Vol. 4 No. 4 (2025): MARCH

The rapid growth of digital transactions in Indonesia has driven the expansion of major e-commerce platforms such as Shopee and Tokopedia. However, this growth also raises significant concerns regarding the security and privacy of user data. This study aims to examine and compare the data security policies implemented by these two platforms and assess their effectiveness in protecting personal data in accordance with national regulations, including the Indonesian Personal Data Protection Law (PDP Law) and the Electronic Information and Transactions Law (ITE Law). This research adopts a qualitative descriptive method with a case study approach. Data were collected through document analysis of privacy policies, security incident reports, and relevant literature. The findings reveal that although both platforms have applied security features such as two-factor authentication and data encryption, there remain gaps in policy execution and a lack of transparency in communicating risks to users, particularly highlighted by the 2020 Tokopedia data breach. This study recommends strengthening user data protection through better regulatory compliance and increased user privacy awareness. The results provide valuable insights for app developers and policymakers to develop more proactive and inclusive digital security frameworks.