas Indonesia

DOI:

https://doi.org/10.38035/jlph.v6i4.3253

Keywords:

institutional capacity, personal data protection, digital governance, Ministry of Communication and Digital Affairs, systematic literature review

Abstract

This study conducts a systematic literature review to examine institutional capacity in the implementation of personal data protection policy, with particular reference to Indonesia’s Ministry of Communication and Digital Affairs (Komdigi). Despite the enactment of Law Number 27 of 2022 on Personal Data Protection, persistent data breaches and institutional fragmentation raise critical questions about the readiness of public institutions to enforce such policy. Utilizing the PRISMA 2020 protocol, this review identifies and synthesizes 27 peer-reviewed articles published between 2023 and 2025 from Scopus, Cambridge, and Taylor & Francis databases. The analysis reveals four principal themes: structural and regulatory capacity, human resource and technological capacity, inter-institutional coordination, and institutional values and ethics. Findings indicate that effective data protection governance depends not merely on the existence of legal frameworks but on the adaptive, coordinative, and ethical capacities of implementing institutions. The review further highlights significant gaps in longitudinal research and calls for deeper empirical investigation into how digital institutional capacity shapes policy outcomes in developing countries.

References

J. A. Taylor and A. M. B. Lips, “The citizen in the information polity: Exposing the limits of the e-government paradigm,” Inf. Polity, vol. 13, no. 3–4, pp. 139–152, 2008.

A. P. J. I. Indonesia, “Survei penetrasi internet Indonesia 2024,” Asosiasi Penyelenggara Jasa Internet Indonesia, 2024. [Online]. Available: https://apjii.or.id.

M. Encinas-Martín and M. Cherian, Gender, Education and Skills. OECD. https://doi. org/10.1787/34680dd5-en, 2023.

M. S. Grindle, “Going local: Decentralization, democratization, and the promise of good governance,” 2009.

S. Giest, B. Klievink, A. Ingrams, and M. M. Young, “Introduction to the Handbook on Governance and Data Science,” in Handbook on Governance and Data Science, Edward Elgar Publishing, 2025, pp. 1–12.

J. R. Saura, B. Barbosa, and S. Rana, “Decoding the privacy puzzle: a study on AI deployment in public governance,” in Handbook on Governance and Data Science, Edward Elgar Publishing, 2025, pp. 239–263.

N. N. CK, “Data protection and privacy in the data-driven public welfare in India,” Electron. Gov. an Int. J., vol. 21, no. 5, pp. 505–522, 2025.

R. Awashreh, “Omani public governance in the age of artificial intelligence,” in Public governance practices in the age of AI, IGI Global Scientific Publishing, 2025, pp. 137–166.

P. R. Biju and O. Gayathri, “Structural oppression and AI: A systematic review of data policy frameworks in India,” Technol. Forecast. Soc. Change, vol. 223, p. 124415, 2026.

C. Haswell and A. Whitford, “Digital Responsibility at the Nexus of Big Tech and Government: Evidence from Transparency Reports,” Surveill. Soc., vol. 23, no. 3, pp. 354–377, 2025.

M. J. Page et al., “The PRISMA 2020 statement: an updated guideline for reporting systematic reviews,” bmj, vol. 372, 2021.

T. F. Widayanti, A. D. Rohman, A. N. Z. Haris, E. M. Djafar, and M. Z. Hakim, “ENHANCING CYBERSECURITY AND LEGAL INTEGRATION: REFORMING INDONESIA’S CYBER LAW TO FOSTER SUSTAINABLE GROWTH IN THE DIGITAL ECONOMY,” Diponegoro Law Rev., vol. 10, no. 1, pp. 105–119, 2017.

R. Balleste, G. Doucet, and M. L. D. Hanlon, “A Research Agenda for Cybersecurity Law and Policy,” 2025.

M. Karmwar and D. Kunwar, “The Dilemma Between Digital Identity and Privacy in Modern Governance: Comparing South Africa and India,” J. Asian Afr. Stud., p. 00219096251352368, 2025.

A. Tariq, A. Batool, S. Liaqat, and I. H. Khan, “Institutions, Corruption and Economic Development: PLS-SEM Analysis,” J. Polit. Stab. Arch., vol. 3, no. 3, pp. 1351–1374, 2025.

A. Perdana and I. A. Mokhtar, “Digital transformation in government: Lessons from GovTech Singapore,” J. Inf. Technol. Teach. Cases, p. 20438869251362870, 2024.

J. Lund‐Tønnesen and K. Fossheim, “Excessive digital surveillance and data privacy invasion as a creeping crisis,” Risk, Hazards Cris. Public Policy, vol. 16, no. 1, p. e70005, 2025.

R. V Rose, “A paradigm: government contracting and cybersecurity,” EDPACS, vol. 70, no. 10, pp. 33–49, 2025.

N. Kumar and S. T. Gupta, “Integrating Technology Across Sectors: Innovations in Public Administration, Engineering, and Business,” in Digital Technologies and Transformations in Public Administration, Engineering, and Sustainable Business, IGI Global Scientific Publishing, 2026, pp. 205–234.

M. Zhang, O. Turel, and A. Zöll, “Group closeness effects on co-owned information sharing: A multilevel perspective,” Int. J. Inf. Manage., vol. 86, p. 102977, 2026.

S. Young and F. Visser, “Agency Between Logics: Data Privacy Tactics, Ethics, and the Power of the Data Protection Officer,” J. Tech. Writ. Commun., vol. 56, no. 1, pp. 79–92, 2026.

J. Abbas, “When and How Corporate Digital Responsibility Contributes to a Firm’s Reputation in Society: Scale Development and Structural Analysis.,” Technol. Soc., p. 103067, 2025.

R. Abu-Salma et al., “Grand Challenges in Human-Centered Privacy,” IEEE Secur. Priv., vol. 23, no. 4, pp. 103–110, 2025.

V. Baraku, I. Paraskakis, S. Veloudis, and P. Yadav, “Extending Personal Data Sovereignty by Enabling Governance of AI Training on Personal Data,” in Working Conference on Virtual Enterprises, 2025, pp. 19–35.

A. Lindgreen, N. Koenig-Lewis, M. Kitchener, J. D. Brewer, M. H. Moore, and T. Meynhardt, “Public Value,” Public Value Deep. Enrich. Broadening Theory Pract. Routledge. https//doi. org/10.4324/9781315163437, 2019.

H. Yun, “China’s data sovereignty and security: Implications for global digital borders and governance,” Chinese Polit. Sci. Rev., vol. 10, no. 2, pp. 178–203, 2025.

Downloads

Published

2026-05-20

How to Cite

Briantama, A., & Yopan, M. (2026). An Analysis of Digital Institutional Capacity and Personal Data Protection Policy Implementation in Indonesia : A Systematic Literature Review. Journal of Law, Politic and Humanities, 6(4), 2522–2532. https://doi.org/10.38035/jlph.v6i4.3253

Issue

Vol. 6 No. 4 (2026): (JLPH) Journal of Law, Politic and Humanities

Section

Articles

License

Copyright (c) 2026 Abednego Briantama, Muhamad Yopan

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors who publish their manuscripts in this journal agree to the following conditions:

  1. The copyright on each article belongs to the author(s).
  2. The author acknowledges that the Journal of Law, Poliitic and Humanities (JLPH) has the right to be the first to publish with a Creative Commons Attribution 4.0 International license (Attribution 4.0 International (CC BY 4.0).
  3. Authors can submit articles separately, arrange for the non-exclusive distribution of manuscripts that have been published in this journal into other versions (e.g., sent to the author's institutional repository, publication into books, etc.), by acknowledging that the manuscript has been published for the first time in the Journal of Law, Poliitic and Humanities (JLPH).