JAKARTA, KOMPAS — The private information of individuals being bought and sold is not only in the form of names, addresses, telephone numbers and names of their mothers but also financial capability. This type of information should only be accessible by official institutions.
Kompas’ investigation found that among credit card marketing personnel, the private data was traded at varying prices. Private data that contains information on names, telephone numbers, addresses and parents, without financial capabilities, is being sold for Rp 300 per piece of data. However, data on the financial capability of the individual is valued at Rp 20,000 to Rp 50,000 per piece of data.
The data of those applying for credit cards is reportedly being sold. Marketing staff members and bank employees are allegedly involved in the practice.
In the middle of last month, a credit card marketing personnel identified as RF had offered data on 1,101 individuals for Rp 350,000 or around Rp 318 per data item. RF claimed that all of the data was that of customers who had applied for credit cards at private banks in 2017-2018.
"This data contains credit card customer data," he said.
Yanti, 45, one of the names on RF’s data list, when contacted, confirmed all information related to her was correct. That information included her full name, cell phone number, credit card number, home address and office, date of birth and the name of her mother. "All information in the data is correct," said the employee in Jakarta.
JS, a credit card marketing coordinator in Jakarta, said it was common to buy private data from bank employees. Private data of good quality can be sold at a high price, Rp 1 million for 50 data items or Rp 20,000 per data item.
Financial information
Data is considered of good quality, according to JS, if it is complemented by information about salary and financial capability. JS said he had obtained data in the form of credit card registration forms submitted by prospective customers.
After going through the bank analyst\'s inspection, JS added, each registration form was completed with information regarding the prospective customer\'s financial situation. JS said the information really helps in determining the target for credit card marketing.
"The individual could have a high salary and a managerial position, but if their debt is large, it is also difficult to be considered prospective," he said.
According to JS, the price of the data of around Rp 1 million for 50 personal data is reasonable. The reason is that the commission that he and his subordinates would get from each approved credit card was also large, Rp 200,000 for gold credit cards and Rp 400,000 for platinum types.
There were times, JS said, when bank employees who provided personal data were willing to be paid in the form of a commission of Rp 50,000 for each data that is approved for submitting a credit card. "Sometimes there are also [bank employees] who work together. Then later he received Rp 50,000 if [the credit card application] was approved, "he said.
According to executive director of the Indonesian Credit Card Association, Steve Martha, the rampant buying and selling of personal data is allegedly aimed to attract the interest of marketing personnel, including telemarketing staff for banking products. Steve said the possession of a number of personal data has become a prerequisite for candidates to be accepted as outsourced staff for banking products marketing. "Due to the large number of telemarketing workers, they will be employed if they carry data," he said.
Bank Mandiri corporate secretary Rohan Hafas also revealed that data sales had become an issue in the banking industry. However, Rohan stressed the customer data circulated and traded was not caused by leakage in the bank system. "At the bank, the security of the customer\'s personal data is 99 percent maintained. In fact, it is far better than any institution because banking is regulated and supervised by the Financial Services Authority [OJK]," he said.
Several other bank leaders expressed the same thing that supervision of customer data at the bank was strictly implemented. Bank Central Asia corporate secretary Jan Hendra said BCA implemented strict procedures in obtaining and using customer data. Chief executive officer of Citibank NA Indonesia Batara Sianturi said Citibank invested in cybersecurity to ensure customer data was protected.
"Customer data security is very important and we maintain it because it is the customer\'s privacy," Batara said.
The OJK, an institution that has the authority to oversee financial service practices, also affirms that information regarding customers’ finances is information in the confidential category. According to OJK banking supervision head Heru Kristiyana, customers\' financial information, especially their savings, was protected by law.
Online
Based on Kompas’ investigation, personal data is easily bought online. In fact, on the internet, data is sold at low prices, ranging from Rp 0.1 to Rp 16 per data item.
One of the websites that offer private data is temanmarketing.com. Requests for data on this site were submitted via a chat on WhatsApp (WA). Through the WA application, buyers can get 21,441 data for Rp 350,000. The operator who serves via the chat application claims that all data is credit card customer data.
One person whose personal data was sold online was Lia, 44, a data analyst in Jakarta. She confirmed that all information contained in the data was correct. "This data may have been obtain when I applied for a shopping card before 2010," she said. (MDN/ADY/NIA