Tindak Pidana Akses Tanpa Hak Terhadap Komputer Dan/Atau Sistem Elektronik

Analisis Penerapan Pasal 30 jo. Pasal 46 UU ITE dan Pasal 55 KUHP

Language:

I. DASAR HUKUM

1. Undang-Undang Nomor 11 Tahun 2008 tentang Informasi dan Transaksi Elektronik (UU ITE)

• Pasal 30 ayat (1): “Setiap orang dengan sengaja dan tanpa hak atau melawan hukum mengakses komputer dan/atau sistem elektronik milik orang lain dengan cara apa pun.”
• Pasal 46 ayat (1): “Setiap orang yang memenuhi unsur sebagaimana dimaksud dalam Pasal 30 ayat (1) dipidana dengan pidana penjara paling lama 6 (enam) tahun dan/atau denda paling banyak Rp600.000.000,00.”

2. Kitab Undang-Undang Hukum Pidana (KUHP)

• Pasal 55 ayat (1) ke-1: “Mereka yang melakukan, yang menyuruh melakukan, atau turut serta melakukan perbuatan.”

3. Yurisprudensi Relevan:

• Putusan PN Tasikmalaya Tahun 2016
• Putusan PT Bandung Nomor 171/Pid.Sus/2016/PT.Bdg, tanggal 02 Agustus 2016
• Putusan MA Nomor 2279 K/Pid.Sus/2016, tanggal 27 Juli 2017

II. KRONOLOGI SINGKAT

Terdakwa merupakan staf administrasi di Bisnis Centre Sophie Paris Tasikmalaya. Ia memberikan username dan password milik rekan kerjanya kepada pihak lain (Ratih Sunartih) yang kemudian mengakses sistem internal perusahaan (applbc.sophieparis.com) dari warnet. Dengan bimbingan Terdakwa, Ratih membuat transaksi fiktif berdasarkan data stok barang kantor untuk memperoleh poin dan bonus dari pusat. Akibatnya, sistem perusahaan disalahgunakan untuk keuntungan pribadi.

III. ISU HUKUM

1. Apakah tindakan mengakses sistem elektronik milik perusahaan tanpa izin termasuk “akses tanpa hak” menurut UU ITE?
2. Apakah pemberian username dan password oleh orang dalam tetap dapat dikategorikan sebagai pelanggaran Pasal 30 UU ITE?
3. Bagaimana bentuk pertanggungjawaban pidana bagi pelaku utama dan pihak yang turut serta (Pasal 55 KUHP)?

IV. ANALISIS YURIDIS

1. Unsur “Tanpa Hak atau Melawan Hukum”

Tindakan Terdakwa memberikan kredensial login milik orang lain tanpa izin, serta membantu orang lain mengakses sistem elektronik perusahaan, jelas memenuhi unsur “tanpa hak”. Walau Terdakwa adalah pegawai, akses dilakukan di luar kewenangan, sehingga bersifat melawan hukum.

2. Unsur “Mengakses Komputer dan/atau Sistem Elektronik Milik Orang Lain”

Sistem yang diakses merupakan sistem internal perusahaan. Akses dilakukan melalui internet menggunakan identitas login orang lain, sehingga pelanggaran terhadap integritas sistem elektronik terbukti.

3. Kesengajaan dan Perbuatan Bersama (Pasal 55 KUHP)

Terdakwa secara sadar membimbing Ratih dalam proses login dan input transaksi fiktif, sehingga dianggap turut serta melakukan (medepleger). Unsur kesengajaan langsung (opzet) terpenuhi.

4. Kerugian dan Dampak

Meskipun UU ITE tidak mensyaratkan kerugian nyata, dalam perkara ini terdapat kerugian immateriil dan reputasional bagi perusahaan serta keuntungan tidak sah bagi pelaku. Unsur akibat terpenuhi.

V. OPINI HUKUM

1. Tindakan termasuk akses ilegal (unauthorized access) dan penyalahgunaan otoritas internal.
2. Penerapan sanksi pidana 4 bulan penjara bersifat proporsional dan sejalan dengan asas ultimum remedium.
3. Kasus ini menunjukkan pentingnya penguatan keamanan siber dan etika digital di lingkungan kerja.
4. Pertanggungjawaban pidana pelaku utama dan pihak yang turut serta bersifat kumulatif.

VI. KESIMPULAN

1. Perbuatan terdakwa melanggar Pasal 30 ayat (1) jo. Pasal 46 ayat (1) UU ITE.
2. Unsur “tanpa hak” terpenuhi karena akses dilakukan tanpa izin pemilik sistem.
3. Pertanggungjawaban pidana bersama berdasarkan Pasal 55 KUHP tepat diterapkan.
4. Putusan pengadilan tingkat pertama hingga Mahkamah Agung bersifat tepat dan proporsional.
5. Perkara ini menjadi preseden penting dalam penegakan hukum siber di Indonesia.

I. Legal Basis

This case is governed primarily by Law No. 11 of 2008 on Electronic Information and Transactions (ITE Law). Article 30 paragraph (1) criminalizes any intentional and unauthorized access to another person’s computer or electronic system, while Article 46 paragraph (1) provides a maximum penalty of six years’ imprisonment and/or a fine.

In addition, Article 55 paragraph (1) of the Indonesian Criminal Code establishes joint criminal liability for those who commit, order, or participate in the commission of a criminal act.

Relevant jurisprudence includes decisions of the District Court of Tasikmalaya (2016), the High Court of Bandung No. 171/Pid.Sus/2016/PT.Bdg, and Supreme Court Decision No. 2279 K/Pid.Sus/2016.

II. Brief Chronology

The defendant was an administrative staff member at the Sophie Paris Business Centre in Tasikmalaya. The defendant provided a co-worker’s username and password to a third party, Ratih Sunartih, who then accessed the company’s internal system from an internet café. Under the defendant’s guidance, fictitious transactions were created based on internal stock data to obtain points and bonuses. As a result, the company’s electronic system was misused for personal gain.

III. Legal Issues

1. Does accessing a company’s electronic system without authorization constitute “unauthorized access” under the ITE Law?
2. Can the provision of login credentials by an internal employee still amount to a violation of Article 30 of the ITE Law?
3. How should criminal liability be imposed on the principal offender and participants under Article 55 of the Criminal Code?

IV. Legal Analysis

1. The Element of “Without Right or Unlawful Access”

The defendant’s act of providing another person’s login credentials without permission and assisting a third party in accessing the company’s system clearly fulfills the element of unauthorized access. Although the defendant was an employee, the access exceeded authorized duties and was therefore unlawful.

2. Access to Another Party’s Computer or Electronic System

The system accessed was an internal corporate system belonging to the company. Access was conducted via the internet using another individual’s credentials, thereby violating the integrity and confidentiality of the electronic system.

3. Intent and Joint Participation

The defendant knowingly guided Ratih in logging in and entering fictitious transactions. This conduct constitutes joint participation (medepleger), and the requirement of direct intent (opzet) is satisfied.

4. Harm and Impact

Although the ITE Law does not require proof of actual material loss, this case involved immaterial and reputational harm to the company, as well as unlawful benefits obtained by the perpetrators. The harmful impact element is therefore fulfilled.

V. Legal Opinion

1. The conduct constitutes unauthorized access and internal abuse of authority.
2. The imposition of a four-month custodial sentence is proportionate and consistent with the principle of ultimum remedium.
3. The case highlights weaknesses in corporate cybersecurity and the need for stronger ethical and technical safeguards.
4. Criminal liability for both the principal offender and accomplices is cumulative.

VI. Conclusion

1. The defendant’s actions violated Article 30 paragraph (1) in conjunction with Article 46 paragraph (1) of the ITE Law.
2. The element of “without right” was fulfilled as access occurred without the system owner’s authorization.
3. Joint criminal liability under Article 55 of the Criminal Code was correctly applied.
4. The judgments at the district, appellate, and Supreme Court levels were legally sound and proportionate.
5. This case serves as an important precedent in the enforcement of Indonesian cybercrime law.

Lanjutkan Membaca

Artikel ini merupakan bagian dari ADIABEL – Reading Room, ruang baca kurasi analisis hukum pidana dan hukum siber.

Masuk Reading Room Kembali ke Library

Continue Reading

This article is part of ADIABEL – Reading Room, a curated space for criminal law and cyber law analysis.

Enter Reading Room Back to Library