pdpc_decisions_version_detail (view)
1 row where "timestamp" is on date 2019-01-22 and title = "Breach of the Protection Obligation by COURTS"
This data as json, CSV (advanced)
Suggested facets: _commit_at (date), date (date), timestamp (date), tags (array), _changed_columns (array)
| _commit_at | _commit_hash | _id | _item | _version | _commit | description | tags | date | pdf-url | nature | title | url | timestamp | pdf-content | decision | _item_full_hash | _changed_columns |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2023-10-01T11:02:10+08:00 | fbd32491db44d3d0c97aa12a99cefd61ec954264 | 167 | 167 | 1 | 952 | A financial penalty of $15,000 was imposed on COURTS for failing to put in place reasonable security arrangements to protect the personal data of its customers from unauthorised disclosure on its online portal. | [
"Protection",
"Financial Penalty",
"Wholesale and Retail Trade",
"Furniture",
"Electronics"
] |
2019-01-22 | https://www.pdpc.gov.sg/-/media/Files/PDPC/PDF-Files/Commissions-Decisions/Grounds-of-Decision---COURTS---220119.pdf | Protection | Breach of the Protection Obligation by COURTS | https://www.pdpc.gov.sg/all-commissions-decisions/2019/01/breach-of-the-protection-obligation-by-courts | 2019-01-22 | PERSONAL DATA PROTECTION COMMISSION [2019] SGPDPC 4 Case No DP-1707-B0917 In the matter of an investigation under section 50(1) of the Personal Data Protection Act 2012 And COURTS (Singapore) Pte Ltd … Organisation DECISION COURTS (Singapore) Pte. Ltd. COURTS (Singapore) Pte Ltd [2019] SGPDPC 4 Tan Kiat How, Commissioner — Case No DP-1707-B0917 22 January 2019 Background 1 On 9 July 2017, the Personal Data Protection Commission (the “Commission”) received a complaint from a customer (“Complainant”) of COURTS (Singapore) Pte Ltd (“COURTS”) stating that the http://www.courts.com.sg website (“Website”) was “unsafe for customers”. The Complainant discovered that by entering his name and e-mail address on COURTS’ Guest Login (“Guest Login Page”) for the purpose of making a purchase, the Website would automatically open another webpage (“Guest Checkout Page”) disclosing the Complainant’s contact number and address (the “Incident”). 2 Following an investigation into the matter, the Commissioner found COURTS in breach of section 24 of the Personal Data Protection Act 2012 (“PDPA”). Material Facts 3 The Website is owned and managed by COURTS, a leading consumer electronics and furniture retailer in Singapore with a network of 80 stores nationwide. Ebee Global Solutions Pvt Ltd (“Ebee”) was an IT vendor engaged by COURTS to develop and maintain the Guest Login Page and Guest Checkout Page (“Guest Checkout System”) that was part of the Website. At the material 2 COURTS (Singapore) Pte. Ltd. time, the process flow when a customer wished to make a purchase through the Guest Login Page was as follows: (a) The customer accesses the Website and selects an item to “Add to cart” before selecting “Proceed to checkout”; (b) The customer may choose to log into his COURTS’ HomeClub account or he may choose to “Checkout as guest user”; (c) If the customer chooses to check out as a guest user, he enters his name and email address and selects “Login as guest”; and (d) Assuming that the customer has previous… | Financial Penalty | b832b96d16d0455426470e4f2e0d82e73a0c345a | [
"pdf-content",
"timestamp",
"decision",
"pdf-url",
"tags",
"nature",
"url",
"title",
"date",
"description"
] |
Advanced export
JSON shape: default, array, newline-delimited
CREATE VIEW pdpc_decisions_version_detail AS select
commits.commit_at as _commit_at,
commits.hash as _commit_hash,
pdpc_decisions_version.*,
(
select json_group_array(name) from columns
where id in (
select column from pdpc_decisions_changed
where item_version = pdpc_decisions_version._id
)
) as _changed_columns
from pdpc_decisions_version
join commits on commits.id = pdpc_decisions_version._commit;