Writing on dress reads “customer confidence”, newspaper headline reads “private data”.
Amid rising concerns over personal data security and continuing delays in the ratification of the Draft Personal Data Protection Law, consumer confidence has been delivered yet another blow by a Kompas daily newspaper investigation which uncovered a network of credit card salespeople and bank employees have been trading the personal information of bank customers and credit card holders with each other in an effort to make quicker sales.
Personal information sold by the salespeople comprised a customer’s name, phone number, address and even their parents’ names.
Basic customer information – excluding their financial information – was sold for as low as Rp 300 (21 US cents) per piece of information. Personal information that included evidence of a customer’s financial health was typically sold for between Rp 20,000 and Rp 50,000 per piece of information.
A credit card sales coordinator at a bank in Central Jakarta, identified only as JS, said the selling of cardholders’ private information had been commonplace among bank employees.
High-quality data, which includes information on cardholders’ salary and financial documents from Bank Indonesia and the Financial Services Authority, is typically sold for Rp 1 million per 50 pieces of information, or Rp 20,000 each, according to JS.
JS added that employees were sometimes compensated by the bank for giving away customers’ personal information and that bank employees could earn up to Rp 16 million for 30 to 40 platinum credit card approvals.
However, not every piece of a customer’s personal information is “good”, according to JS. “Personal data that has been resold between multiple banks is largely regarded as garbage: it is usually sold online”, JS said. Personal data is sold online for as low as Rp 0.1 per piece of information according to Kompas.