ICS Penalized for Negligent Privacy Monitoring

January 16, 2024 Larissa Gomes Economy 0
ICS Penalized

This article was last updated on January 16, 2024

Canada: Free $30 Oye! Times readers Get FREE $30 to spend on Amazon, Walmart…
USA: Free $30 Oye! Times readers Get FREE $30 to spend on Amazon, Walmart…

The AP’s Decision to Penalize ICS

The Dutch Data Protection Authority, known as AP (Autoriteit Persoonsgegevens), has recently imposed a hefty fine of €150,000 on the popular credit card company, International Card Services (ICS). The penalty results from the company’s negligence in conducting the mandatory privacy check prior to utilizing an extensive range of personal data. This oversight marks a breach of privacy law, as declared by AP.

ICS and Its Consumer Reach

ICS is a renowned company responsible for the issuance, supervision, and administration of credit cards. Various prominent companies such as ABN Amro, American Express, and Bunq leverage the services offered by ICS. In 2019, ICS initiated a digital screening process that encompassed about 1.5 million customers across the Netherlands. This process involved the utilization of sensitive information such as names, addresses, telephone numbers, and emails. Furthermore, customers were requested to capture and submit their photos via mobile devices or webcams. These photos were utilized by ICS for cross-verification with ID copies.

Financial Institutions and Privacy Concerns

Although it is a legal mandate for financial institutions, including ICS, to verify the identities of their customers, they are obliged to handle the processed information with utmost caution. ICS failed to integrate additional privacy assurances and thus violated its duty of care, which is an indiscretion as per AP. The importance of organizations conducting preliminary checks for potential risks is explained by Katja Mur, a board member of AP. She emphasizes that identity theft is a conceivable outcome if a passport copy lands in unauthorized hands, hence the obligation for these checks.

The Fines Imposed by AP

AP has the authority to levy fines ranging from €120,000 to €500,000. In this case, given that the violation was due to negligence rather than deliberate intent, the monetary penalty imposed on ICS is relatively low.

ICS Responds to the Sanction

In response to the imposed sanction, ICS confirmed to NOS (a Dutch public service broadcaster) that it will not contest the penalty. While acknowledging the errors committed, ICS assured that the company has since remediated the situation. A spokesperson further clarified that a risk evaluation was carried out in 2021 where no potential safety threats were identified.

Conclusion

ICS’s case serves as a valuable reminder for other companies about the importance of privacy checks and how negligence can lead to substantial penalties.

Share with friends
You can publish this article on your website as long as you provide a link back to this page.

Be the first to comment

Leave a Reply

Your email address will not be published.


*