pdpc_decisions_version_detail (view)
2 rows where nature = "Protection, Consent"
This data as json, CSV (advanced)
Suggested facets: _commit_at (date), date (date), timestamp (date), tags (array), _changed_columns (array)
| _commit_at | _commit_hash | _id | _item | _version | _commit | description | tags | date | pdf-url | nature | title | url | timestamp | pdf-content | decision | _item_full_hash | _changed_columns |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2023-10-01T11:02:10+08:00 | fbd32491db44d3d0c97aa12a99cefd61ec954264 | 58 | 58 | 1 | 952 | A financial penalty of $7,000 was imposed on Larsen & Toubro Infotech for failing to put in place reasonable security arrangements to prevent the unauthorised disclosure of personal data of job applicants, and for disclosing the personal data of job applicants without their consent. | [
"Protection",
"Consent",
"Financial Penalty",
"Information and Communications",
"Protection",
"Consent",
"Sample forms",
"Email",
"Recruitment"
] |
2021-06-10 | https://www.pdpc.gov.sg/-/media/Files/PDPC/PDF-Files/Commissions-Decisions/Decision--Larsen--Toubro-Infotech-Limited-Singapore-Branch-06052021.pdf | Protection, Consent | Breach of the Protection and Consent Obligation by Larsen & Toubro Infotech | https://www.pdpc.gov.sg/all-commissions-decisions/2021/06/breach-of-the-protection-and-consent-obligation-by-larsen-toubro-infotech | 2021-06-10 | PERSONAL DATA PROTECTION COMMISSION Case No. DP-2011-B7464 In the matter of an investigation under section 50(1) of the Personal Data Protection Act 2012 And Larsen & Toubro Infotech Limited, Singapore Branch SUMMARY OF THE DECISION 1. On 29 November 2020, the Personal Data Protection Commission (the “Commission”) received a complaint against Larsen & Toubro Infotech Limited, Singapore Branch (“LTI”) from an LTI job applicant. 2. On 25 November 2020, an LTI employee had emailed the complainant a set of sample forms which contained the personal data of a past job applicant. The LTI employee had sent the complainant those sample forms to assist him in filling up his own forms correctly. 3. Subsequently, on 3 December 2020, another LTI employee sent an email reminder to the complainant and 53 other job applicants to complete their application process. The email contained all of the job applicants’ respective names, with their email addresses placed in the “To” field and thus visible to all recipients. 4. Once notified of the complaint by the Commission, LTI undertook a review of its employees’ emails for the period from 2016 to 2020, and uncovered 73 other instances where past job applicants’ personal data had been disclosed to other job applicants. 5. In total, 13 past job applicants’ forms were disclosed by 10 of LTI’s employees to 74 other job applicants. The personal data disclosed in the forms comprised: a. Name; b. Signature; c. Email address; d. National Identification/ passport numbers; e. Date of Birth; f. Address; g. Contact number; h. Medical health status; i. Employment history; j. Salary information; and k. Criminal records disclosure. 6. The Deputy Commissioner for Personal Data Protection finds that LTI negligently contravened the Protection Obligation under section 24 of the Personal Data Protection Act 2012 by failing to provide adequate instructions to its employees dealing with recruitment matters on how to handle personal data. LTI also negligently contravened the Consent Obligation und… | Financial Penalty | bd9f440070a5521214d61291f17b40de724a111a | [
"pdf-content",
"timestamp",
"decision",
"pdf-url",
"tags",
"nature",
"url",
"title",
"date",
"description"
] |
| 2023-10-01T11:02:10+08:00 | fbd32491db44d3d0c97aa12a99cefd61ec954264 | 221 | 221 | 1 | 952 | A warning was issued to My Digital Lock for failing to make reasonable security arrangements to protect the personal data of a customer during its transfer. | [
"Protection",
"Consent",
"Warning",
"Wholesale and Retail Trade"
] |
2016-11-04 | https://www.pdpc.gov.sg/-/media/Files/PDPC/PDF-Files/Commissions-Decisions/Grounds_of_Decision---My_Digital_Lock_Pte_Ltd-(201604).pdf | Protection, Consent | Breach of Protection Obligation by My Digital Lock | https://www.pdpc.gov.sg/all-commissions-decisions/2016/11/breach-of-protection-obligation-by-my-digital-lock | 2016-11-04 | DECISION OF THE PERSONAL DATA PROTECTION COMMISSION Case Number: DP-1601-A628 MY DIGITAL LOCK PTE. LTD. [UEN 201418165M] ... Respondent Decision Citation: [2016] SGPDPC 20 GROUNDS OF DECISION 4 November 2016 BACKGROUND 1. On 4 January 2016, [Redacted] (the “Complainant”), complained to the Personal Data Protection Commission (the “Commission”) that the Respondent had disclosed his personal data by posting screenshots of the Complainant’s WhatsApp conversations with the Respondent’s director, [Redacted] (Replaced with Mr A) on Mr A’s Facebook page. 2. On account of the complaint made, the Commission commenced an investigation under Section 50 of the Personal Data Protection Act 2012 (the “PDPA”) to ascertain whether the Respondent had breached its obligations under the PDPA. The material facts of the case are as follows. MATERIAL FACTS AND DOCUMENTS 3. The Respondent is in the business of selling digital locks and doors. The Complainant had made a purchase of a gate from the Respondent for his home. 4. Subsequently, the Complainant and the Respondent became involved in a dispute concerning alleged defects in the gate. The parties were engaged in legal proceedings in relation to certain remarks that were allegedly made by the Complainant concerning the Respondent’s product, business and/or service. On 4 January 2016, Mr A posted screenshots on his Facebook page of his previous WhatsApp messages (including photographs) that were exchanged between the Complainant and Mr A in connection with the dispute. In posting the screenshots on Facebook, the screenshots were made publicly viewable. The screenshots contained the Complainant’s personal mobile phone number and his residential address (“Complainant’s Personal Data”). The Complainant became aware of this and lodged his complaint. 5. On 1 March 2016, the Commission notified the Respondent of the complaint and sought assistance in investigations. In the course of the investigations, the Respondent accepted that there was a public disclosure of the - 1 - Co… | Warning | d150ba21a2141296e862e0ebc722a66b43bef1e4 | [
"pdf-content",
"timestamp",
"decision",
"pdf-url",
"tags",
"nature",
"url",
"title",
"date",
"description"
] |
Advanced export
JSON shape: default, array, newline-delimited
CREATE VIEW pdpc_decisions_version_detail AS select
commits.commit_at as _commit_at,
commits.hash as _commit_hash,
pdpc_decisions_version.*,
(
select json_group_array(name) from columns
where id in (
select column from pdpc_decisions_changed
where item_version = pdpc_decisions_version._id
)
) as _changed_columns
from pdpc_decisions_version
join commits on commits.id = pdpc_decisions_version._commit;