Singapore:
PDPC Sanctions Food Caterer For Breach Of Protection Obligation
06 December 2016
by
Daniel J. McLoon
,
Mauricio Paez
,
Kevin Lyles
,
Todd McClelland
,
Jeff Rabkin
,
Adam Salter
,
Michiru Takahashi
,
Undine Von Diemar
,
Olivier Haas
,
Jörg Hladjk
,
Richard Johnson
,
Anand Varadarajan
,
Nicole Perry
and
Alexa Sendukas
Jones Day
To print this article, all you need is to be registered or login on Mondaq.com.
On November 4, Singapore's PDPC found that Smiling Orchid Pte. Ltd., a food
caterer, failed to make reasonable security arrangements to prevent
unauthorized access to its customers' personal data on its
website, and the PDPC imposed a S$3,000 penalty for violating the
Personal Data Protection Act of 2012. The PDPC noted that users
were able to access other customers' personal data by altering
the URL of their order preview webpage. The PDPC also directed
Smiling Orchid to conduct a security audit and to patch all
identified webpage vulnerabilities.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
POPULAR ARTICLES ON: Privacy from Singapore
Doxing
Doogue + George Defence Lawyers
Doxing is exposing an individual's identity, private information or personal details online without their consent.
Understanding Doxing & It's Impact
Naik Naik & Company
The term ‘Doxing' is short for ‘dropping dox', ‘dox' being slang for documents. Doxing (also spelt as Doxxing) is the act of revealing identifying and personal information about someone online.