Sniffing Cybercrimes in M-Banking via WhatsApp: Comparative Legal Framework and Implications

This normative legal research investigates the regulatory landscape and legal responsibilities surrounding sniffing cybercrimes in mobile banking (M-Banking) operations via the WhatsApp application. The study uniquely aligns its analysis with established laws like the Information and Electronic Transaction Law (UU ITE) and the Personal Data Protection Law (UU PDP), elucidating the nuances in sanctions stipulated by these respective legislations. It reveals that the UU ITE and its amendments carry more severe sanctions than the UU PDP. However, based on the lex specialis derogate legi generalis principle and teleological/sociological interpretations of the law's purpose, it concludes that Article 67 (1) of UU PDP governs such sniffing offenses in M-Banking via WhatsApp. The implicated legal liability includes a maximum prison sentence of five years and/or a fine up to five hundred billion rupiah. Moreover, the research underscores the accountability of banking institutions to compensate for the losses suffered by victims, encompassing the replacement of the full or partial account balance or other agreed forms of responsibility. These findings have critical implications for cybersecurity regulations, and the banking sector's duty of care towards customers in the digital era. Highlights: • Disparity: Penalties under UU ITE and UU PDP differ for sniffing cybercrimes. • Governing Law: Sniffing crimes in M-Banking via WhatsApp fall under UU PDP, Article 67 (1). • Liability: Banks are responsible for compensating victims' losses. Keywords: Sniffing Cybercrimes, M-Banking, WhatsApp, Legal Framework, Bank Accountability.