|
|
|
|
|
|
|
|
|
|
Spyware-laden 'privacy' extensions and apps affect over 11 million users
|
|
|
|
Researchers have discovered a collection of privacy-related apps and browser extensions that track users' activity and send it to a remote server. The suspicious software has over 11 million users in total.
|
|
|
|
|
|
|
|
Singapore investor watchdog uncovers personal data breach from 2013; 70,000 members hit
|
|
|
|
About 70,000 members of the Securities Investors Association (Singapore) had their personal particulars illegally accessed and copied in 2013, though the data breach was only uncovered recently.
|
|
|
|
|
|
|
|
IBM: A data breach will now cost your organisation $3.86 million, if you're lucky
|
|
|
|
A new global study conducted by IBM suggests the financial impact of a data breach for an organisation is, on average, $3.86 million. However, in the worst cases, "mega breaches" may cost the enterprise between $40 million and $350 million.
|
|
|
|
|
|
|
|
Privacy Commissioner Mr Stephen Wong delivered a presentation titled "A Regulator's Perspective on Accountability and How to Incentivise It" at the Centre for Information Policy Leadership Workshop in collaboration with the Singapore Personal Data Protection Commission (26 July 2018).
|
|
|
|
|
|
|
|
|
|
DPOC has always been an effective platform where members can share good practices and learn from each other. We cordially invite members to share your strategies and practices in data protection by contributing articles and/or photos of your successful initiatives to us. Please click "Share with us" to let us know your good practice!
|
|
|
|
|
|
|
|
|
|
Introduction to the Personal Data (Privacy) Ordinance Seminar
Aug - Dec 2018 seminars are now open for enrolment!
This seminar can familiarise you with the key elements of the Personal Data (Privacy) Ordinance (the Ordinance) in particular your obligations as data users and your rights as data subjects.
Outline:
- A general introduction to the Ordinance
- The six data protection principles
- Direct Marketing
- Offences & Compensation
|
|
|
|
|
|
Ms Sandra Liu, Senior Legal Counsel of the PCPD, was invited to speak at the Seminar on "The Best Practice in Marketing under EU General Data Protection Regulation (GDPR)" organised by the Hong Kong Trade Development Council on 16 July 2018.
|
|
|
|
|
|
|
|
|
|
Guidance on the Proper Handling of Customers’ Personal Data for the Beauty Industry
This Guidance Note provides beauty companies with practical guidance on complying with the requirements under the Ordinance in the course of handling customers’ personal data.
|
|
|
|
|
|
|
|
A marketing company was convicted of using the Complainant’s personal data in direct marketing without taking specified actions and failing to comply with an opt-out request – sections 35C and 35G of the Ordinance
The Complaint
The Complainant once made a reservation with a hotel restaurant and provided his surname and mobile number for that purpose. Since then, the Complainant had received calls promoting the membership and services of the hotel. During one of those promotion calls, the Complainant requested the caller not to call him again and obtained the caller’s acknowledgement of the request. However, the Complainant still continued to receive another call from the same marketing company promoting the membership of the hotel.
|
|
|
|
|
Outcome
The marketing company was charged with the offence of (1) using the personal data of the Complainant in direct marketing without taking specified actions, contrary to section 35C(2) of the Ordinance; and (2) failing to comply with the Complainant’s request to cease using his personal data in direct marketing, contrary to section 35G(1) of the Ordinance. The marketing company pleaded guilty to both charges and was fined HK$8,000 for each charge.
|
|
|
|
|
|
|
|
|
|
Q: Your manager reported to you that several burglary cases occurred in your office building. For security sake, you should not consider ...
A. requesting the property management staff to patrol more frequently
B. installing overt CCTV cameras
C. installing pinhole cameras
The correct answer is C. Covert monitoring should not be used unless there is no other alternative and it is absolutely necessary in detecting or gathering evidence of unlawful activities, and the monitoring should be limited in its scope and duration.
|
|
|
|
Q: You informed your employee that telephone monitoring is conducted to ensure the quality and consistency of telephone service to customers. Therefore, you should not use the telephone records for ...
A. staff training
B. performance appraisal
C. improving customer service
The correct answer is B. Unless you have obtained the prescribed consent of your employee or there is an applicable exemption, the employee’s personal data collected by monitoring measures can only be used for the purposes stated in the employee monitoring policy (e.g. enhancing the delivery of quality service to customer in this case), or for a directly related purpose.
Q: Your employee requested access to his personal data collected through employee monitoring. Your reply to his request is ...
A. No, because the record is the property of the organisation
B. Yes, because the record contains personal data of that employee
C. No, because the record is confidential
The correct answer is B. Your employee has the right to request your organisation as the data user to confirm whether you hold his personal data and to request a copy of any of such data. You are required to provide the employee with a copy of such data or inform the employee by writing of the reasons for refusal no later than 40 days after receiving the request.
Extended Reading:
Privacy Guidelines: Monitoring and Personal Data Privacy at Work
|
|
|
|
|
|
|
|
Know Your Website Cookies
Check with your browser on how to configure the various cookie settings.
|
Media Statements and Responses
PCPD's responses to media enquiries about the Ordinance and the current personal data privacy issues.
|
DPOC e-Newsletter Reader Survey
We want to hear your thoughts and feedback so that we can improve the e-Newsletter. Please complete the survey.
|
|
|
|
|
|
For enquiry, please contact us.
Address: Room 1303, 13/F, Sunlight Tower, 248 Queen's Road East, Wan Chai, Hong Kong Tel: (852) 2877 7179
You are receiving our e-Newsletters because you are a current member of the DPOC and it is one of the membership privileges that we provide. If you do not wish to receive them, please click here to unsubscribe.
|
|
|
|
