indo02

Indonesia – E-commerce must do more to protect users against cybercrime: BPKN

The National Consumer Protection Agency (BPKN) has recommended that e-commerce platforms ramp up their user protection measures following a rise of online marketplace complaints during the health crisis.

BPKN advocacy expert staff member Akmalia Hidayati said e-commerce platforms should adhere to the general data protection regulation (GDPR) and make their terms and conditions clear, so consumers could understand their rights and obligations when doing transactions on the platforms.

“Online marketplaces should also create a standard for sellers and implement a filtering system to prevent bad sellers,” she said during a webinar on Tuesday.

She went on to say that the agency had received a growing number of complaints from online shoppers about accounts allegedly hacked by sellers, including through phishing and one-time password (OTP) theft, during the pandemic.

For example, such sellers on e-commerce platforms would send the buyer a link asking them for their e-mail address and password, which they would then use to take over the user’s account, Akmalia explained.

The COVID-19 pandemic has propelled e-commerce growth in Indonesia as customers turn to online platforms to shop amid movement restrictions, pushing more and more businesses online.

Management consulting company Redseer noted that Indonesia had seen the number of online shoppers grow from 75 million to 85 million during the pandemic.

Meanwhile, BPKN data from August show that e-commerce is the third-most reported industry in terms of consumer complaints received by the agency, trailing just behind housing and financial services.

E-commerce users mostly filed complaints on account hacking, goods and services that did not match their order, delivery failures and refund issues.

According to the National Cyber and Encryption Agency (BSSN), Indonesia saw more than 189 million cyberattacks from January to August, an increase from around 39 million over the same period last year. The BSSN also noted that the country was prone to data breaches, spam and phishing attacks.

In May, three Indonesian e-commerce platforms reportedly experienced data breaches that exposed their customers’ details, which were then sold on the dark web.

“Data security is becoming more important, as many technology companies, which gather our personal data, expose us to data abuse risks,” Akmalia said.

Indonesia has yet to pass a specific law that comprehensively regulates personal data protection. According to the Institute for Policy Research and Advocacy (ELSAM), rules on data protection are scattered across at least 33 different laws.

Currently, the country’s e-commerce industry only has Government Regulation No. 80/2019 and Trade Ministry Regulation No. 50/2020, which will come into effect in November, as a regulatory umbrella. Both oversee business licensing, consumer protection and the national data center for the digital economy, among other things.

Meanwhile, Ferry Kusnowo, head of customer care at e-commerce giant Lazada Indonesia, urged users to keep their personal data secure by not sharing their e-mail, password or OTP with another person, even if the person claims to be a representative of the e-commerce platform.

He also said users should decline to chat and to transfer money outside of the e-commerce platform.

“A lot more people are using e-commerce during the pandemic. Unfortunately, users—and especially the newly [registered] ones, still don’t know much about safety while shopping online,” Ferry said.

Source: https://www.thejakartapost.com/news/2020/10/28/e-commerce-must-do-more-to-protect-users-against-cybercrime-bpkn.html