Comparison of Personal Data Protection Laws Using Narrative Policy Framework Between Indonesia, Malaysia, and Japan

The era of information and communication technology continues to grow and shows a significant increase. is a type of offensive maneuver used by a state, individual, group, or organization that targets computer information systems, infrastructure, computer networks, and or personal computer devices using malicious acts which usually originate from anonymous sources who steal, modify or destroy the specified target by hacking a vulnerable system. Cyberattacks can happen in any part of the country. The increasing use of the internet has the risk of increasingly massive hacking threats. The National Cyber and Crypto Agency (BSSN) noted that until April 2022, cyber attacks in Indonesia reached 100 million cases. This research benchmarks the situation of cyber attacks and personal data protection regulations in Indonesia with countries that have better handling of cyber crimes. The method is to compare narrative elements in the form of heroes, villains, and victims in each country, using the Narrative Policy Framework (NPF) analysis method. The Narrative Policy Framework is an approach or research framework on the public policy process, it is identified that the hero character represented by comprehensive personal data protection regulations has long been used by Japan and Malaysia. The character of heroes in Indonesia seems not to be too dominant because there are villains who are present in the form of the absence of unified regulations for the protection of personal data from the threat of cyber attacks