There was me thinking we were talking some kind of tentacle hentai thing...
The sale of private data by Hong Kong transport payments firm Octopus Holdings has forced the resignation of chief exec Prudence Chan. Octopus, which sells cards used by Hong Kong residents to pay for subway and bus fares, has agreed to donate to charity the HK$44m ($5.7m) it made from selling the details of an estimated two …
I understand cultural differences exist between East and West but HongKong is a world city whose residents have similar sensitivities to privacy as most Westerners do but Chan's actions beggar belief.
At least HK Oysters have a cash option unlike some schemes and no doubt this abuse will encourage the use of the cash option.
The only more egregious example I can think of is where a certain large tax preparation company sells transcripts of its clients tac returns to credit bureaus.
Why are all nefarious gains offered to charity when the baddies get their collar felt?
I have nothing against charity but if i was one of those whose data was sold then i would want the cash it was sold for thank you.
If your house was burgled and the thieves were caught and said they would give all your stolen belongings to charity, that would not be acceptable.
Is it a meaningful penalty? I haven't seen any further details of this anywhere, but how much money did they make by selling the data to begin with? HK$1 million? HK$100 million? If it was the former, then sure, the amount they have to give is reasonable and make them think twice next time. If it was the later, then crime did pay. So, how much did they make?
This has been a big story here, with additional complications like there being a handover to a new Privacy Commissioner in the middle (end of 5-year term),,,
@JaitcH - I don't see an East/West difference here, HK's privacy law is trailing Europe's (but this incident will make a difference in the current review of the law) but I wouldn't be surprised if a Western executive behaved similarly - to similar public outcry. Octopus doesn't seem to have broken the law, and there are alternatives to giving your personal info: The incident involves the data of 1.97 million who either signed up to the "Octopus Rewards" scheme, or got a "Personal Octopus" card that refills from your bank account automatically when empty, both involved agreements with Terms and Conditions (that the Privacy Commissioner noted you needed a magnifying glass to read). The other ~15million Octopus cards are not linked to personal data.
@Ian Michael Gumby - well, it would be about HK$22 each, but do you treat all the victims equally? Some of the revenue was per signup for insurance.
@Graham Bartlett - You wish. Now, take a cold shower & lie down...
@Mike Moyle - Don't know, but, a year later, do they note their lower profits (due to adverse public opinion) in their accounts and consequently donate less to charity?
Mine's the one with the anonymous Octopus in the pocket.
Biting the hand that feeds IT © 1998–2021