Jump to content

Recommended Posts

3 hours ago, 2bees said:

Mistakes happen, I doubt it was done with malicious intent. A similar thing happened to my dad with Curry's he called them, made them aware, they apologised, problem solved. 

Problem isn’t solved if they didn’t action anything to prevent it happening again, if It’s Curry’s/Know How then it’s likely it was the delivery manifest and I’d be amazed if this was the first instance.

54 minutes ago, Max Power said:

I wonder if a defence would be valid that those same details are available in the telephone directory?

Telephone directory allows people to choose whether they want their details shared publicly, so it’s definitely not the same thing.

Link to post
Share on other sites
  • Replies 69
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

I thought the same but then I realised I had just got old...  

No because x-in-man doesn't want them to know what he bought from Love Honey.

Yes.

Posted Images

1 minute ago, Annoymouse said:

Telephone directory allows people to choose whether they want their details shared publicly, so it’s definitely not the same thing.

I agree, but if they did choose to have their details displayed elsewhere, it's hardly a breach of privacy?  

Link to post
Share on other sites
11 minutes ago, Max Power said:

I agree, but if they did choose to have their details displayed elsewhere, it's hardly a breach of privacy?  

It’s a breach of data protection principles. It’s the merchants obligation to not release the  info they hold about a customer ( even that you are a customer ), whether it’s otherwise publicly available or not.

  • Thanks 1
Link to post
Share on other sites
28 minutes ago, Max Power said:

I agree, but if they did choose to have their details displayed elsewhere, it's hardly a breach of privacy?  

As John has said it is not about whether your personal details are available elsewhere it is about how the Data Controller has managed and protected your data.  If they have breached the principles then they are in the wrong no matter that your details were already available.

As someone who is ex-directory I would be very annoyed if that was the defence they tried.

  • Like 2
Link to post
Share on other sites
1 hour ago, Max Power said:

I wonder if a defence would be valid that those same details are available in the telephone directory?

No because x-in-man doesn't want them to know what he bought from Love Honey.

  • Like 1
  • Haha 3
Link to post
Share on other sites
6 hours ago, manxman1980 said:

Would you have been so content had your Dad's personal data fallen into the hands of someone who would use them to commit fraud or for other malicious purposes?  If the "prominent retailer" the OP was referring to was Curry's do you think it acceptable that they have taken no action to prevent these data breaches?

It didn’t though, did it? Had it fallen into the hands of a really shady fridge buyer who ... oh my god I cant even answer you, what a ridiculous question! 
The reason I mentioned Curry’s was to let the OP know they have previous for this & to let him/her decide what to do about it, like I said they said sorry and nothing terrible happened - not our problem & I can think of way better fights to have.

  • Like 1
Link to post
Share on other sites
Posted (edited)
4 hours ago, Declan said:

No because x-in-man doesn't want them to know what he bought from Love Honey.

Or that fact I wore it out and it had to be fixed.

 

But that’s nothing compared to what a Mr A from Douglas bought and wore out quicker than I did.

Edited by x-in-man
  • Like 1
Link to post
Share on other sites
2 hours ago, 2bees said:

It didn’t though, did it? Had it fallen into the hands of a really shady fridge buyer who ... oh my god I cant even answer you, what a ridiculous question! 
The reason I mentioned Curry’s was to let the OP know they have previous for this & to let him/her decide what to do about it, like I said they said sorry and nothing terrible happened - not our problem & I can think of way better fights to have.

X-in-Man stated in his original post that he had received personal details of three other people.  2 of those included names, addresses, telephone numbers and email addresses.  Would you want those details to fall into the hands of someone nefarious? 

How would you feel if your Dad's personal details had fallen into the hands of someone who might use the information to try and same him?  

  • Like 1
Link to post
Share on other sites
30 minutes ago, manxman1980 said:

How would you feel if your Dad's personal details had fallen into the hands of someone who might use the information to try and same him?  

Dang! I thought there was something odd going on at my dad's last week when he kept asking where he kept his own cheque book.

 

rC4FP.jpg

Link to post
Share on other sites
7 hours ago, Declan said:

No because x-in-man doesn't want them to know what he bought from Love Honey.

what's Love Honey?

Link to post
Share on other sites
2 hours ago, manxman1980 said:

X-in-Man stated in his original post that he had received personal details of three other people.  2 of those included names, addresses, telephone numbers and email addresses.  Would you want those details to fall into the hands of someone nefarious? 

How would you feel if your Dad's personal details had fallen into the hands of someone who might use the information to try and same him?  

Shut up, you’re going on like an ald woman, have you really nothing better to say than “Yeah but, what if?”? I honestly could not care less, the Isle of Man customer base of people getting things repaired is not going to be full of fraudsters, scammers or even scallywags, is it? Get a grip laddie!

  • Thanks 1
Link to post
Share on other sites

Oh dear...

Have you not seen the numerous warnings from the banks and police on the Isle of Man about telescamming and phishing?

Data breaches are a good source of information for criminals.  The more they know about their target the more likely they are to be able to scam them.

Perhaps you are happy with organisations being careless with your personal data but frankly I am not. 

  • Like 1
Link to post
Share on other sites

I think that thebees is right. It's a concern so she raised it with the firm, who apologised. What more can she do? She has to take it on trust that they investigate and fix the problem.

The error is a serious one in that it presents a risk of data falling into the wrong hands, and therefore needed flagging. But the risk is of information about purchases you've made or your real age being revealed to a nosey neighbour, the risk of it landing on the doormat of a scammer or phisher is minuscule. Suggesting otherwise just hypes up anxiety levels disproportionately.

So, recognising it was an error, flagging it with the firm  accepting the apology and trusting them to take action is a rationale approach.

  • Like 2
Link to post
Share on other sites

@Declan If you go back to 2bees original post she has dismissed the data breach as a "mistake" and that her Dad expected an apology from the retailer involved and as far as she is concerned that solved the problem.

The reality is what has happened in both these cases is a personal data breach by the organisations involved.  A personal data breach is defined under GDPR as "a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed".

Following the personal data breach a notification should have been made within 72 hours to the Information Commissioner.  How much do you want to bet that neither organisation involved in these cases made that report?  

If companies are allowed to get away with an apology and not report it to the IC then this type of incident will continue to happen and eventually it will lead to a big loss of personal data. 

 

 

  • Like 1
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Recently Browsing   0 members

    No registered users viewing this page.


×
×
  • Create New...