Dewi Nadya Maharani (1), Muhamad Afifullah (2), Fauzan Muzakki (3), Henni Wijayanti (4), Roosdiana Harahap (5)
General Background: The rapid growth of e-commerce, fintech, and digital platforms has transformed consumer interactions while increasing consumer risks in the digital economy. Specific Background: Consumer protection in Indonesia is governed by the Consumer Protection Law and supported by the Electronic Information and Transactions Law, the Personal Data Protection Law, and sectoral regulations related to electronic systems. Knowledge Gap: Despite these regulations, legal fragmentation creates uncertainty and fails to explicitly recognize vulnerable consumers in digital transactions. Aims: This study develops a conceptual framework for vulnerable consumers and examines its incorporation into Indonesia’s Consumer Protection Law. Results: The findings reveal that Indonesia’s legal framework remains formally equal and fragmented, providing only partial protection through sectoral regulations while leaving many vulnerable groups insufficiently protected. Novelty: The study integrates theories of legal protection, distributive justice, the welfare state, and consumer rights to propose a vulnerability-sensitive framework. Implications: The findings support the harmonization of consumer protection, electronic transaction, and personal data protection laws to establish a more adaptive and inclusive consumer protection system in Indonesia’s digital ecosystem.
Highlights:
Keywords: Legal Protection, Vulnerable Consumers, Digital Transactions
The development of information technology has driven a fundamental transformation in economic activities, especially through the digitisation of goods and/or services transactions. The digital commerce ecosystem, which includes e-commerce, financial technology (fintech), and various electronic platforms, has created widespread efficiency, speed, and accessibility for the public.[1, hlm. 321] This is reflected in the increase in online economic activity. However, in practice, these digital transactions are inseparable from various risks that can harm both consumers and the business actors involved.[2] Behind these advances, the legal relationship between business actors and consumers has undergone a significant shift marked by increasing complexity, system shutdown, and the dominance of business actors in mastering information and technology.
In this context, consumers no longer deal directly with business actors in a transparent relationship, but through a digital system that is algorithmic and not fully understandable. This condition strengthens the asymmetrical bargaining position in which business actors have greater control over transaction design, information flows, and approval mechanisms.[3, hlm. 3247] As a result, consumers may suffer losses not only from inappropriate goods or services but also from manipulative system design, misleading information, and exploitative digital practices.
This problem becomes even more critical when it affects more vulnerable consumer groups. In practice, not all consumers have the same capacity to understand and manage risks in digital transactions. Children, older people, and individuals with low digital literacy are inherently more vulnerable groups.[4, hlm. 1775]
This reality is reflected in various concrete cases in Indonesia. In 2021, a mother from Kediri, Ririn Ike Wulandari, had to pay more than IDR 11 million in bills because her 12-year-old son used his parents' identities to make online gaming transactions, without understanding the legal and financial consequences.[5] This case shows that children as users of digital systems do not have adequate capacity to understand the implications of electronic transactions.
On the other hand, in 2024, an older adult with the initials HS who lives in Kebayoran Baru will become a victim of digital fraud, losing up to IDR 1.2 billion. The perpetrator uses an undercover mode as an official officer to access the victim’s data and accounts. This event shows how the limitations of digital literacy and high trust in authority can be exploited in technology-based transactions.[6]
Both cases show that consumer vulnerability in digital transactions is not just a theoretical issue but an empirical reality with significant impact. Children are vulnerable to manipulation of digital transaction systems and their designs, while older people are vulnerable to social-engineering-based fraud. This shows that risks in digital transactions are not evenly distributed, but are concentrated in a specific group of consumers.
Normatively, Indonesia already has Law Number 8 of 1999 on Consumer Protection (UUPK) as the primary legal framework for guaranteeing consumer rights.[7, hlm. 907] However, the UUPK is still designed in the context of conventional transactions and has not fully accommodated the characteristics of complex and technology-based digital transactions. Furthermore, the UUPK has not explicitly recognised the concept of “vulnerable consumers”, so the protection provided tends to be general and uniform (a one-size-fits-all approach).
On the other hand, the legal attitude has changed, as evidenced by the most recent legislative changes. The promulgation of Government Regulation Number 17 of 2025 on the Governance of Electronic Systems in Child Protection, implemented through the Ministry of Communication and Digital Regulation Number 9 of 2026, signals the state’s acknowledgement of children as individuals requiring particular protection within the digital ecosystem. In response to growing digital hazards for children, this regulation stresses the need for secure system design and access restrictions on digital platforms.[8]
These regulations are still sectoral and have not been integrated into the consumer protection regime as a whole. This condition creates legal tension between the UUPK, as a lex generalis, and sectoral regulations that are more progressive in accommodating vulnerabilities. On the one hand, the state has recognised the importance of specific protections for certain groups. On the other hand, it has not made any adjustments to the main legal framework governing consumer protection.
Furthermore, regulatory fragmentation may lead to ambiguity and a lack of protection, particularly for digital interactions in many sectors. Moreover, any measures aimed at younger generations can also leave other vulnerable segments, such as older individuals with little experience using digital media, unattended, thereby posing the same threat.
Several existing studies about the issue of consumer protection in the digital environment have been found, though none of them has attempted to develop a framework for consumer protection for vulnerable consumers in Indonesia. For instance, a comparative study by Hedwig Adianto Mau on consumer protection law in the digital age, comparing Indonesia and the EU, reveals that the Indonesian legal framework is fragmented and reactive, whereas the EU's is preventive, rights-based, harmonised, and effectively enforced.[9]
Additionally, another group of scholars, including Deviana Yuanitasari and Rafan Darodjat, has explored the idea of protecting vulnerable consumers based on economic law and sustainable development. The latter has identified consumer protection not only as a market regulation but also as an economic tool to tackle inequality in society.[10]
These studies have weaknesses when analysed from the perspective of the legal system in Indonesia. Firstly, the comparative study carried out by Mau only assesses the basic aspects of consumer protection laws in Indonesia and Europe, but does not discuss the theoretical aspect of the notion of “vulnerable consumers” in the context of consumer protection law in Indonesia, as well as how it can be incorporated in UUPK as the lex generalis and related sectoral legislation.[9] Secondly, although the study by Yuanitasari and Darodjat proposes an integrated legal framework combining the idea of vulnerable consumer protection with the Sustainable Development Goals, it fails to incorporate this legal framework into the Consumer Protection Law of Indonesia and relevant laws in the digital market environment.[10]
The following study stands out and provides an element of novelty in at least two ways. Firstly, it attempts to construct doctrinally and theoretically the doctrine of “vulnerable consumers” in the Indonesian context, linking the idea of vulnerability to theories of legal protection, distributive justice, welfare state, and consumer rights theories, and then using the same construct to critique the extant consumer protection regime in digital transactions. Secondly, unlike other studies, which only make comparative analysis of the Indonesian regime vis-à-vis the regimes of the European Union and the United States in general terms, this study draws upon such comparative analysis to provide specific suggestions for amending the UUPK to harmonize it with both the Information and Electronic Transaction Law and Personal Data Protection Law, enabling Indonesia to evolve into a more adaptive regime of consumer protection.
In conclusion, the problem of safeguarding clients in digital trade in Indonesia cannot be solely linked to an inadequate legislative framework but is rather associated with the inefficiency of the regulatory system in general. Therefore, it is necessary to update the UUPK as a lex generalis by explicitly integrating the concept of “vulnerable consumers” to create a more comprehensive, adaptive, and substantive, justice-oriented legal protection system in the digital ecosystem.
This research falls under normative legal research, which analyses legal norms governing consumer protection in digital transactions in Indonesia, particularly those affecting vulnerable consumer groups.[11] This normative legal research examines the suitability, gaps, and disharmony of norms within the applicable legal framework and develops an ideal legal framework. This research applies several approaches, namely: First, the statute approach is used to examine relevant laws and regulations to identify existing regulations and potential gaps and inconsistencies in norms.[12, hlm. 42] Second, the conceptual approach used to analyse the concept of “vulnerable consumers” to build a theoretical foundation for formulating more adaptive and equitable legal protection.[13] Third, the comparative approach [14, hlm. 101]by reviewing the regulations that apply in Indonesia and comparing them with those in the European Union and the United States. The analysis was conducted qualitatively, using descriptive-analytical methods and legal interpretation, to assess the alignment between existing regulations and protection needs.
In this normative legal research, the primary legal materials consist of statutory regulations and binding instruments directly governing consumer protection and digital transactions. These include Law Number 8 of 1999 on Consumer Protection, the Law on Information and Electronic Transactions (and its amendments), the Personal Data Protection Law, Government Regulation Number 17 of 2025 and its implementing regulations, as well as relevant court decisions and regulatory guidelines. Secondary legal materials comprise academic books, peer reviewed journal articles, research reports, and comparative studies on consumer protection, digital platforms, and vulnerable consumers, particularly in the European Union and the United States.
The legal materials were collected through document study and literature review by accessing official government portals, legal databases, and reputable academic repositories. The selection of materials used purposive sampling based on their relevance to: (a) consumer protection in digital transactions, (b) the concept and criteria of vulnerable consumers, and (c) regulatory fragmentation between the Consumer Protection Law, the Law on Information and Electronic Transactions, and the Personal Data Protection Law.
In analysing the primary legal materials, this research employs several methods of legal interpretation. Grammatical interpretation is used to examine the wording of provisions on consumer rights, business actors’ obligations, and digital transaction regimes. In contrast, systematic interpretation connects these provisions across different laws to identify inconsistencies, overlaps, and gaps that affect vulnerable consumers. Teleological interpretation is then applied to assess whether the existing legal framework fulfils the protective purpose of consumer law in digital transactions, particularly for vulnerable groups such as children, older persons, and individuals with low digital literacy, and, where necessary, supported by comparative interpretation drawing on the European Union and United States models.
The construction of consumer protection law in Indonesia is formally based on UUPK, which serves as a lex generalis. The UUPK builds legal relations between consumers and business actors through three main pillars, namely: [15, hlm. 78]
1. Recognition of consumer rights
2. Imposition of obligations on business actors
3. Prohibition of harmful trading practices.
However, in the context of digital transactions, these basic assumptions have been significantly disrupted. Legal relations are no longer direct (face-to-face transactions) but are mediated by electronic systems controlled by business actors via digital platforms.[16, hlm. 1934] Thus, the construction of consumer protection law has shifted from a two-party relationship to one in which technology architecture is the primary determinant of legal relations.
This shift is not singular, but can be identified through several interrelated dimensions of change in the construction of consumer protection law. To make the analysis easier, the changes are classified into four main aspects, namely: [17, hlm. 76]
1. Shift from contract-based protection to system-based control
2. Increasing information asymmetry and dominance of digital platforms
3. UUPK’s limitations in reaching digital transaction practices
4. absence of a risk- and vulnerability-based approach.
The four aspects will be analysed in stages as follows:
a. Switch from “Contract-Based Protection” to “System-Based Control.”
In the UUPK paradigm, consumer protection is based on the assumption of consent arising from the parties’ agreement.[18] This principle is rooted in classical treaty law, which emphasises freedom of contract. However, in digital transactions, the consent is often pseudo-(illusory consent), because: [19, hlm. 844]
1) the consumer does not read or understand the terms and conditions,
2) information is presented in a complex and non-transparent manner,
3) and the existence of an interface design that encourages quick decisions without reflection (dark patterns).
As a result, contract-based protection becomes ineffective. The more dominant thing is system-based control, where business actors regulate:
1) What consumers see,
2) how the options are displayed,
3) and how decisions are made.
Thus, the locus of legal protection should shift from mere "contract content" to "system design" as an object of regulation.
b. Asymmetric Information and Platform Dominance
In digital transactions, information inequality (information asymmetry) is intensifying and is much more complex than in conventional transactions. Business actors not only know product information, but also have access to:[20, hlm. 927]
1) consumer behaviour data,
2) individual preferences,
3) as well as algorithm-based consumption patterns.
Instead, consumers receive only information filtered and curated by the system. This creates a condition called “asymmetric transparency”, where businesses know a lot about consumers, but consumers don’t know how the system works. In this context, digital platforms no longer function as neutral intermediaries, but rather as dominant actors that determine product visibility, influence consumer decisions, and even shape market preferences.[21]
c. Limitations of Consumer Protection Law in Reaching Digital Practices
In light of the dynamics of digital transactions, UUPK has significant limitations. These limitations are not only conceptual, but can also be traced concretely through the provisions of the articles in the UUPK that have not been able to reach the characteristics of digital transactions, which are:
1) Limitations of Article 4 of the UUPK (Right to Information)
Article 4 of the UUPK gives consumers the right to obtain true, clear, and honest information about the condition and warranty of goods and/or services. However, in the digital context, this provision faces an implementation problem, because:[22, hlm. 147]
a. information is presented in the form of long and complex terms and conditions;
b. there is no obligation as to the manner in which the information is presented (e.g., it must be simple, concise, or easy to understand);
c. does not regulate the prohibition of misleading interface design.
As a result, formally, business actors are considered to have fulfilled their information obligations, but substantively, consumers remain unable to understand. This shows that Article 4 remains oriented towards the availability of information rather than its comprehension.
2) Limitations of Article 7 of the UUPK (Obligations of Business Actors in Good Faith)
Article 7 sets out the obligation of business actors to act in good faith when carrying out their business activities. However, problems arise because the concept of good faith in the UUPK remains abstract and lacks operational parameters in the digital context.[23, hlm. 479] In practice, business actors can develop a system that is formally legal but, by design, encourages decisions that are detrimental to consumers. Thus, Article 7 has not evolved into a digital goodwill standard, which should include a prohibition on the exploitation of cognitive bias, a fair design obligation in accordance with the original, and system transparency.
3) Limitations of Article 8 of the UUPK (Prohibition of Non-Conforming Products/Services)
Article 8 prohibits business actors from producing or trading goods and/or services that do not comply with the required standards. However, this provision remains oriented toward physical products and has not explicitly addressed digital products (applications, platforms, systems), unilateral modifications, or algorithmic manipulation. In digital practice, consumer losses often do not stem from product defects, but from system design, transaction mechanisms, or data processing.[24, hlm. 46] This shows that Article 8 has not been able to reach the dominant forms of non-physical loss in the digital economy.
d . The Absence of the Concept of “Vulnerable Consumer” as a Norm Void
The key issue in consumer protection in Indonesia is the lack of a clear, specific legal definition of “vulnerable consumers” in existing laws and regulations. The Consumer Protection Law (UUPK) addresses consumers broadly, without distinguishing among different characteristics or levels of vulnerability. This can be seen in Article 1, point 2, which defines consumers generally as any individual who uses goods and/or services, without further categorisation. Additionally, Article 4 outlines consumer rights, including the rights to comfort, safety, and access to clear and accurate information. While Article 7 requires business actors to act in good faith. However, they remain rather general in scope and do not specify any particular safeguards aimed at protecting certain categories of consumers. The problem becomes especially important when talking about the sphere of e-commerce since there are people who have trouble understanding various types of information and risks, as well as making appropriate judgments.
Vulnerable groups are community groups with certain limitations that place them more easily exposed to social, economic, and legal risks. In the context of law and social development in Indonesia, this group generally includes children, the elderly, people with disabilities, women, low-income communities, indigenous peoples, and individuals who have limitations in accessing information and technology.[25]
In the view of the theory of legal protection, as stated by Philipus M. Hadjon, the law should protect the weaker by recognising and guaranteeing their rights, to achieve balance in legal relations.[26] This view is in line with Aristotle’s theory of distributive justice in the Nicomachean Ethics, which emphasises that justice does not mean equal treatment but rather treatment proportionate to each individual’s circumstances. Thus, providing equal protection to all consumers, regardless of their vulnerability risks, creates substantial injustice.
Theory on the welfare state states that there is an active duty on the state to provide protection to the disadvantaged groups. The concept here entails that there is a need for the state to adopt an active stance instead of a passive one by getting involved in the law-making process to provide protection and social justice. Therefore, the absence of provisions regarding vulnerable consumers means that the state’s role in providing protection has failed to perform optimally.
The theory of consumer rights is built on the recognition of the imbalance in power between firms and consumers, in particular, regarding leverage in negotiations and information available to both parties. When taking into consideration electronic transactions, which involve an information asymmetry in favour of the business party as well as the higher level of control of such processes, the aforementioned imbalance becomes even more evident. While Article 18 of the Consumer Protection Law explicitly states that standard terms unfavourable to consumers cannot be included in agreements, the implementation of this rule does not result in adequate protection of the disadvantaged group. The majority of consumers are still at risk, including people who lack understanding of their digital rights due to the lack of ability to fully understand the information provided in digital agreements.
There has been a creation of a vacuum as a result of no clear legal standards to cover the issue of vulnerable consumers. Vulnerable consumers may have a low level of understanding of technology and a limited ability to access information. They are very dependent on the Internet because they conduct all their transactions using electronic devices. For instance, Article 28 (1) attempts to control the spreading of fake news, but it does not have any provision suitable for vulnerable consumers. The Electronic Information and Transactions Law contains no specific regulations for covering the interests of vulnerable consumers. In addition, the Personal Data Protection Law requires consent from consumers in the use of their data, but it does not consider their vulnerability to give informed consent.
Not only does the lack of recognition of vulnerable consumers imply a lack of normative guidelines, but it also suggests the limitations of a purely formalistic approach to the protection of consumers. Under this framework, consumers are treated by law as homogenous actors, and therefore any particularities of the situation that may affect their ability to enter into transactions are overlooked. A dire need for substantive justice and the welfare state principle must thus arise by formally recognising vulnerable consumers in legislation. This will lead to the formulation of concrete regulatory guidelines to combat the structural injustices in online transactions and enable Indonesia to evolve its consumer protection regime accordingly.
Legal protection for consumers in digital buying and selling transactions is an important consideration in line with technological development and the rapid growth of digital commerce.[27] One of the fundamental challenges in safeguarding vulnerable consumers in digital transactions in Indonesia is the fragmented regulatory framework. Relevant provisions are dispersed across multiple laws and regulations, such as Law Number 8 of 1999 on Consumer Protection, the Law on Information and Electronic Transactions, and Law Number 27 of 2022 on Personal Data Protection, each addressing different aspects without a coherent or integrated approach. This condition causes consumer protection to operate only partially and has yet to establish a comprehensive legal framework amid increasingly complex developments in digital transactions.
Inconsistencies within the regulatory environment can lead to increased legal uncertainty that affects both actors within the business environment and consumers. On one hand, inconsistencies may be experienced by companies in the implementation of regulatory rules, while on the other hand, consumers may find it difficult to comprehend their legal rights and the measures of protection provided to them. In addition to this, law enforcement becomes less effective due to poor collaboration amongst regulatory bodies. This poses an opportunity for abuse as well as policies that can hurt consumers, especially those who have limited knowledge regarding information about the law.
There are several differences that can be noticed between the practices of regulating consumer protection in the area of online transactions in Indonesia, the European Union, and the USA. According to Law No. 8 of 1999 regarding Consumer Protection, basic consumers’ rights are provided in Article 4 of the law, while businesses’ responsibilities are mentioned in Article 7. Article 8 states that it is illegal to sell non-conformable products to clients, while according to Article 18, unfair standard terms should not be used during trading. Concerning the area of electronic transactions, the Indonesian legal system provides for Law No. 11 of 2008 on the Information and Electronic Transactions (as amended by Law No. 1 of 2024), where consumers’ interests are regulated in Article 28(1). According to this provision, it is illegal to spread misleading information that may cause any damage to consumers. Moreover, there is another legislative regulation that concerns the security of personal data, including obtaining consent for data processing and protecting personal data.
After going through Regulation of the Government of Indonesia No. 17 of 2025, one can only come to one conclusion: that is, children belong to a vulnerable group requiring special treatment when dealing with digital systems. Additionally, it is made clear in the regulation that Private System Providers (PSEs) are charged with the task of ensuring the safety of young users when they are consumers of the digital system. They are supposed to ensure system security, keep the children safe from harmful material, and prevent exploitation of children through online transactions. Among other things, it is important to safeguard a child’s privacy since consent from parents is required before using their data. This is due to the fact that it requires adequate supervision in the digital world. It is important to note that Regulation of the Minister of Communications and Information Technology No. 9 of 2026 acts as the implementing regulation to safeguard consumer protection of child consumers through certain technical aspects, such as age verification, parental control, and provision of consumer information. The rationale behind the measures is that they seek to reduce the possibility of children making decisions that may not be rational. This form of consumer protection is unique to each particular industry. It has not been integrated within the general consumer protection laws, thus necessitating harmonisation.
In contrast to Indonesia, the European Union has developed a more comprehensive and integrated legal framework. Directive 2005/29/EC on Unfair Commercial Practices in Article 5 paragraph (3) explicitly recognises the existence of vulnerable consumers and prohibits commercial practices that exploit consumer vulnerabilities based on age, mental condition, or specific circumstances.[28] From the standpoint of the common group member, businesses can adequately determine the vulnerability of the consumer. This provision states that vulnerable consumers need more protection compared to that needed by an average consumer. As stated in Recital 19, vulnerabilities are very wide-ranging and multidimensional, especially with regard to the data-oriented nature of the digital environment. Vulnerabilities might be both situational and multidimensional in relation to data collection processes that take advantage of the personal and psychological nature of individual consumers. More specifically, there are certain categories of consumers, namely elderly people, minors, and people with physical and mental disabilities, that are more vulnerable to certain kinds of marketing approaches. Certain provisions of UCPD offer special protection to children by banning the direct solicitation aimed at encouraging purchases. Furthermore, the concept of gullibility refers to consumers who have more chances to believe certain claims and thus require special protection. Notwithstanding, the use of this provision adheres to the requirement of proportionality according to which businesses are liable only for foreseeable effects.[29]
This provision is further reinforced by Directive 2011/83/EU, known as the Consumer Rights Directive, which establishes the duty of business actors to deliver information that is clear, accurate, and transparent before the conclusion of a contract, particularly in the context of дистанce and digital transactions.[30] Moreover, the General Data Protection Regulation (Regulation (EU) 2016/679) establishes a comprehensive framework for the protection of personal data. Under Article 8, the processing of children’s personal data in information society services must be based on the consent of a parent or legal guardian.[31] As such, the EU not only recognises the existence of vulnerable consumers normatively but also integrates protections for them into various areas of law, including commercial practices, contract transparency, and data protection.
In contrast, the United States adopts a more sector-specific approach in protecting vulnerable consumers, particularly children. This can be seen in the Children’s Online Privacy Protection Act (COPPA), codified at 15 U.S.C. §§ 6501–6506, which regulates the collection and use of children’s personal data in the online environment. [32] and implemented through the COPPA Rule (16 CFR Part 312).[33] This regulation requires digital service providers to secure verifiable parental consent before collecting, using, or disclosing the personal data of children under the age of 13. In addition, COPPA regulates privacy policy transparency obligations and restrictions on the collection of irrelevant or excessive data. While it does not generally govern all categories of vulnerable consumers, this sectoral approach provides strong, specific protections for groups of children in the digital environment.
The Indonesian protection system is broad and normative; however, it is not well-matched with the requirements of vulnerable consumers. On the other hand, the European Union has created a complete system focused on addressing issues related to vulnerable consumers through various legal means. In the United States, there is a sectoral approach, where particular individuals are safeguarded by relevant legislation. Such disparities point to the importance of improving the Indonesian legal system in terms of protecting vulnerable customers.
The protection of vulnerable consumers in the case of Indonesia’s digital transactions is still ineffective due to the inadequacy of the legal regime that regulates digital transactions. The inadequacy stems from the vague provisions of the legal regime, which cannot be used to address the problems experienced by vulnerable consumers in Indonesia because the level of their vulnerability differs. For instance, Law No. 8 of 1999 on Consumer Protection has not been updated to include the provisions that define vulnerable consumers and specify the procedures required for their protection. In addition, there is no sufficient regulation related to vulnerable consumers in the Law on Information and Electronic Transactions and the Personal Data Protection Law as well. All these regulations lead to discrepancies in the protection of vulnerable consumers during digital transactions when asymmetry in information and bargaining power between business entities and consumers becomes apparent. The fragmented nature of the legal regulation, which consists of scattered regulations located in various regulations that are poorly systematised, leads to the development of legal uncertainties and inefficiencies within the system of protection of vulnerable consumers. Moreover, the lack of mention of the existence of vulnerable consumers shows that the legal system has a formalist approach towards its operation and does not promote the concept of substantive law or welfare state protectionism. In other words, although vulnerable consumers who have a lower capacity of dealing with issues, such as minors, elderly people, and those with lower digital literacy, still run the risk of encountering problems, the law does not ensure their proper protection in the process. Therefore, legal reform in this area appears to be necessary. In particular, the amendments should include changes to the law on consumer protection with respect to defining vulnerable consumers (Article 1), providing for more rights of the consumer (Article 4), increasing responsibilities of business entities (Article 7), and developing new approaches to regulating standard clauses (Article 18). In addition, it would be appropriate to create a regulation aimed at protecting vulnerable consumers in digital transactions and ensuring harmony with the law on Information and Electronic Transactions and the Personal Data Protection Law. Through these efforts, it is expected that Indonesia can develop a consumer protection system that is more adaptive, inclusive, and effective in responding to the dynamics of the digital economy.
M. S. Siregar, B. Ananda, S. Yeremi, and P. Bonarja, “Analisis Dampak Hukum Perlindungan Konsumen dalam Perdagangan Online (Menelaah Dampak Perlindungan Hukum Terhadap Konsumen dalam Transaksi Online),” Al-Mikraj: Jurnal Studi Islam dan Humaniora, vol. 5, no. 1, 2024. [Online]. Available: https://ejournal.insuriponorogo.ac.id/index.php/almikraj/article/view/5411
L. A. Fathoni, N. K. Siddiq, and N. K. Wardani, “Perlindungan Hukum bagi Konsumen dalam Menghadapi Perkembangan Ekonomi Digital,” Journal of Fundamental Justice, vol. 7, no. 1, pp. 99–112, 2026, doi: 10.30812/fundamental.v7i1.6190.
B. Tamrin, “Analisis Hukum terhadap Perlindungan Konsumen dalam Transaksi Digital di Indonesia: Tinjauan Undang-Undang Nomor 8 Tahun 1999,” Jurnal Kolaboratif Sains, vol. 8, no. 6, 2025. [Online]. Available: https://jurnal.unismuhpalu.ac.id/index.php/JKS/article/view/7738
S. L. Poernomo, “Analisis Kepatuhan Regulasi Perlindungan Konsumen dalam E-Commerce di Indonesia,” UNES Law Review, vol. 6, no. 1, 2023. [Online]. Available: https://www.review-unes.com/law/article/view/972
M. H. Wismabrata and A. Ika, “5 Fakta Ibu Dapat Tagihan ‘Game Online’ Rp 11 Juta, Anak Pakai Identitas Ayah hingga Curhat di Facebook,” Kompas.com, Jakarta, Indonesia, Nov. 4, 2021. [Online]. Available: https://regional.kompas.com/read/2019/04/11/13120271/5-fakta-ibu-dapat-tagihan-game-online-rp-11-juta-anak-pakai-identitas-ayah?page=all. Accessed: Mar. 3, 2026.
Kumparan News, “Lansia di Jaksel Kena Tipu Rp 1,2 Miliar, Pelaku Ngaku Petugas BPJS dan Polisi,” Kumparan News, Jakarta, Indonesia, Aug. 9, 2024. [Online]. Available: https://kumparan.com/kumparannews/lansia-di-jaksel-kena-tipu-rp-1-2-miliar-pelaku-ngaku-petugas-bpjs-dan-polisi-23TrAzB2koY. Accessed: Mar. 4, 2026.
Y. Prayuti, “Dinamika Perlindungan Hukum Konsumen di Era Digital: Analisis Hukum terhadap Praktik E-Commerce dan Perlindungan Data Konsumen di Indonesia,” Jurnal Interpretasi Hukum, vol. 5, no. 1, 2024. [Online]. Available: https://ejurnal.warmadewa.ac.id/index.php/juinhum/article/view/8482
Kementerian Komunikasi dan Digital Republik Indonesia, “PP TUNAS Berlaku, Platform Wajib Batasi Akses Anak,” Jakarta, Indonesia, Mar. 28, 2026. [Online]. Available: https://www.komdigi.go.id/berita/siaran-pers/detail/pp-tunas-berlaku-platform-wajib-batasi-akses-anak
H. A. Mau, “Consumer Legal Protection in the Digital Era: Indonesia and the European Union,” SASI, vol. 31, no. 4, pp. 326–343, Dec. 2025, doi: 10.47268/sasi.v31i4.2802.
D. Yuanitasari and R. Darodjat, “Protection of Vulnerable Consumers in the Perspective of Economic Law and Sustainable Development,” Jurnal Poros Hukum Padjadjaran, vol. 7, no. 1, pp. 15–35, Nov. 2025, doi: 10.23920/jphp.v7i1.2479.
M. Syarif et al., Metode-Metode Penelitian Hukum. Padang, Indonesia: Get Press Indonesia, 2024. [Online]. Available: https://www.researchgate.net/profile/Mohamad-Hidayat-Muhtar/publication/381460823_METODE_PENELITIAN_HUKUM/links/666e76f8de777205a32ff37b/METODE-PENELITIAN-HUKUM.pdf
H. Kristiawanto, Pengantar Mudah Memahami Metode Penelitian Hukum, 1st ed. Klaten, Indonesia: PT Nas Media Indonesia, 2024. [Online]. Available: https://books.google.com/books?hl=en&id=zzsmEQAAQBAJ
M. Kamal and H. Djanggih, Metode Penelitian Hukum: Pengantar Mahasiswa S1, S2 & S3. Klaten, Indonesia: PT Nas Media Indonesia, 2026. [Online]. Available: https://books.google.com/books?hl=en&id=Ks2nEQAAQBAJ
B. Juliardi et al., Metode Penelitian Hukum. Padang, Indonesia: CV. Gita Lentera, 2023. [Online]. Available: https://books.google.com/books?hl=en&id=vyXbEAAAQBAJ
M. I. Mansiz, M. A. L. Wawen, Z. A. Putra, and H. Citra, “Dinamika Perlindungan Konsumen: Tantangan dan Strategi Resolusi di Indonesia,” Jurnal Kajian Hukum dan Pendidikan Kewarganegaraan, vol. 1, no. 1, 2024. [Online]. Available: http://jurnal.globalscients.com/index.php/jkhpk/article/view/117
M. F. Nasution, Y. Purba, J. A. S. Silalahi, and V. L. Purba, “Perlindungan Hukum bagi Konsumen dalam Transaksi E-Commerce Berdasarkan Undang-Undang Perlindungan Konsumen,” PESHUM: Jurnal Pendidikan Sosial dan Humaniora, vol. 4, no. 2, 2025. [Online]. Available: https://al-haramjournal.id/index.php/PESHUM/article/view/7481
K. W. Tamaela and R. A. Solichin, “Perlindungan Hukum terhadap Konsumen dalam Kegiatan Transaksi Elektronik (E-Commerce): Perspektif Undang-Undang Perlindungan Konsumen,” Humaniorum, vol. 3, no. 3, 2025. [Online]. Available: https://journal.elena.co.id/index.php/humaniorum/article/view/112
H. Azrica and S. M. Sulubara, “Legalitas Transaksi E-Commerce dalam Platform Shopee Ditinjau dalam Kitab Undang-Undang Hukum Perdata (Burgerlijk Wetboek), Undang-Undang Nomor 8 Tahun 1999 tentang Perlindungan Konsumen dan Perspektif Fiqih Muamalah,” Hakim: Jurnal Ilmu Hukum dan Sosial, vol. 1, no. 3, 2023. [Online]. Available: https://journal.stekom.ac.id/index.php/Hakim/article/view/1305
S. Yulianingsih and R. K. Putra, “Analisis Yuridis tentang Perlindungan Konsumen pada E-Commerce di Indonesia: Pendekatan Yuridis-Normatif,” Hakim: Jurnal Ilmu Hukum dan Sosial, vol. 2, no. 4, 2024. [Online]. Available: https://journal.stekom.ac.id/index.php/Hakim/article/view/2204
M. A. Muhtadi and Sahrul, “Hukum Perlindungan Konsumen dan Etika Bisnis di Era Teknologi Kecerdasan Buatan: Perlindungan Pengguna dan Tanggung Jawab Perusahaan,” Jurnal Hukum dan HAM Wara Sains, vol. 2, no. 9, 2023. [Online]. Available: https://pdfs.semanticscholar.org/5b7b/800f7c1c8e0b8fecf9c37fe721c445b06a28.pdf
N. F. Rijali, “Evolusi Perilaku Konsumen di Era Digital dan Implikasinya terhadap Daya Beli Masyarakat,” RIGGS: Jurnal Artificial Intelligence dan Digital Business, vol. 4, no. 3, pp. 1381–1391, Aug. 2025, doi: 10.31004/riggs.v4i3.2167.
J. M. Januarilla and R. Wulansari, “Perlindungan Hukum Bagi Konsumen atas Pelanggaran Hak Informasi Penjualan Produk di Gerai Donat J.CO Indonesia,” Prosiding Seminar Hukum Aktual, vol. 5, no. 2, Jun. 2014, doi: 10.35968/jh.v5i2.110.
H. R. Nasution and A. Harris, “Kedudukan Konsumen dalam Hubungan Hukum dengan Pelaku Usaha di Indonesia,” Locus Journal of Academic Literature Review, vol. 4, no. 6, pp. 470–484, 2025, doi: 10.56128/ljoalr.v4i6.572.
I. W. Ariawan, N. P. R. Yuliartini, and S. N. Ardhya, “Implementasi Ketentuan Pasal 8 Ayat (1) Undang-Undang Nomor 8 Tahun 1999 tentang Perlindungan Konsumen Terkait Pencantuman Label pada Produk Minuman Beralkohol Khas Bali di Kabupaten Buleleng,” Jurnal Komunitas Yustisia Universitas Pendidikan Ganesha, vol. 4, no. 1, 2021.
R. Priambodo and I. Triadi, “Penguatan Perlindungan Konsumen yang Inklusif: Upaya Mewujudkan Akses dan Keadilan Bagi Konsumen Rentan,” Judge: Jurnal Hukum, vol. 6, no. 5, pp. 1422–1432, 2025, doi: 10.54209/judge.v6i05.1893.
P. M. Hadjon, Perlindungan Hukum Bagi Masyarakat di Indonesia, 1st ed. Yogyakarta, Indonesia: Bina Ilmu, 1987.
S. K. Usup and T. Rahardiansyah, “Perlindungan Hukum Terhadap Konsumen dalam Transaksi Jual Beli Online,” Causa: Jurnal Hukum dan Kewarganegaraan, vol. 15, no. 2, pp. 1–8, 2025, doi: 10.3783/causa.v2i9.2461.
European Union, Directive 2005/29/EC of the European Parliament and of the Council Concerning Unfair Business-to-Consumer Commercial Practices in the Internal Market. Brussels, Belgium: European Union, 2005.
European Commission, Commission Notice: Guidance on the Interpretation and Application of Directive 2005/29/EC of the European Parliament and of the Council Concerning Unfair Business-to-Consumer Commercial Practices in the Internal Market. Brussels, Belgium: European Union, 2021. [Online]. Available: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:52021XC1229(05)
European Parliament and Council of the European Union, Consumer Rights Directive (2011/83/EU). Brussels, Belgium: European Union, 2011. [Online]. Available: https://webgate.ec.europa.eu/e-justice/639/EN/consumer_rights_directive_201183
European Union, Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation). Brussels, Belgium: European Union, 2016. [Online]. Available: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679
United States Congress, Commerce and Trade, Title 15, U.S. Code. Washington, DC, USA: U.S. Government Publishing Office, 2024. [Online]. Available: https://www.govinfo.gov/content/pkg/USCODE-2024-title15/pdf/USCODE-2024-title15-chap91-sec6501.pdf
Code of Federal Regulations, Children’s Online Privacy Protection Rule (COPPA Rule), 16 C.F.R. Part 312. Washington, DC, USA, 2024. [Online]. Available: https://www.ecfr.gov/current/title-16/chapter-I/subchapter-C/part-312