The approach method used is normative juridical, namely a method in normative legal research using primary sources of secondary data or library materials. Secondary data in legal research is data obtained from the results of literature reviews or reviews of various literature or library materials related to research problems or materials. which are often called legal materials. Data collection methods through library research, document study, and using qualitative data analysis methods. The problem is analyzed using the theory of legal certainty and the theory of legal protection. The research results show that legal protection in e-commerce transactions needs to be carried out regarding data leaks because to ensure legal certainty and legal protection because personal data is privacy and Indonesian citizens who uphold the value of human rights, the importance of protection in e-commerce transactions needs to be carried out in relation to The main reason for data leaks is that they will provide legal certainty for business actors and consumers. Before the enactment of Law Number 27 of 2022 concerning Personal Data Protection, business actors still had doubts about implementing this personal data protection practice, because there was still no definite legal umbrella, and thirdly, the importance of protecting personal data would create legal certainty, namely the existence of clarity on general behavioral scenarios and binding on all parties in transactions via e-commerce platforms including the legal consequences and protection of personal data in e-commerce transactions is an important thing to do. This is because personal data provided by consumers to e-commerce businesses can be used for various purposes, both for legitimate interests and for crimes. As an effort to realize legal ideals in protecting personal data, Indonesian Positive Law has now provided legal certainty regarding the protection of personal data through Law no. 27 of 2022 concerning Personal Data Protection. Personal data included in e-commerce transactions is the responsibility of the marketplace. Ecommerce businesses need to implement good personal data protection practices, as well as provide clear information to consumers about how their personal data will be used. In this case, if there is a failure in protecting personal data, legal enforcement efforts can be taken. Provisions regarding legal witnesses for violators in personal data protection crimes are regulated in Article 67 of the Personal Data Protection Law

E-commerce; Personal; Protection.

Abdul Halim Barkatullah dan Teguh Prasetyo, 2005 (Bisnis E-Commerce:

Studi Sistem Keamanan dan Hukum di Indonesia), Yogyakarta: Pustaka Pelajar,

Sudikno Mertokusumo,2009, Penemuan Hukum, Citra Aditya Bakti, Bandung, hlm. 38.

Adrian Sutedi, 2008, Tanggung Jawab Produk Dalam Perlindungan

Konsumen, (Bogor : Ghalia Indonesia), hlm9

Almira Putri Aryani dan Liana Endah Susanti, “Pentingnya Perlindungan

Data Pribadi Konsumen dalam Transaksi Online pada Marketplace terhadap

Kepuasan Konsumen,” Jurnal Ahmad Dahlan Legal Perspective, 2.1 (2022), hlm.

–29

Lord Ester dan D, 2021, e-commerce, oxford university, hlm. 6.

Sudikno Mertokusumo,2009, Penemuan Hukum, Citra Aditya Bakti,

Bandung, hlm. 38.

Tia Deja Pohan, 2023, Perlindungan Hukum Data Pribadi Konsumen

Dalam Platform E Commerce, Jurnal Penelitian Bisnis Dan Manajemen, Vol.1,

No.3, hlm. 43.

Undang-Undang Nomor Republik Indonesia Nomor 27 Tahun 2022

Tentang Pelindungan Data Pribadi

Wahyudi Djafar dan Asep Komarudin, 2014, Perlindungan Hak Atas Privasi

di Internet-Beberapa Penjelasan Kunci, Elsam, Jakarta, hlm.