This article aims to assess the protection carried out by airlines for airplane passengers if they failed to protect their personal data. Methode used in this article is a sociological or empirical legal research method named descriptive, and the approach research used a qualitative approach that produces descriptive data. In this case of laws used source of invitation primary legal materials and secondary legal materials by means of literature studies and interviews. Data analysis technique used is qualitative analysis with qualitative methods. This law written to shows that apart from the existence of legal responsibility as well as ethical responsibility which aims to retain consumers, by revising the contents of the work agreement between Malindo Air and GoQuo. Malindo Air itself manages all consumer passwords automatically and urges consumers to change the password used for Malindo Miles. Malindo Air and GoQuo also reported 2 (two) former GoQuo employees who have distributed Malindo Air passanger personal data.

Key words: personal data; flight protection measures; Malindo Air

Buku
Aurelia Tamo-Larrieux. 2018. Designing for Privacy and its Legal Framework. Data Protection by Design and Default for the Internet of Things. Zurich: Springer.

G.K. Martono dan Agus Pramono. 2013. Hukum Udara Perdata Internasional dan Nasional. Jakarta: PT. RajaGrafindo Persada.

Robert Curley. 2012. Issues in Cyberspace From Privacy to Piracy. Britain: Britannica Educational Publishing ( a trademark of Encyclopedia Britannica, Inc.).

Sebastien Ziegler. 2019. Internet of Thing Security and Data Protection. Geneva: Springer Nature.

Soerjono Soekanto dan Sri Mamudji. 2010. Pengantar Penelitian Hukum. Jakarta: UI-Press.

Jurnal
Ciro Cattuto dan Alessandro Spina. 2020. “The Institutionalisation of Digital Public Health: Lessons Learned from the COVID-19 App”.European Journal of Risk Regulation. Vol. 11. Issue 2. Cambridge:Cambridge University Press.

Dawid Zadura. 2017. “Importance of Personal Data Protection Law for Commercial Air Transport”. Transaction on Aerospace Research.Issue 1. Warsaawa: Lukasiewicz Institute of Aviation.

Dian Purnama Anugerah dan Masitoh Indriani. 2018. “Data Protection in Financial Technology Services: Indonesia Legal Perspective”. Sriwijaya Law Review. Vol. 2. No. 1. Palembang: FH Sriwijaya University.

Federico Fabbrini dan Edoardo Celeste. 2020. “The Right to be forgotten in the digital age: the challenges of data protection beyond borders”. German Law Journal. Vol. 21. Issue S1. Frankfurt: Goethe Univeristy.

Giorgia Bincoletto. 2020. “Data Protection Issues in Cross-border Interoperability of Electronic Health Record Systems Within the European Union”. Data & Policy. Vol. 2. Hlm. e3. Cambridge: Cambridge University Press.

Janis Wong. 2020. “The ‘Personal’ in personal data: who is responsible for our data and how do we get it back?”. Legal Information Management. Vol. 20. Issue 2. Cambridge: Cambridge University Press.

Jiahong Chen et.al. 2020. “Who is Responsible for Data Processing in Smart Homes? Reconsidering Joint Controllership and the Houshold Exemption”. International Data Privacy Law. Vol. 0. No. 0. Oxford: Oxford University Press.

Irene Pollach. “Online Privacy as a Corporate Social Responsibility: an Empirical Study”. Business Ethics: A European Review. Vol. 20. No.1. New Jersey: Wiley

Micah Altman et.al. “Practical Approaches to Big Data Privacy Over Time”. International Data Privacy Law. Vol. 8. No. 1. Oxford: Oxford University Press.

Muhammad Saiful Rizal. 2019. “Perbandingan Perlindungan Data Pribadi Indonesia dan Malaysia”. Jurnal Cakrawala Hukum. Vol. 10. No. 2. Malang: Universitas Merdeka.

Orlay Lynskey. 2020. “Delivering Data Protection: The Next Chapter”. German Law Journal. Vol. 21. Issue. 1. Hlm. 80. Frankfurt: Goethe Univeristy.

Ricard Kemp. 2014. “Legal Aspects of Managing Data”. Computer Law & Security Review. Vol. 3. Issue 5. United Kingdom: Elsevier Ltd.

Ridha Aditya Nugraha. 2018. “Perlindungan Data Pribadi dan Privasi Penumpang Maskapai Penerbangan pada Era Big Data”. Mimbar Hukum. Vol. 30. No. 2. Hlm. 262. Yogyakarta: FH Universitas Gajah Mada.

Ruth V. Aguilera et.al. 2007. “Putting the S Back in Corporate Social Responsibility: a Multilevel Theory of Social Change in Organizations”. Academy of Management Review. Vol. 32. No. 3. New York: Academy of Management.

Rudi Natamiharja. 2018. “A Case Study on Facebook Data Theft in Indonesia”. Fiat Justicia. Vol. 12. No. 3. Lampung: FH Universitas Lampung.

Sinta Dewi Rosadi dan Garry Gumelar Pratama. 2018. “Perlindungan Privasi dan Data Pribadi dalam Era Ekonomi Digital di Indonesia”. Veritas Et Justitia. Vol.4. No. 1. Hlm. 88. Bandung: FH Universitas Parahyangan.

Sinta Dewi Rosadi. 2016. “Implikasi Penerapan Program E-Health Dihubungkan dengan Perlindungan Data Pribadi”. Arena Hukum. Vol.9. No. 3. Malang: FH Universitas Brawijaya.

. 2016. “Konsep Perlindungan Hukum atas Privasi dan Data Pribadi Dikaitkan dengan Penggunaan Cloud Computing di Indonesia”. Yustisia. Vol. 5. No. 1. Surakarta: FH Universitas Sebelas Maret.

. 2018. “Protecting Privacy on Personal Data in Digital Economic Era : Legal Framework in Indonesia”. Brawijaya Law Journal. Vol. 5. No. 1. Hlm. 143. Malang: FH Universitas Brawijaya.

Siti Yuniarti. 2019. “Perlindungan Hukum Data Pribadi di Indonesia”.Jurnal BECOSS. Vol. 1. No. 1. Jakarta: Universitas Bina Nusantara.

Urs Gasser. 2016. “Law, Privacy & Technology Commentary Series.Recoding Privacy Law: Reflections on the Future Relationship among

Law, Technology”, and Privacy. Harvard Law Review Forum. Vol.130. No. 2. Harvard: The Harvard Law Review Association.

Vivian Reding. 2012. “The European Data Protection Framework for the Twenty-First Century. International data privacy law”. Vol. 2. No. 3. Oxford: Oxford University Press.

Artikel Ilmiah
Daniar Supriyadi. 2017. Personal and Non-Personal Data in the Context of Big Data [Thesis]. Tilburg (NL): Tilburg University.

Peraturan Perundang-Undangan Kitab Undang-Undang Hukum Perdata

Undang-Undang Nomor 9 Tahun 1999 tentang Perlindungan Konsumen

Undang-Undang Nomor 24 Tahun 2013 tentang Perubahan Atas UndangUndang
Nomor 23 Tahun 2006 Tentang Administrasi Kependudukan
Undang-Undang Nomor 19 Tahun 2016 tentang Perubahan Atas Undang-Undang

Nomor 11 Tahun 2008 tentang Informasi dan Tranksaksi Elektronik

Peraturan Pemerintah Nomor 82 Tahun 2012 tentang Penyelenggaraan Sistem dan Transaksi Elektronik

Peraturan Menteri Komunikasi dan Informatika Nomor 20 Tahun 2016 tentang Perlindungan Data Pribadi dalam Sistem Informatika

Pustaka Maya
https://tekno.kompas.com/read/2019/09/24/15040007/data-jutaan penumpang-bocor-malindo-air-salahkan-dua-mantan-pegawai, diakes pada 23 September 2020, Pukul 20.57 WIB

https://tekno.kompas.com/read/2019/09/24/15040007/data-jutaanpenumpang-bocor-malindo-air-salahkan-dua-mantan-pegawai,

diakes pada 23 September 2020, Pukul 20.57 WIB
https://ec.europa.eu/info/law/law-topic/data-protection/reform/rulesbusiness-and-organisations/obligations/controller-processor/whatdata-controller-or-data-processor_en,

diakses pada 24 September 2020, Pukul 22.44 WIB

Hasil Wawancara
Danang Mandala Prihantoro. 2020. Interview. “Kasus Terungkapnya Data Penumpang Malindo Air”.