Legal Implications of Personal Data Protection in the National Digital Ecosystem after the Enactment of the Personal Data Protection Law: Examining the Urgency of Strengthening Data Security

This study examines the legal implications of personal data protection within the national digital ecosystem following the enactment of the Personal Data Protection Law, with a focus on the urgency of strengthening data security. The research aims to analyze the effectiveness of post-enactment legal norms, identify implementation challenges, and assess their impact on data security governance. A qualitative research method is employed using a normative juridical and socio-legal research design, selected to capture both doctrinal legal analysis and institutional practice. The research location is Jakarta, chosen due to its role as the center of legislative, regulatory, and digital governance institutions. Data were obtained from primary and secondary legal materials and supported by semi-structured interviews with six purposively selected informants representing government, digital platforms, cybersecurity institutions, academia, legal practice, and civil society. The findings indicate that although the law strengthens the normative recognition of personal data protection, significant gaps persist between legal provisions and practical data security implementation, particularly in risk management. The study recommends strengthening implementing regulations, enhancing institutional capacity, and adopting integrated approaches to ensure effective personal data protection.