West Science Law and Human Rights Vol.
No.
July 2025, pp.
The Right to Privacy in International Law: Evolving Standards for Personal Data Protection in the Digital Era Lutfiah Sholikhatun NafiAoah1.
Rina Arum Prastyanti2
Duta Bangsa University Article Info
ABSTRACT
Article history:
Privacy and personal data protection are increasingly important issues in today's digital era.
This article highlights the importance of recognizing privacy as a fundamental human right that must be protected by the state in accordance with applicable human rights principles and the constitution.
Protection of personal data is becoming increasingly crucial because it is often a target for irresponsible parties.
International regulations, such as the Universal Declaration of Human Rights and the General Data Protection Regulation (GDPR) in the European Union, provide a framework for the protection of personal This article also highlights a key challenge to protecting privacy, namely finding a balance between the need for security and individual Efforts such as developing specific laws on personal data protection, increasing public awareness, and enhancing international cooperation are urgently needed.
Keywords: privacy, data protection, human rights, regulations, challenges.
Received June, 2025 Revised July, 2025 Accepted July, 2025 Keywords:
Human rights.
Security vs privacy.
Privacy.
Personal data protection.
International regulation This is an open access article under the CC BY-SA license.
Corresponding Author:
Name: Lutfiah Sholikhatun NafiAoah Institution: Duta Bangsa University e-mail: lutfiahnafiah2@gmail.
INTRODUCTION
The rapid development of digital technology has revolutionized the way In this digital age, personal data is no longer just static information .
, but has become a valuable asset for individuals, corporations, and countries alike .
, .
Every online activity, from the use of social media, e-commerce transactions, to participation in government administration systems, generates digital traces that reflect a person's identity, habits, preferences, and even ideological views.
Amidst this massive flow of data, serious challenges have emerged to the right to privacy as one of the most fundamental human rights .
, .
The right to privacy has increasingly come under scrutiny due to the massive collection, storage, and processing of data by governments and private companies.
These activities are often carried out without the explicit consent of the data owners, or even without their understanding of how the data will be used.
This raises concerns about data disproportionate mass surveillance .
Such practices blur the line between public security and personal rights, requiring regulations and legal policies that can address the complexities of the digital age.
Globally, the right to privacy has been recognized in various international legal instruments such as the Universal Declaration Journal homepage: https://wsj.
westscience-press.
com/index.
php/wslhr A West Science Law and Human Rights of Human Rights (UDHR) and the International Covenant on Civil and Political Rights (ICCPR).
In this context, privacy is not only seen as the right to be free from interference in one's private life, but also includes control over personal information, the right to determine access, and the right to know the purpose of data processing.
However, these international legal norms must continue to evolve to keep pace with the dynamics of technology that transcend national jurisdictional boundaries.
A number of new legal principles and standards have emerged amid growing concerns about personal data security.
One of these is the General Data Protection Regulation (GDPR), which has been in force in the European Union since 2018.
The GDPR explicitly grants individuals the right to control their own data, including the right to access, restrict, correct, and delete personal data held by organizations.
This regulation also requires public and private institutions to apply the principles of transparency, accountability, and data protection from the outset .
rivacy by desig.
Ae.
In Indonesia, the urgency of personal data protection has begun to receive more attention in recent years, especially after several large-scale data leaks, such as those that occurred in the BPJS Kesehatan, eHAC, and public applications.
Although the government has passed Law No.
27 of 2022 on Personal Data Protection (PDP La.
, its implementation still faces various challenges such as institutional infrastructure, public awareness, and harmonization with other sectoral regulations.
It should be emphasized that the existence of regulations is not the end of the problem, but rather the starting point for systemic transformation in the protection of citizens' digital rights.
The issue of personal data protection is also relevant in the context of globalization and cross-border cooperation.
In many cases, personal data of citizens of one country can be accessed, stored, or processed by entities operating in another country.
This raises cross-border legal challenges .
ross-border data flo.
that require a more robust international legal framework and mutual recognition of protection standards.
This is where the role of international organizations and multilateral forums is important in promoting collaboration and convergence of personal data protection standards.
This research is important to understand the international legal response to digital challenges through the establishment of effective and adaptive data protection standards, as well as to examine the gaps Apart from legal aspects, personal data protection also concerns ethics and human rights, as privacy reflects individual autonomy in a democratic society.
Its loss can limit freedom of expression and activity.
Technological developments such as the IoT, big data, and AI add to the complexity of data management, which without supervision can become a tool for social control.
Therefore, a collaborative and balanced legal approach is needed, particularly in responding to the dilemma between national security and privacy protection, so that there is no abuse in the name of public interest.
METHODS
This study uses a normative legal approach that focuses on the study of legal norms, both those written in legislation and international legal principles.
This approach was chosen because the main issue in this study is closely related to the right to privacy as part of human rights and the framework for personal data protection in international law, which is substantially normative in nature.
The primary data sources in this study are secondary data, which include: .
primary legal materials such as the Universal Declaration of Human Rights .
, the International Covenant on Civil and Political Rights .
, the European Convention on Human Rights .
, the General Data Protection Regulation (GDPR, 2.
, as well as Law Number 27 of 2022 concerning Personal Data Protection in Indonesia.
secondary legal materials in the form of legal Vol.
No.
July 2025: pp.
West Science Law and Human Rights literature, scientific journals, academic articles, and official reports from international and government institutions.
tertiary legal materials such as legal dictionaries and international legal encyclopedias used to strengthen the understanding of basic concepts .
, .
Ae.
The analysis in this study was conducted qualitatively by examining legal documents, expert opinions, and relevant legal doctrines through content analysis to understand the substance of personal data protection norms.
In addition, a comparative legal approach was used to see how international regulations, particularly the GDPR, can be used as a reference in strengthening the data protection system in Indonesia.
The purpose of this method is to gain a comprehensive understanding of the development of data protection standards in international law, identify gaps between global and national regulations, and formulate legal policy recommendations for privacy that are more adaptive to current and future digital challenges.
RESULTS AND DISCUSSION
1 Evolution of the Concept of Privacy in International Law The right to privacy has long been recognized as a fundamental human right.
the Universal Declaration of Human Rights (UDHR) of 1948.
Article 12 states that Auno one shall be subjected to arbitrary interference with his privacy, family, home or Ay Although it does not explicitly mention the term Aupersonal data,Ay this declaration serves as an important foundation that human privacy must be protected by law.
This principle was further strengthened in the International Covenant on Civil and Political Rights (ICCPR) of 1966 through Article 17, which reaffirms the prohibition of arbitrary interference and guarantees legal protection of privacy.
At the regional level, the European Convention on Human Rights (ECHR) in Article 8 explicitly recognizes the right to private life, family, home, and correspondence.
This provision A serves as an important legal foundation for the development of the General Data Protection Regulation (GDPR) by the European Union in 2018 as a response to the challenges of personal data protection in the digital age.
The right to privacy, previously understood as protection of individuals from arbitrary interference, has evolved into a collective issue in the context of digital Advances in information technology and the widespread practice of surveillance by the state and the private sector have expanded the scope of privacy .
This transformation is reflected in the GDPR framework, which builds its foundation on human rights conventions but also addresses modern needs with principles such as the right to be forgotten, informed consent, and data accountability .
Privacy is now a structural issue, as digital footprints and massive data processing impact social equality and civil liberties .
Uncontrolled digital surveillance has the potential to erode democracy and individual autonomy, necessitating regulations that favor human rights .
Invasions of privacy undermine the public interest, affirming that privacy is a common good .
Therefore, the GDPR serves as an important legal instrument in building comprehensive data protection that reflects the universal values upheld in democratic societies .
2 Key Principles of the GDPR and Its Global Impact The General Data Protection Regulation (GDPR) comprehensive international legal instrument regulating the protection of personal data.
The GDPR introduces fundamental principles such as lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation.
One of the main strengths of the GDPR lies in its extraterritorial nature, whereby its provisions apply not only to organizations operating within the European Union, but also to any entity outside the EU that processes personal data of EU citizens.
Vol.
No.
July 2025: pp.
West Science Law and Human Rights such, the GDPR establishes global jurisdiction over data processing activities, including those conducted online and across borders .
, .
The implications of this approach reflect a step forward in international law, particularly in efforts to enforce data protection rights across jurisdictions and overcome domestic legal limitations in guaranteeing the digital rights of citizens.
The impact of the GDPR is felt globally, particularly in Asia and Africa, where many countries are beginning to overhaul their data protection regulatory frameworks to align with GDPR standards.
These adjustments are not only aimed at enhancing protection for their citizens but also as a strategic step in maintaining economic and trade relations with the EU .
, .
GDPR principles such as transparency, accountability, and fairness are now adopted by a number of countries as a reference in developing their national legal systems.
However, the implementation of GDPR outside Europe faces various challenges, mainly due to differences in legal systems and data protection cultures in each country .
Despite its complexity, the GDPR framework provides a comprehensive foundation that can be adapted to local contexts and aligns with the European UnionAos obligations to safeguard the fundamental right to data protection as part of human rights at the international level.
3 Privacy Protection Challenges in the Digital Age Despite regulatory advances such as the GDPR, privacy protection in the digital age continues to face complex and multidimensional challenges.
One key issue is the imbalance between the pace of technological development and the formation of laws.
Technologies such as big data analytics, artificial intelligence (AI), and machine learning have surpassed the ability of current regulations to anticipate the risks of data processing .
, .
The slow pace of legislation, compared to the dynamics of the technology sector, creates legal loopholes that are exploited by various parties, as A demonstrated in the controversy sparked by Edward Snowden surveillance .
On the other hand, national security is often used by states to expand surveillance practices against citizens.
Privacy is often compromised for the sake of security, even without adequate transparency or accountability .
, .
In addition to technical and political aspects, challenges also arise from low digital literacy among the public, especially in developing countries such as Indonesia.
Many individuals do not understand how their data is collected, used, or even traded, making it difficult to demand legal protection for their personal data .
, .
Therefore, increasing public awareness and digital education are crucial steps in strengthening individuals' position as data subjects.
Another equally important challenge is the lack of global consensus on the principles of personal data protection.
Legal inconsistencies between countries complicate cross-border transactions and make it difficult to enforce laws against international privacy violations .
, .
Although regional frameworks such as the GDPR in the European Union and the PIPL in China demonstrate different approaches, uniform global standards have yet to be achieved .
4 Indonesia's Position in the Global Privacy Regulatory Landscape Indonesia has officially enacted Law No.
27 of 2022 on Personal Data Protection (PDP La.
as an important step in strengthening its privacy legal framework.
The law adopts a number of key principles from the GDPR, such as consent, data minimization, and the right to access and correct personal data.
However, the implementation of the PDP Law still faces various obstacles, including the absence of an independent supervisory authority (Data Protection Authorit.
as a regulator and law enforcer, the unpreparedness of the public and private sectors in developing appropriate internal policies, and the lack of socialization and training for law enforcement officials and electronic system operators.
Nevertheless, the existence of this law should be appreciated as Vol.
No.
July 2025: pp.
West Science Law and Human Rights it reflects a paradigm shift from a sectoral approach to a holistic approach to data For the PDP Law to be effective, it needs to be integrated with cybersecurity policies, digital government systems, and institutional reforms that support the implementation of the right to privacy.
CONCLUSION
The right to privacy is a crucial issue in international law in this era of digital On the one hand, technological advances support innovation and efficiency, but on the other hand, they increase the risk of privacy violations and data misuse.
International legal instruments such as the A UDHR.
ICCPR.
ECHR.
GDPR demonstrate global efforts to establish more comprehensive standards for personal data protection, although there are still gaps in implementation between countries.
This study emphasizes the importance of regulations that are adaptive to technology and prioritize the protection of human rights.
In Indonesia.
Law No.
27 of 2022 on Personal Data Protection is an important first step, but its implementation still requires independent oversight and active public participation.
Personal data protection is not merely a technical legal issue, but a tangible manifestation of respect for human dignity.
Therefore, global synergy and collective awareness are key to creating a safe and fair digital ecosystem.
REFERENCES