PROTECTION OF CHILDREN’S PERSONAL DATA IN THE DIGITAL WORLD BASED ON NATIONAL AND INTERNATIONAL LEGAL FRAMEWORK

The crime of children’s data in the digital world is one of the causes of the rampant crime of bullying, fraud, theft, sexual harassment, exploitation and abduction which leads to the trafficking of people who make children victims. The method used in this paper is a juridical-normative comparative legal research method. The result shows that the Convention on the Rights of Child Convention 1989 (CORC) does not regulate the personal data in the digital world comprehensively. So far, countries in the world, including Indonesia, have only relied on the international legal framework. It is recommended, including international guidelines issued by several international organizations such as the Organization for Economic Co-operation and Development (OECD), Asia Pacific Economic Cooperation (APEC), and the International Telecommunication Union regarding the guidelines for parents and children in 2016. Indonesia already has a set of legal rules that are used as a basis for protecting children’s rights in the digital world. Based on these rules, the protection of children’s data in the digital world is included in the private and criminal domain. These Legal Frameworks show that the government is passive in protecting children’s data in the digital world because the responsibility of child safety and security when online is still focused on the parents or guardians of the child.


A. Introduction
Information technology is all things related to the process, use, as a tool, manipulation, and management of information. At the same time, communication technology is all things related to the use of tools to process and transfer data from one device to another. 1 At present, the technology can be used by adults and children not only for means of entertainment or communication but also used as a forum for expressing opinions, inspiration and online learning media. In addition to offering many benefits, technology also harms children. Based on Law No. 35 of 2015 concerning Child Protection and The Convention on Rights of Child 1989, is meant by children is every person under the age of 18. In the past ten years, crimes against children committed using the internet have increased, every one of these crimes can occur in homes, schools, orphanages, public facilities, roads, workplaces, even in prisons. 2 Based on reports from UNICEF in 2017, there were 5 (five) million profiles and children's accounts stolen using internet-based theft. According to Javelin Strategy & Research in 2017, more than one million children in the United States who were victims of identity theft caused losses of $ 2.6 billion (two billion six hundred million dollars). 3 European countries also experienced losses due to personal data stolen or misused by other parties in 2017 which reached 1.37 billion data lost or stolen. 4 The increase in the number of crimes against children is closely related to the high use of gadgets connected to the internet by children. The data in Table 1 shows that currently, children aged 5 (five) to 18 (eighteen) years are used to gadgets and the internet. Therefore, parents and the government must be more careful in safeguarding the safety and security of children. Currently, children use technology in the form of applications to connect, play, and as a learning tool. It also shows that children are more active using digital device lately. At present, the personal data of children in the digital world is very vulnerable to abuse.
For some parties, children's data is more valuable than adult data. Child identity can be used by "anonymous" 5 for various kinds of things. One of them is used to create an identity or fake credit card account. 6 When there are parties who use fake credit card accounts in the name of children, automatically the child or parent or guardian will be forced to pay fake credit bills on behalf of the child even though the credit is used by someone else. As for other consequences, when adults grow up, children cannot use their identity to create a credit card account because the child's data has been blocked or has a poor track record. The occurrence of fraud and extortion on behalf of the child occurred in 2018 in the United States, which caused a total loss of $ 540,000,000 (five hundred forty million dollars). 7 The protection of personal data and children's privacy actually has been affirmed at the 1989 Convention on Rights of the Child which is a follow-up to the Universal Declaration of Human Rights which has proclaimed and agreed that everyone has the right to all rights and freedoms expressed therein, without discrimination, based on race, skin colour, gender, language, religion, political views or other opinions, national and social origin, wealth, birth or different position. In addition to child conventions, international organizations have also made guidelines regarding the protection of children's data in the digital world such as the Organization for Economic Co-operation and Development ( https://www.itgovernance.eu/blog/en/more-data-lost-or-stolen-in-2017-than-all-of-2016-but-europe-bucks-the-trend, accessed on 28 Juli 2018 5 Anonymous is someone who can not be identified because it uses a name that is not his real name.  of Restitution for Children Who Become Victims of Crime as a repressive effort and also as a rehabilitation effort for children who have been victims of crimes of sexual or economic exploitation, pornography, kidnapping, sales, and/or trafficking, physical violence and sexual crimes. The use of technology that is universal and borderless can make the crime of child personal data in the digital world into a crime across national borders where perpetrators and victims of crime are under the jurisdiction of different countries. Moreover, currently, the problem of misuse of personal data and violations of children's privacy in the digital world has become a global problem experienced by countries in the world, including Indonesia. Therefore harmonization between International and National legal framework is needed to strengthen the protection of children personal data in the digital world to prevent and also react to children's personal data crimes in Indonesia. Considering the impact and the nature of personal data crime which stated above, the authors are interested in discussing: How is the protection of children's data in the digital world based on International law? And how is the protection of children's personal data in the digital world based on National law?
This type of research used in writing this research is juridical-normative-comparative, which is legal research literature that examines a problem based on legal norms contained in international regulations and legislation and comparing between two groups or more than a certain variable to produce a conclusion. The method in data collection used library study technique method, namely by studying the provisions of the legislation, international guidelines, books, documentation, journals, and accessing data on the internet related to issues within the scope of international law and the scope of national law. Data analysis was carried out by outlining and giving the meaning of each data obtained into sentences that are detailed, orderly, effective, logical and not overlapping to facilitate the author in interpreting and analyzing the data which then concludes response to the problems contained in this paper.

Child Protection Term Relating to Children's Personal Data in the Digital World According to International and National Legal Framework.
The protection of personal data and privacy of children according to international law has been limited to the Convention on Rights of the Child 1989, which is a follow-up to the Universal Declaration of Human Rights which has proclaimed and agreed that everyone has the right to all the rights and freedoms stated therein. Without discrimination, based on race, colour, gender, language, religion, political views or other opinions, national and social origin, wealth, birth or other position. In addition to child conventions, international organizations have also made guidelines regarding the protection of children's data in the digital world such as the Organization for Economic Co-operation and Development ( The reason the author chose and discussed the international guidelines Convention in this paper was due to the link between Indonesia and these international Legal Frameworks. The connection began with the enactment of the Convention on Rights of the Child in 1989 through Presidential Decree No. 36 of 1990 concerning the Enactment of the Convention on Rights of the Child 1989. Furthermore, Indonesia has also become a member of the OECD based on Presidential Decree Number 1 of 2012 concerning Determination of Indonesian Membership in the Development Center-Organization for Economic Co-operation and Development. In addition, Indonesia has been a member of APEC since 1989 but has not been recorded in the Laws and regulations of Setkab. Even though it is not listed in the statutory record, Indonesia remains a member state in APEC. Furthermore, Indonesia has also ratified Law Number 10 of 1969 concerning the Convention on International Telecommunication Union in Montreux 1965 as the legal basis for Indonesian membership in the ITU. As a consequence of the enactment of the regulation, Indonesia must consider every recommendation given by ITU to build a good telecommunications system.

a. Protection of Children's Personal Data in the Digital World According to International Legal Frameworks
To make it easier for readers to know the focus of the discussion of each international guideline, the authors will describe the differences in the scope and substance of each international guidelines and international conventions using matrix one on page 7. Matrix 1. explains the focus and substance of each international term has a different focus and substance but has the same goal of creating a childfriendly system in the form of ensuring the security and integrity of children's personal data in the digital world. These Legal Frameworks do not discuss technically and deeply about the implementation of procedures that must be taken by each country. According to the author, the reason is the difference in culture and interests of each country. So that international Legal Framework often only regulate the outline. As for the technical implementation, it is returned to each country.  This guideline discusses the principles of protecting children's data in the digital world that must be the basis or consideration of the state in establishing and implementing its legal system in the field of child protection when online.
 These guidelines discuss more the strategies that must be taken by the government in creating a child protection system in the digital world between countries. ;

 This
Convention does not mention the protection of personal data. However, it still guarantees its protection as part of the privacy of children.

Analysis b. Protection of Children's Personal Data in the Digital World Based on National Law
The Can submit a request for restitution as regulated in Government Regulation Number 43 of 2017 concerning the Implementation of Restitution for Children Who Become Victims of Crime as an effort to return the rights of children who have become victims of crime, because restitution is not automatically given to children who are victims of the intended crime in Government Regulation Number 43 of 2017 concerning the Implementation of Restitution for Children Who Become Victims of Crime.

Comparison Between International and National Legal Framework Concerning The Protection of Children's Personal Data in the Digital World
Child protection is an act of prevention and prevention of acts of violence, exploitation, and abuse of children. 8 The purpose of child protection is to ensure the fulfilment of children's rights, to be able to live, grow, develop and participate optimally by human nature and dignity, and get protection from violence and discrimination for the realization of quality, noble and prosperous Indonesian children. 9 This goal cannot be realized without cooperation between parents or guardians, the government and the organizers of electronic systems in maintaining the safety of children when online.
One of the preventive measures that can be taken by the government is by making a set of rules relating to child protection by combining and harmonizing national Legal Framework with the International Guidelines issued by international organizations. The need to combine national and international Legal Framework is due to the current national Legal Framework that is still weak in terms of regulating the protection of children's personal data in the digital world when compared to the International guidelines previously described. If we compare the existing International Guidelines in the protection of children's personal data in the digital world, the protection of personal data of children referring to international guidelines is mostly in the hands of the Government. The government should be active in protecting children's personal data in the digital world by collaborating between countries and managing electronic systems. The government is also required to monitor and ensure that providers of electronic systems to carry out their activities in accordance with applicable regulations such as: a. Protection of children aged less than 18 years; b. Protection of children's personal data in the digital world; c. Data Category Included As Child's Personal Data; d. Types of Child Personal Data Crimes in the digital world; e. Efforts to rehabilitate and fulfil the rights of child victims of child personal data crime in the digital world; f. Prohibition and/or sanction of crimes against children's personal data in the digital world.
In Indonesia, based on Article 26 of Law Number 11 of 2008 concerning Information and Electronic Transaction that has been Updated by Law Number 19 of 2016 concerning Amendments to Law Number 11 Of 2008, the state is passive because it cannot immediately conduct an investigation or investigation of the case. After all, the state does not have an obligation to do so if there are no reports or complaints from people who feel disadvantaged. 10 Other evidence that shows that the state is passive in protecting child victims of personal data crime which leads to criminal acts of exploitation, pornography, physical violence, and psychology lies in the efforts of restitution given to children who are victims.
According to Article 4 of Government Regulation Number 43 of 2017 concerning the Implementation of Restitution for Children Who Become Victims of Criminal Acts stating that the victim submits restitution efforts to investigators and public prosecutors before the court issues the decision. Furthermore, the request for restitution can also be rejected and returned to the applicant if the investigator or prosecutor feels that the file still needs to be completed. This indicates that restitution efforts can occur only if the victim submits a request for restitution to investigators and prosecutors. Because in the Child Protection Law and ITE, sanctions given to perpetrators of crime are criminal sanctions and fines. Unlike restitution, the amount of money paid to fulfil a penalty will go to the state treasury rather than be paid to the victim. 11 Based on these provisions, then if there is no application for restitution submitted by the victim, the state may provide or not provide restitution to the victim.
Furthermore determined the definition of personal data, this rule only determines the definition of personal data broadly and does not specify the type of personal data that may and may not be collected, stored and processed by other parties.

C. Conclusion
Based on the results of the research, the author has described in the previous chapter. The conclusions of this paper are the protection of children's data based on the international legal framework is constituted in Convention on The Rights of The Child 1989. It mandates participating countries to play an active role in respecting and fulfilling children's rights by creating a child protection system that is adjusted to the state of culture and politics in each country. OECD Council Recommendation on The Protection of Children Online 2012 recommends that all stakeholders have an awareness to protect children when online. Coordination between stakeholders is also needed in accordance with their respective roles. The government must also carry out international cooperation in a provision, and implementation is very important in the success of protecting children when online and minimizing the risks that exist.
The APEC Privacy Framework also recommends cooperation between countries in terms of protecting children's personal data from the start of sending to managing the data. When protection in terms of technical delivery and management has been carried out, parents, guardians, teaching staff and children must understand the roles and functions of the technology they use every day. ITU has also provided guidance to children, parents, guardians and teaching staff related to the protection of children's personal data in the digital world through the ITU Guidelines for Parents, Guardians, and Educators on Child Online and the ITU Guidelines for Children on Child Online.
Indonesia has a set of legal rules which are used as a basis in protecting children's rights in the digital world, including Law Number 23  Based on these rules, the protection of children's personal data in the digital world is included in the private and criminal domain. Furthermore, children who have become victims of the crime of child personal data in the digital world that lead to exploitation, and crimes intended in Government Regulation Number 43 of 2017 concerning the Implementation of Restitution for Children Who Become Victims of Crime, are not automatically given restitution in an effort rehabilitation to children. These provisions indicate that the government is passive in protecting children's personal data in the digital world because the responsibility of child safety and security when online is still focused on the parents or guardians of the child.