Journal of International Trade, Logistics and Law, Vol. 8, Num. 1, 2022, 23-27 

 

23 
 

 

PROTECTION OF PERSONAL DATA IN THE CARE APPLICATION 

 
Mays AMELIA 

Universitas 17 Agustus 1945 Surabaya, Indonesia 
 

Tomy MICHAEL 
Universitas 17 Agustus 1945 Surabaya, Indonesia 

 
 

Received: Jan 14, 2022        Accepted: March 22, 2022            Published: June 01, 2022 

 
Abstract: 
The porpose of this study is to solve public doubts about the security of personal data in the PeduliLindungi application. This study uses a 
normative research method that is oriented to the rule of law and a case approach. The law in Indonesia has not regulated the violation of 
personal data leakage, so there are no strict sanctions against the perpetrators who leak personal data. Because there is no legal certainty 
in the protection of personal data, there are many crimes and result in the misuse of personal data. Currently the guarantee of personal 
data protection is only based on the ITE Law but there are no criminal provisions against perpetrators of spreading personal data. 
Because there is a legal vacuum, a draft law on the protection of personal data has been made, rules that can protect citizens’ personal data 
have been made, but these regulations have not been ratified. The government should provide provisions so that legal certainty is achieved. 
In this era of technological development 4.0, the government is required to be firm in establishing regulations related to cyber crime. 
Another way is to add the KTP function to replace the PeduliLindungi application to track the spread of the Corona virus because the 
KTP has guaranteed the security of one’s personal data. 
 
Keyword: PeduliLindungi, Personal Data, COVID-19 
 

1. Introduction  
COVID-19 is a contagious and deadly virus. The spread of this virus is widespread and more and more people are 
dying from this virus. There were 222,051,739 positive cases of people infected with the corona virus, with a total 
death of 4,590,290 people and 198,668,020 recoveries worldwide.(Dadax, 2020) This virus begins to attack animals, 
such as camels and bats. There are six types of coronavirus that grow in the human respiratory tract. There are 229E, 
NL63 of the genus Polygonum, OC43, and HPU of the genus beta, Middle East Respiratory Syndrome-Associated 
Corona Virus (MERSCoV).(Wang, Qiang and Ke, 2020) 
Indonesia is now entering the 4.0 era or the 4th industrial revolution by following technological developments, 
humans are greatly helped by technological developments that are connected to the internet network. Just like what 
humans do, most of them have used digital-based technology for their daily life.(Syaifudin, 2020)  
Through a survey of e-marketer research instutions 2015, 70% of the Indonesian population uses smart phones, and 
the rest don’t use smartphones.(Laksana and Pramira Harja, 2020) The government is assisted by the Ministry of 
Communication and Information, the Ministry of Health, and the Ministry of State-Owned Enterprises in 
collaboration with PT. Telekomunikasi Indonesia stopped the spread of the Covid-19 virus, by creating an 
application called PeduliLindungi. The way this application works is by downloading the PeduliLindungi on the 
Appstore, then registering by filling in personal data and the application can be used. The system will ask the user to 
enable location data. So users of this application can provide information regarding the crowds and zoning status of 
the spread of Covid-19 in the area the user is currently occupying.(Olivia, Rosadi and Permata, 2020) 
 Even though it is in the form of an application, personal data information must still be protected. Like 
names, e-mails, mobile phone numbers. This application is to help government agencies track the extent to wich 
vaccination programs are spread.(RI, 2020) In the case of the leak of personal data of the President of the Republic 



 Mays AMELIA & Tomy MICHAELE 

 

24 
 

of Joko Widodo, data that should be protected can easily be leaked. Personal data is data in the form of specific 
personal identity, symbols, letters or numbers as a masker of a person’s personal self.(Smits, 2012)  
 The Electronic Information and Transactions Law (ITE) is often used as a source of law when there is a 
violation of the protection of personal data. Article 26 paragraph 1 and paragraph 2 of Law Number 19 of 2016 
concerning Amendments to Law Number 11 of 2008 concerning Information and Electronic Transactions regulates 
the use of any information through a gadget or electronic media related to a person’s personal data must be carried 
out with approval the person concerned because this is a human right wich, if violated, the owner of personal data 
can file a lawsuit for the losses incurred under this law. If there is a leak of personal data, it is feared that it will result 
in misuse and even have a negative impact on the account owner. As explained in Article 1 of Law Number 24 of 
2013 concerning Population Administration, hereinafter referred to as the Adminduk Law, point 22: Personal Data is 
certain individual data that is stored, maintained, and kept the truth and confidentiality. With this background, the 
authors found the problem formulation of how the PeduliLindung application maintains the security of personal 
data on users? And who is responsible for the security of the PeduliLindung application's personal data? 
Personal data is a sensitive thing owned by everyone person. Personal data is a person's privacy right that must be 
protected from various aspects life.(Kusnadi, 2021) Previous research related to the material is Fanny Priscyllia's 
research, entitled Personal Data Privacy Protection from Comparative Legal Perspectives, 2019. The conclusion 
from the journal is, Personal data privacy protection is a person's personal foundation principle. Privacy of personal 
data is a constitutional right of every citizen so that the regulation is a form of respect and protection for that right. 
Privacy protection arrangements for personal data can have a positive impact, one of which is increasing Indonesia's 
economic value in the world marketplace. The protection of personal data privacy in the perspective of comparative 
law, places the right to privacy as one of the constitutional rights of citizens so that the form of respect and 
protection of constitutional rights is specifically regulated and establishes or appoints a special supervisory agency to 
be able to guarantee the implementation of the data privacy protection law. the personal.(Priscyllia, 2019) 
The second research is the research of Nurhidayati, Sugiyah, and Kartika Yuliantari. Journal with the title Personal 
Data Protection Settings in PeduliLindung Application Users, 2021. The conclusion of the journal is, The use of 
digital technology today is a necessity to carry out an activity in various fields of life. Especially with the Covid-19 
pandemic, which requires social restrictions. The rapid and massive spread of Covid-19 requires the government to 
make various efforts to reduce the spread. One of them is by launching the Cares Protect Application. Protection of 
Personal Data of PeduliLindung application users is based on regulations in the field of Information and 
Communication Technology, Health and the implementation of Population Administration because there is no law 
that specifically regulates Personal Data Protection.(Nurhidayati, Sugiyah and Yuliantari, 2021) In this study using 
normative legal research.(Michael and Sudini, 2021) 

 
2. Research Results and Discussion 
2.1 Human Rights Theory 
The government is trying to break the chain of spread of the COVID-19 virus by limiting community activities by 
distributing COVID-19 vaccinations. At the beginning of the COVID-19 vaccine was carried out by all medical 
personnel. Then continued giving to the elderly, essential sector workers and teachers. Until now, the overall 
percentage of vaccines has reached 44.5% of the government's target. 
With the stipulation of the Government that requires vaccination as a condition for activities with the aim of 
establishing herd immunity, the body's immunity is formed for associations of people with a wide scope against 
disease transmission so as to provide protection against a virus. This method is believed to be able to suppress the 
spread of the COVID-19 virus, if many people are immune to a disease, the more difficult it is for the virus to 
spread.(KENCANA, 2020) This violates a person's human rights. Human rights are different from human rights. It 
is explained in a book entitled Human Rights: A Basic Handbook for UN Staff, United Nations, that human rights 
are inherent in humans.(United Nations, 2010) This means that these human rights exist because humans exist, and 
since humans are born, humans have human rights. This right is not owned by creatures other than humans, and this 
right is not granted from any party. The basic rights that are the subject of human rights are called human rights. As 
in Article 28A of the 1945 Constitution of the Republic of Indonesia which stipulates the rights of citizens and 
residents to live, the right to form a family, to have a decent life, to be protected from discrimination and violence, to 
get justice before the law, the right to express opinions, and other rights. 



Protection of Personal Data in the Care Application  

 

25 
 

Human rights in this study, namely, the community is required to vaccinate against Covid-19 to suppress the spread 
of the virus. Choosing to accept or reject this vaccination is a human right, because humans have the right to choose 
and are responsible for health services for themselves. In accordance with Article 5 paragraph (3) concerning Health, 
Law no. 36 of 2009. 
People who are not vaccinated can still live and have the possibility of being free from the corona virus. Humans can 
choose to be vaccinated or reject it because humans have reason, we can find out in advance whether the vaccine is 
suitable and feasible for our bodies. As stated in Article 8 of Law no. 36 of 2009 concerning Health "Everyone has 
the right to obtain information about their own health data including actions and treatments that have been or will 
be received from health workers." 
Privacy was first defined by Warren and Brandheis which was written in an article in a scientific journal with the title 
"The right to privacy" or the right not to be disturbed. According to Warren and Brandheis, everyone has the right 
to enjoy life with the times and technological advances, humans are expected to understand the privacy rights of each 
individual more and more.(Benuf, 2019) 
 
2.2. Personal Data Protection 
Before the pandemic, people were free to choose the health services they needed for themselves. in accordance with 
article 5 of Law number 36 of 2009 concerning health item 3: "Every person has the right to independently and 
responsibly determine the health services needed for himself". 
However, since a global pandemic occurred, Article 14 paragraph (1) of Law No. 4 of 1984 concerning infectious 
disease outbreaks applies, that anyone who deliberately hinders the implementation of epidemic control as regulated 
in this Law, is threatened with imprisonment for a maximum of 1 year. or a maximum fine of 1 million. 
The government's effort to suppress the spread of the virus is by vaccinating against Covid-19. In accordance with 
Article 9 of Law No. 6 of 2018 concerning Health Quarantine, everyone is obliged to comply with and participate in 
the implementation of Health Quarantine. And applies Article 93 of Law no. 6 of 2018 that anyone who does not 
comply with the implementation of health quarantine as referred to in Article 9 paragraph 1 and or hinders the 
implementation of health quarantine so as to cause a public health emergency shall be punished with a maximum of 
1 year and or a maximum fine of one hundred million rupiah. 
In this case, vaccination is mandatory. The principle of Lex specialis derogat legi generali applies. Law No. 4 of 1984 
and Law No. 6 of 2018 abolished Law No. 36 of 2009 on the grounds of a health emergency and in the public 
interest overriding personal interests. 
In relation to the PeduliLindung application which contains personal data that must be protected, several regulations 
discuss the meaning of personal data according to Article 1 number 29 of the Government Regulation (PP) 
Concerning the Implementation of Electronic Systems and Transactions Number 71 of 2019 concerning personal 
data is any data about a person, who is identified or which can be identified separately or combined with others, 
either directly or indirectly, through electronic or non-electronic systems. 
According to Philip M. Hadjon, the theory of legal protection is the protection of dignity and worth, as well as the 
recognition of human rights to the subject of law.(Hadjon, 2007) Therefore, the protection of personal data includes 
individual rights that must be protected, stored, and kept confidential so that the security must be guaranteed by the 
state .(Benuf, Mahmudah and Priyono, 2019) 
Legal protection comes from the word "protect" which means an act that can protect, defend, prevent something. 
Meanwhile, law is a rule that exists in a country to regulate people's behavior. Consumers have the right to share 
their personal data or not. PeduliLindung contains a secret Population Identification Number and in the NIK there 
is information on Province, city code, sub-district code, date of birth, month of birth, year of birth, and 
computerized numbers that are vulnerable to being misused by others if leaked. Electronic KTP, hereinafter referred 
to as KTP-el according to Article 1 of the Administrative Law point 14: E-KTP is a resident identity card equipped 
with a chip which is the official identity of the population as proof of self issued by the Implementing Agency. The 
chip is guaranteed security so that people don't worry about personal data on their ID cards. Meanwhile, 
PeduliLindung is an application that, when compared to data security on an ID card, is much more secure and 
guaranteed. The possibility of data leakage on the KTP is less because the KTP is a card that is only owned by 1 
resident. It is different with PeduliLindung because it is an application that can be accessed freely by anyone and uses 
any gadget. 



 Mays AMELIA & Tomy MICHAELE 

 

26 
 

In the provisions regarding PeduliLindung's Data Confidentiality Policy, it is stated that the data stored in the data 
storage includes the mobile number, user ID and location and time of data exchange. Written data is stored securely 
and not shared with the public. However, the information in the PeduliLindung application does not explain who 
can access and process the relevant data. Although the government and PT. Telkom has stated that the data in the 
PeduliLindung application is safe, but as secure as an electronic system is, nothing is truly 100% secure.(Nurhidayati, 
Sugiyah and Yuliantari, 2021) 
 

3. Conclusion 
PeduliLindung is an application made by PT. Telekom Indonesia with the aim of helping the government carry out 
contact tracking, contact tracing, which actually does not require the collection of users' personal data. The author 
supports the use of the PeduliLindung application because its goal is to create better conditions during the Covid-19 
pandemic. 
However, in its implementation there is a great risk of the user being harmed if PeduliLindung uses the user's 
personal data in its operation. Because there is no certainty about the protection of users' personal data and there is 
no definite and clear information regarding the person in charge of the PeduliLindung application. This is a violation 
of the theory of legal protection and the theory of human rights, because the government requires the use of the 
PeduliLindung application but does not provide clear legal protection for users' personal data, so that people's 
human rights are not ignored. Although the government and PT. Telkom has stated that the data in the 
PeduliLindung application is safe, but as secure as an electronic system is, nothing is truly 100% secure. 
 
 

References 
Benuf, K. (2019) ‘Jurnal Gema Keadilan Jurnal Gema Keadilan’, Jurnal Gema Keadilan, 6(II). 
Benuf, K., Mahmudah, S. and Priyono, E. A. (2019) ‘PERLINDUNGAN HUKUM TERHADAP KEAMANAN 

DATA KONSUMEN FINANCIAL TECHNOLOGY DI INDONESIA’, Refleksi Hukum: Jurnal Ilmu 
Hukum, 3(2). doi: 10.24246/jrh.2019.v3.i2.p145-160. 

Dadax (2020) HTTPS://WWW.WORLDOMETERS.INFO/CORONAVIRUS/, COVID-19 Coronavirus 
Pandemic. 

Hadjon, P. M. (2007) Perlindungan Hukum Bagi Rakyat Di Indonesia Edisi Khusus, Jogjakarta: Peadaban. 
KENCANA, W. H. (2020) ‘PERAN DAN MANFAAT KOMUNIKASI PEMBANGUNAN PADA APLIKASI 

PELACAK COVID-19 SEBAGAI MEDIA KOMUNIKASI KESEHATAN’, Commed : Jurnal Komunikasi 

dan Media; Vol 5 No 1 (2020): Commed : Jurnal Komunikasi dan MediaDO  - 10.33884/commed.v5i1.2495 . 
Kusnadi, S. A. (2021) ‘PERLINDUNGAN HUKUM DATA PRIBADI SEBAGAI HAK PRIVASI’, AL WASATH 

Jurnal Ilmu Hukum, 2(1). doi: 10.47776/alwasath.v2i1.127. 
Laksana, A. P. and Pramira Harja, R. (2020) ‘PERBANDINGAN REGULASI FINANCIAL TECHNOLOGY 

TERKAIT PERLINDUNGAN DATA NASABAH DI INDONESIA DENGAN NEGARA LAINNYA’, 
Rechtidee, 15(2). doi: 10.21107/ri.v15i2.5411. 

Michael, T. and Sudini, L. P. (2021) ‘Omnibus Law Legal Certainty in the Perspective of Legislation’, Proceedings of 
the 2nd International Conference on Business Law and Local Wisdom in Tourism (ICBLT 2021), pp. 509–512. 
doi: 10.2991/ASSEHR.K.211203.109. 

Nurhidayati, N., Sugiyah, S. and Yuliantari, K. (2021) ‘Pengaturan Perlindungan Data Pribadi Dalam Penggunaan 
Aplikasi Pedulilindungi’, Widya Cipta: Jurnal Sekretari dan Manajemen, 5(1). doi: 10.31294/widyacipta.v5i1.9447. 

Olivia, D., Rosadi, S. D. and Permata, R. R. (2020) ‘PERLINDUNGAN DATA PRIBADI DALAM 
PENYELENGGARAAN APLIKASI SURVEILANS KESEHATAN PEDULILINDUNGI DAN 
COVIDSAFE DI INDONESIA DAN AUSTRALIA’, DATIN LAW JURNAL, 1(2). doi: 
10.36355/dlj.v1i2.453. 

Priscyllia, F. (2019) ‘Perlindungan Privasi Data Pribadi dalam Perspektif Perbandingan Hukum’, Jatiswara, 34(3), pp. 
239–249. doi: 10.29303/jatiswara.v34i3.218. 

RI, K. (2020) Official Business Account COVID19.GO.ID, Whatsapp. 
Smits, J. M. (2012) The mind and method of the legal academic, The Mind and Method of the Legal Academic. doi: 

10.4337/9780857936554. 



Protection of Personal Data in the Care Application  

 

27 
 

Syaifudin, A. (2020) ‘PERLINDUNGAN HUKUM TERHADAP PARA PIHAK DI DALAM LAYANAN 
FINANCIAL TECHNOLOGY BERBASIS PEER TO PEER (P2P) LENDING (Studi Kasus di PT. Pasar 
Dana Pinjaman Jakarta)’, Jurnal Ilmiah Ilmu Hukum, 26. 

United Nations (2010) ‘Human Rights. A basic handbook for UN Staff’, International Journal on Minority and 
Group Rights, (May). 

Wang, Z., Qiang, W. and Ke, H. (2020) ‘A Handbook of 2019-nCoV Pneumonia Control and Prevention’, Hubei 
Science and technology press.