Unlike Law Number 27 of 2022 Concerning Personal Data Protection, the ITE Law does not stipulate criminal penalties for people who distribute personal data without the consent of the owner of the personal data. Misuse of personal data is an act that fulfills the elements of a criminal act such as the elements of the crime of theft and elements of the crime of fraud and other crimes both in terms of objective elements and subjective elements. With the fulfillment of these elements, administrative sanctions, civil sanctions and criminal sanctions are not sufficient to accommodate the criminal act of misusing personal data which is actually a perfect form of crime. Article 67 of Law Number 27 of 2022 Concerning Personal Data Protection outlines criminal threats for violating what has been regulated in Article 65. Meanwhile, the ITE Law does not regulate criminal responsibility for people who disseminate personal data, unless it is followed by a violation of decency, gambling, insulting or defaming as well as extortion and threats.