Hong Kong Privacy Commissioner for Personal Data Stephen Kai-yi Wong has ruled on a TransUnion data breach incident finding the credit-reporting agency violated the Personal Data (Privacy) Ordinance, failing to take “practicable steps” to ensure protection of personal data, according to a statement. A local newspaper bypassed TransUnion’s online authentication and gained access to several public figures' credit reports. The commissioner recommends TransUnion implement improvements, including a privacy-friendly default setting and regular review of online authentication procedures. “It is imperative to ensure that there is a proper balance between the privacy rights of individuals in their consumer credit data, and the interest of credit providers and society at large, to maintain both commercial viability and stability in the consumer lending industry,” Wong said.
If you want to comment on this post, you need to login.