Post by account_disabled on Mar 10, 2024 5:42:12 GMT -5
The Spanish Data Protection Agency (AEPD) has imposed a fine of 100,000 euros on Vodafone for violating the personal data protection regulations, in a case of identity theft. As stated in the ruling based on the claimant's complaint, Vodafone registered a prepaid line linked to her personal data at the request of a third person, who impersonated her identity and allegedly carried out an online scam. Subsequently, the person who owned the data ended up being cited as being investigated by 2 courts, as a result of scams that were committed through Wallapop with the telephone line that was linked to him, although he claimed not to have created it. The events date back to November 28, 2019, when the telecommunications company "registered without legitimacy" a prepaid line linked to the data of the affected person, which continued to be processed by Vodafone after the deactivation of the service.
carried out in July 2020. Google, Amazon, a porn provider and all telecoms: the largest fines for violating the RGPD that Spain has proposed in 2022 For its part, the company has defended itself by ensuring that "the necessary security measures were implemented" and that "the third party that committed the fraud exceeded the Security Policy for Private Clients, providing the information WhatsApp Number List of the interested party that it would have obtained through illicit means." or fraudulent," publishes the resolution . However, the AEPD contradicts him: "There has been no proactive conduct specified in the adoption of appropriate technical and organizational measures to effectively apply the data protection principles." "Vodafone's security policy is clearly ineffective and insufficient , it is far below the possibilities that current technical development offers and does not take into consideration the obvious risk that contracting.
The services it markets represents for the rights and freedoms of people," he adds. Thus, the Agency, which begins the sanctioning procedure on February 3, 2022 and issues the sanctioning resolution on November 3, imposes an administrative fine of 100,000 euros on the company for a violation of article 6.1 of Regulation (EU) 2016/ 679 , relating to the protection of natural persons with regard to the processing of personal data and the free circulation of these. Wave of Data Protection fines to telecom companies for not properly protecting their users against 'SIM swapping' Furthermore, the telephone operator would have to pay the full amount, without the 20% reduction (20,000 euros) in case of voluntary payment on time. According to this, it was done, but "on an erroneous account" due to "human error.