‘Data monger’ caught for selling personal information slapped with $6,000 fine
Buying and selling data can be a lucrative side job in this day and age, but doing so without the consent of the owners is illegal.
Under the Personal Data Protection Act (PDPA), the first of such ‘data mongers’ has been fined $6,000 for selling such personal information without notifying the owners. The act was fully implemented on 2 Jul 2014.
Telemarketer Sharon Assya Qadriyah Tang had started buying leads for between 20 and 30 cents from unknown sellers sometime in 2012. The information consisted of people’s names, NRIC numbers, mobile numbers and annual income ranges.
It is unknown if they had originally been obtained legally by the unknown sources. However, consent has to be obtained from the individuals for an all-new purpose such as reselling them, which Tang did not do.
Creating a database of 30,990 leads, she resold them for up to 10 times more - between 5 cents to 20 cents per lead. Selling them from 2012 till February 2017, she earned a profit of $5,000.
She had obscured her identity while selling the database, which indicated a guilty conscience and an attempt to prevent the authorities from catching her, said the Personal Data Protection Commission (PDPC).
Tang has fully admitted her wrongdoing and cooperated with the PDPC’s investigations.
(Image Credit/s: USA Today, Khalil Shreateh)
Security Singapore Cybersecurity
Leave a comment in Nestia App