• About Us
    • Fact Checking Policy
    • Ownership & funding information
    • Volunteer
  • Subscribe
  • Letter submission
    • Submissions Policy
  • Contact Us
The Online Citizen Asia
  • Opinion
    • Editorial
    • Commentaries
    • Letters
    • Comments
  • Current Affairs
    • Singapore
    • Malaysia
    • Indonesia
    • China
    • ASEAN
    • Asia
    • International
  • Finance
    • Economics
    • Labour
    • Property
    • Business
  • Community
    • Arts & Culture
    • Consumer Watch
    • NGO
    • Lifestyle
    • Travel
  • Politics
    • Civil Society
    • Parliament
    • Transport
    • Education
    • Environment
    • Health
    • Housing
  • Law & Order
    • Legislation
    • Court Cases
No Result
View All Result
  • Opinion
    • Editorial
    • Commentaries
    • Letters
    • Comments
  • Current Affairs
    • Singapore
    • Malaysia
    • Indonesia
    • China
    • ASEAN
    • Asia
    • International
  • Finance
    • Economics
    • Labour
    • Property
    • Business
  • Community
    • Arts & Culture
    • Consumer Watch
    • NGO
    • Lifestyle
    • Travel
  • Politics
    • Civil Society
    • Parliament
    • Transport
    • Education
    • Environment
    • Health
    • Housing
  • Law & Order
    • Legislation
    • Court Cases
No Result
View All Result
The Online Citizen Asia
No Result
View All Result

Fine imposed on Propnex Realty and JP Pepperdine for failing to make reasonable security arrangements

by Neyla Zannia
27/01/2017
in Consumer Watch, Current Affairs
Reading Time: 3 mins read
0

Source : Propnex and JP Pepperdine website.

Financial penalties of $10,000 each, were imposed on Propnex Realty and JP Pepperdine for failing to make reasonable security arrangements to prevent unauthorised access of individuals’ personal data stored online.
Propnex was also directed to cease the storage of documents containing personal data via its system until a security scan had been conducted.
On 28 December 2015, the Personal Data Protection Commission (“Commission”) received a complaint from the Complainant in relation to the publication online of the Organisation’s internal Do Not Call list containing the personal data of 1765 individuals, including the Complainant and her sisters (“PropNex DNC List”).
Following the Complainant’s complaint, the Commission then undertook an investigation into the matter.
The Complainant alleged that she and her sisters had been receiving marketing calls and messages from various telemarketers (including moneylenders) on their mobile telephone numbers even though they had not consented to being contacted.
When the Complainant spoke to one of the telemarketers over the phone to ask where he had obtained her telephone number, she was informed that her name and telephone number were available on the Internet. This prompted the Complainant to conduct a search on the Internet for her name. Among the search results was a URL link (“Link”) to the PropNex DNC List dated 29 July 2015 in PDF format.
The PropNex DNC List contained, amongst other things, the Complainant’s full name, mobile number and landline, residential address and internal instructions to the Organisation agents regarding the Complainant.
On 31 December 2015, the Commission informed the Organisation’s Data Protection Officer of the Data Breach Incident and requested that the PropNex DNC List be taken down. The Organisation confirmed that the PropNex DNC List belongs to the Organisation and that it had no knowledge of the Data Breach Incident until it was notified of the complaint.
On 4 January 2016, the Organisation deleted the PropNex DNC List from its VO System and informed Google to exclude the Link from its search results. The Organisation also took steps to prevent a reoccurrence of the Data Breach Incident, by introducing a new way of disseminating the DNC List internally through a secured database and which can be searched using an authenticated web form.
Investigations disclosed that in or around July 2015, the PropNex DNC List was in PDF format and placed in a shared folder for internal use on the VO System which was accessible only by the Organisation agents and staff through authenticated login. Earlier versions of the PropNex DNC List had been placed in the same shared folder since the beginning of 2015.

JP Pepperdine Group Pte. Ltd.

On 25 October 2015, the Complainant informed the Personal Data Protection Commission (the “Commission”) that any member of the public could readily access the personal data of members that had joined the Organisation’s membership programme by entering a randomly simulated membership number on a webpage (http://goo.gl/5BX9Rr, a Google URL Shortener that redirects to http://ascentis.com.sg/microcrm/JacksPlace_memberportal/searchprofil e.aspx) listed on the Organisation’s membership brochure (the “Webpage”).
Members of the public can also perform a search (without inputting any search parameters) using the search functions available on the Webpage.
The Organisation operates a number of restaurants in Singapore under various brands (e.g. Jack’s Place, Eatzi Gourmet). The Organisation has a membership programme for its customers. Participating in the membership programme entitles members to special promotions and discounts across the different restaurants operated by the Organisation.
Each member would be assigned a 7-digit membership number by the Organisation. Membership numbers run sequentially. At the time of the investigation (December 2015), the Organisation had approximately 30,000 members.
The personal data that was publicly accessible through the Webpage included, names of members, gender, marital status, nationality, race, NRIC/Passport number, date of birth, mobile phone number, home phone number, email addresses, residential addresses, and other membership account details.
On 29 October 2015, after receiving the Commission’s notification, the Organisation introduced security features to the Webpage by incorporating a password protection feature such that the Webpage was no longer publicly accessible and could only be accessed after authentication.
The Commission then stated that it emphasises that it takes a very serious view of any instance of non-compliance under the PDPA, and it urges organisations to take the necessary action to ensure that they comply with their obligations under the PDPA. The Commission will not hesitate to take the appropriate enforcement action against the organisation(s) accordingly.

For just US$7.50 a month, sign up as a subscriber on The Online Citizen Asia (and enjoy ads-free experience on our site) to support our mission to transform TOC into an alternative mainstream press.

Related Posts

Commemorative coin, exhibitions and various activities to mark 100th anniversary of Lee Kuan Yew’s birth
Singapore

Commemorative coin, exhibitions and various activities to mark 100th anniversary of Lee Kuan Yew’s birth

07/02/2023
国会内庆妇女节 女议员获赠鲜花
Labour

15 companies barred from hiring new foreign employees after serious safety lapse found at worksite

07/02/2023
Why is Gautam Adani’s Indian empire in turmoil?
AFP

India’s Adani Enterprises shares rocket 20%, trading suspended

07/02/2023
China’s Baidu says developing AI chatbot
AFP

China’s Baidu says developing AI chatbot

07/02/2023
Thai rescuers dig to free baby trapped down well
AFP

Thai rescuers dig to free baby trapped down well

07/02/2023
Desmond Lee says 70% of BTO flats affordable for median household with income of S$8,400 but what about the 10th to 40th percentile?
Housing

Desmond Lee says 70% of BTO flats affordable for median household with income of S$8,400 but what about the 10th to 40th percentile?

07/02/2023
Subscribe
Connect withD
Login
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.
DisagreeAgree
Notify of
Connect withD
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.
DisagreeAgree
0 Comments
Inline Feedbacks
View all comments

Latest posts

Commemorative coin, exhibitions and various activities to mark 100th anniversary of Lee Kuan Yew’s birth

Commemorative coin, exhibitions and various activities to mark 100th anniversary of Lee Kuan Yew’s birth

07/02/2023
国会内庆妇女节 女议员获赠鲜花

15 companies barred from hiring new foreign employees after serious safety lapse found at worksite

07/02/2023
Why is Gautam Adani’s Indian empire in turmoil?

India’s Adani Enterprises shares rocket 20%, trading suspended

07/02/2023
China’s Baidu says developing AI chatbot

China’s Baidu says developing AI chatbot

07/02/2023
Thai rescuers dig to free baby trapped down well

Thai rescuers dig to free baby trapped down well

07/02/2023
Desmond Lee says 70% of BTO flats affordable for median household with income of S$8,400 but what about the 10th to 40th percentile?

Desmond Lee says 70% of BTO flats affordable for median household with income of S$8,400 but what about the 10th to 40th percentile?

07/02/2023
Returning Officer to issue corrective directions, overseas Singaporeans allowed to vote by post, among changes to laws tabled to Parliament

Returning Officer to issue corrective directions, overseas Singaporeans allowed to vote by post, among changes to laws tabled to Parliament

07/02/2023
Can Malaysia review its current practices on foreign worker management?

Can Malaysia review its current practices on foreign worker management?

07/02/2023

Trending posts

Cognizant India transfers staff to work in Singapore as recently as this year

Local IT grads can’t find jobs while engineers constantly transferred from India to work in SG under CECA

by Correspondent
05/02/2023
105

...

They have done a fine job of confusing us about the jobs situation

They have done a fine job of confusing us about the jobs situation

by Augustine Low
01/02/2023
47

...

Adani’s brother runs SG company and registers as director with local ID

Adani’s brother runs SG company and registers as director with local ID

by Correspondent
03/02/2023
26

...

No response from Josephine Teo on whether Mediacorp has been instructed to stop coverage of SMT circulation scandal

No response from Josephine Teo over alleged blackout of coverage by Mediacorp over SMT circulation scandal

by Terry Xu
06/02/2023
12

...

Former Singaporean shares change of life in Australia with annual pay of S$80,000 as a plumber

Former Singaporean shares change of life in Australia with annual pay of S$80,000 as a plumber

by Yee Loon
30/01/2023
25

...

Japanese-Canadian junior high school girl breaks national record with 3km in 9:02 mins

“I want my normal life back,” Sherry Drury withdraws from National Junior High School Tournament due to overheated public attention

by Yee Loon
06/02/2023
3

...

January 2017
M T W T F S S
 1
2345678
9101112131415
16171819202122
23242526272829
3031  
« Dec   Feb »

The Online Citizen is a regional online publication based in Taiwan and formerly Singapore’s longest-running independent online media platform.

Navigation

  • Editorial
  • Commentaries
  • Opinion
  • Politics
  • Community

Support

  • Contact Us
  • Letter submission
  • Membership subscription

Follow Us

  • Facebook
  • Twitter
  • YouTube
  • Instagram
  • Fact Checking Policy
  • Privacy Policy

© 2022 - 2023 The Online Citizen Asia

No Result
View All Result
  • Opinion
    • Editorial
    • Commentaries
    • Comments
  • Current Affairs
    • Malaysia
    • Indonesia
    • China
    • ASEAN
    • Asia
    • International
  • Finance
    • Economics
    • Labour
    • Property
    • Business
  • Community
    • Civil Society
    • Arts & Culture
    • Consumer Watch
    • NGO
  • Politics
    • Parliament
    • Transport
    • Education
    • Environment
    • Health
    • Housing
  • Law & Order
    • Legislation
    • Court Cases
  • Lifestyle
    • Travel
  • Subscribers login

© 2022 - 2023 The Online Citizen Asia

wpDiscuz