KUALIFIKASI YURIDIS PHISHING SEBAGAI KEJAHATAN MANIPULASI INFORMASI ELEKTRONIK DAN PEROLEHAN DATA PRIBADI SECARA MELAWAN HUKUM

Abstract

The development of digital technology has encouraged the emergence of various forms of cybercrime, one of which is phishing conducted through the manipulation of electronic information to unlawfully obtain victims’ personal data. The urgency of this study lies in the limited legal approach to phishing crimes, particularly the use of provisions oriented toward illegal access under Article 30 of the Electronic Information and Transactions Law (ITE Law), which has not fully addressed the characteristics and modus operandi of phishing. This study aims to analyze the application of Article 35 of the ITE Law and Article 65 paragraph (1) of the Personal Data Protection Law (PDP Law) to phishing crimes, as well as the element of intent in phishing as a form of electronic information manipulation and unlawful acquisition of personal data. This study employed a normative juridical method using statutory, and conceptual approaches. The findings indicate that phishing constitutes an intentional act (dolus directus) involving electronic information manipulation and unlawful acquisition of personal data. Therefore, Article 35 of the ITE Law and Article 65 paragraph (1) of the PDP Law are more appropriate for prosecuting phishing offenders in Indonesia.