Legal Protection for Investors’ Personal Data Against Cybercrime Threats in Capital Market Based on IOSCO Principles

Authors

  • Kevin Darmawan Law Study Program, Faculty of Law, Universitas Padjadjaran
  • Aninditha Sekar Putri Law Study Program, Faculty of Law, Universitas Indonesia

DOI:

https://doi.org/10.38035/jlph.v5i4.1458

Keywords:

Cybercrime, IOSCO Principles, Personal Data Protection

Abstract

The increasing threat of cybercrime, particularly in the capital market sector, poses a serious risk to investors' personal data protection in Indonesia. This challenge requires a robust and adaptive regulatory approach to maintain trust and security within the capital market. As a member of IOSCO, Indonesia has access to principles designed to protect investors and minimize cyber risks. This study employs a normative juridical method using secondary data in the form of primary and secondary legal materials to examine the effectiveness of IOSCO principles in national law. The study’s findings indicate that IOSCO applies 38 principles forming a policy framework for investor protection through preventive and educational efforts for its member countries. However, although Indonesia’s positive law has established a framework for personal data protection, certain aspects of IOSCO principles remain unaccommodated, particularly in terms of oversight and cyber risk management. Therefore, the establishment of a Personal Data Protection Supervisory Body in Indonesia is essential to enhance investor protection and ensure functional harmonization alongside the Indonesia Financial Services Authority.

References

Abi Tyas Tunggal, “What is a Cyber Threat?”, https://www.upguard.com/blog/cyber-threat, accessed July 28, 2024.

Bambang Poernomo, Principles of Equality Before the Law in the Frame of Indonesian Positive Law, Jakarta: Jendela Hukum Publishing, 2022.

Christian Calliess and Ansgar Baumgarten, “Cybersecurity in the EU: The Example of the Financial Sector - A Legal Perspective”, German Law Journal, 2020.

Diny Luthfah, “Strengthening Cybersecurity in Indonesia’s Financial Sector”, Journal of Research and Scientific Work of the Trisakti University Research Institute, Vol. 9, No. 1, 2024.

Dyah Ayu Purboningtyas and Adya Prabandari, “Legal Protection for Investors in Indonesia's Capital Market by the Securities Investor Protection Fund”, Notary Journal, Vol. 12, No. 2, 2019.

Eka Yudha Saputra, “New Zealand Stock Exchange Halted Due to Cyber Attack,” https://dunia.tempo.co/read/1379714/bursa-saham-selandia-baru-terhenti-karena-serangan-siber, accessed July 29, 2024.

Elvira Fitriyani Pakpahan, Eric Kurniawan, et al., “The Role and Authority of the Financial Services Authority (OJK) in Securing Transactions in the Capital Market”, Ius Civile Journal, Vol. 4, No. 1, 2020.

IBM, 2024, “What is Cyber Risk Management?”, IBM Cyber Risk Management, https://www.ibm.com/id-id/topics/cyber-risk-management, accessed July 30, 2024.

International Organization of Securities Commissions 2017, “Methodology for Assessing Implementation of the IOSCO Objectives and Principles of Securities Regulation (OIVC-IOSCO)”, https://www.iosco.org/library/pubdocs/pdf/IOSCOPD562.pdf, accessed July 28, 2024.

IOSCO, Cyber Security in Securities Markets – An International Perspective, IOSCO, 2016.

Kadek Desy Pramita and Kadek Diva Hendrayana, “Legal Protection for Investors as Consumers in Online Investments”, Pacta Sunt Servanda Journal, Vol. 2, No. 1, 2021.

LA Adha, “Digitization of Industry and Its Impact on Employment and Labor Relations in Indonesia”, Journal of Legal Compilation, Vol. 5, No. 2, 2020.

M Ngafifi, “Technological Advancements and Human Lifestyle in the Social-Cultural Perspective”, Journal of Educational Development: Foundations and Applications, Vol. 2, No. 1, 2014.

Muhammad Yudistira and Ramadani, “Juridical Review on the Effectiveness of Handling Cybercrimes Related to Personal Data Theft Under Law No. 27 of 2022 by Kominfo”, Unes Law Review Journal, Vol. 5, No. 4, 2023.

Nanda Dwi Rizkia, Legal Research Methods, Bandung: Universitas Padjadjaran, 2021.

Nyoman Amie Sandrawati, “Anticipating Cybercrime and the Digital Divide in the Application of Tik in the General Election Commission”, Electoral Governance Journal of Indonesia Election Governance, Vol. 3, No. 2, 2022.

OICV-IOSCO, “Personal Data Protection Policy and Assignment of Image Rights for Participants in Events and Meetings Organized by IOSCO (the 'Event'),” https://www.iosco.org/meeting-registration/pdf/Personal-Data-Protection-Policy.pdf, accessed July 28, 2024.

OICV-IOSCO, Securities Market Risk Outlook 2016, Madrid: IOSCO Publishing, 2016.

OICV-IOSCO, World Investor Week 2018 Public Report, Madrid: IOSCO Publishing, 2019.

OICV-IOSCO, “Investor Alerts Portal”, https://www.iosco.org/investor_protection/?subsection=investor_alerts_portal, accessed July 28, 2024.

OICV-IOSCO, “What to Do When Suspecting a Scam”, https://www.iosco.org/investor_protection/?subsection=what_to_do_when_suspecting_a_scam, accessed July 28, 2024.

OJK, “International Organization of Securities Commissions Growth and Emerging Market Committee Meeting (IOSCO GEM Meeting)”, https://ojk.go.id/id/kanal/pasar-modal/berita-dan-kegiatan/info-terkini/Documents/Pages/IOSCO-GEm-c-2016-nusa-dua-bali-info-rundown-dan-acara/IOSCO-GEMC-2016-BALI.pdf, accessed July 28, 2024.

Prasetyo, Cybersecurity in the Financial Sector, Jakarta: Media Digital Publishing, 2022.

Rohini Tendulkar, Cyber-crime, Securities Markets, and Systemic Risk, Madrid: IOSCO Publishing, 2013.

S.R. Azura, Izari, and S.G. Maharani, “Electronic Crimes in Transactions (Fraud Cyber Crime) at Indonesia Stock Exchange PT DSFI”, Journal of Regional Accounting & Finance, Vol. 16, No. 1, 2023.

Soerjono Soekanto, Introduction to Legal Research, 3rd edition, Jakarta: Universitas Padjadjaran, 2019.

Sudrajat, Personal Data Protection in the Digital Era, Bandung: Nusantara Publishing, 2021.

Swammy, Sarah, and Michael McMaster, Governance, Compliance, and Supervision in the Capital Markets, + Website. Hoboken, NJ: John Wiley & Sons, 2018.

Constitution of 1945

Law No. 25 of 2007 on Investment

Law No. 27 of 2022 on Personal Data Protection

Law No. 4 of 2023 on Development and Strengthening of the Financial Sector

Law No. 1 of 2024 on the Second Amendment of Law No. 11 of 2008 on Electronic Information and Transactions

Yuliandra, Cyber Law and Personal Data Protection in Indonesia, Jakarta: Andalas Publishing, 2022.

Yusuf Daeng, et al., Personal Data Protection in the Digital Era: A Review of the Legal Framework for Privacy Protection, Pekanbaru: Innovative Journal Of Social Science Research, 2023.

Downloads

Published

2025-03-18

How to Cite

Kevin Darmawan, & Aninditha Sekar Putri. (2025). Legal Protection for Investors’ Personal Data Against Cybercrime Threats in Capital Market Based on IOSCO Principles . Journal of Law, Politic and Humanities, 5(4), 2293–2303. https://doi.org/10.38035/jlph.v5i4.1458

Issue

Vol. 5 No. 4 (2025): (JLPH) Journal of Law, Politic and Humanities

Section

Articles

License

Copyright (c) 2025 Kevin Darmawan, Aninditha Sekar Putri

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors who publish their manuscripts in this journal agree to the following conditions:

  1. The copyright on each article belongs to the author(s).
  2. The author acknowledges that the Journal of Law, Poliitic and Humanities (JLPH) has the right to be the first to publish with a Creative Commons Attribution 4.0 International license (Attribution 4.0 International (CC BY 4.0).
  3. Authors can submit articles separately, arrange for the non-exclusive distribution of manuscripts that have been published in this journal into other versions (e.g., sent to the author's institutional repository, publication into books, etc.), by acknowledging that the manuscript has been published for the first time in the Journal of Law, Poliitic and Humanities (JLPH).