Danny Rafael Manurung, the petitioner, attends the pronouncement hearing of the judicial review of Law No. 27 of 2022 on Personal Data Protection, Wednesday (29/04), at the Constitutional Court’s courtroom. Photo: MKRI Public Relations/Ifa.

---

JAKARTA, MKRI – The Constitutional Court (Mahkamah Konstitusi/MK) has declared inadmissible Petition No. 102/PUU-XXIV/2026, which sought a judicial review of Article 20 paragraph (2) letter f of Law No. 27 of 2022 on Personal Data Protection (PDP Law). The Court found that the petitioner failed to clearly demonstrate the alleged conflict between the contested provision and the 1945 Constitution.

“Upon closer examination of the petition’s arguments (posita), there is no clear and adequate legal reasoning explaining the contradiction between the challenged norm and the constitutional provisions invoked,” Deputy Chief Justice Saldi Isra stated while reading the Court’s legal considerations in Decision No. 102/PUU-XXIV/2026 on Wednesday (29 April 2026) at the Court’s plenary chamber in Jakarta.

Saldi added that the petitioner did not provide sufficiently detailed or persuasive arguments to justify why Article 20 paragraph (2) letter f of the PDP Law should be interpreted as requested in the petition. Instead, much of the submission merely repeated assertions related to legal standing.

“The absence of adequate elaboration prevents the Court from assessing any constitutional inconsistency between the challenged norm and the provisions of the 1945 Constitution,” he said.

Also read:
Petitioner Challenges Consent Exception in Personal Data Processing
Student Challenges Consent Exception in Personal Data Processing

The petition was filed by university student Danny Rafael Manurung, who argued for clearer legal grounds and measurable parameters governing the processing of personal data without the data subject’s consent.

He contended that the provision allowing such processing creates legal uncertainty by granting overly broad interpretive discretion to data controllers, particularly through the phrase “other legitimate interests.” According to the petitioner, this phrase constitutes an open-ended clause lacking a definitive scope, objective criteria, and predictable standards for data subjects.

The petitioner further argued that such ambiguity runs counter to the principle of legal certainty (lex certa), as affirmed in prior Constitutional Court rulings. As a result, data subjects risk losing control over their personal data, potentially undermining their constitutional right to personal protection.

He also highlighted the absence of an effectively functioning independent data protection authority, as mandated by the PDP Law, leaving the provision without adequate institutional oversight. In his view, the norm therefore fails to meet constitutional standards for limiting rights in a democratic society, particularly the requirements of legitimate aim, necessity, and proportionality under Article 28J paragraph (2) of the Constitution.

Despite these arguments, the Court ultimately concluded that the petition lacked sufficient legal reasoning to proceed.

 

Author: Mimi Kartika
Editor: Lulu Anjarsari P.
Public Relations: Raisa Ayuditha M.

Translator: SO

 

Full decision available at: Decision No. 102/PUU-XXIV/2026 (Bahasa Indonesia)

 

Disclaimer: The original version of the news is in Indonesian. In case of any differences between the English and the Indonesian versions, the Indonesian version will prevail.

---