PDPC puts a data twist to 'Cards Against Humanity'

The Personal Data Protection Commission (PDPC) has unveiled a set data safeguarding tips in a deck of cards titled "Cards Against Personal Data No-Nos". The set of cards draws reference from popular card game "Cards Against Humanity", in which players have to come up with response card that best fits a situation or a phrase given. 

In a Facebook post, PDPC's "Cards Against Personal Data No-Nos" featured risky situations netizens may fall prey to. For example, one of the cards said: "I accidentally clicked on an unverified link in a suspicious email and ____", and provided answers which simulates real-life phishing scam tactics such as telling users they won bitcoins, getting contacted by a "Nigerian prince", or simply having their laptop crash due to a virus. The post has since gotten positive responses consisting of likes, loves, and laughs. Several netizens have also commented that the social post was "brilliant". Marketing has reached out for additional information.

The PDPC was set up in 2013 to administer and enforce the Personal Data Protection Act 2012 (PDPA), which allows Singaporeans to have more control over how their personal data is collected, used and disclosed. According to its official website, it aims to promote and enforce personal data protection so as to foster an environment of trust among businesses and consumers, which ultimately contributes to a vibrant Singapore economy. 

Earlier this year, SPH Magazines and Singtel were slapped with a PDPC fine for exposing personal data. SPH Magazines was fined SG$26,000 for failing to protect personal data. According to PDPC, on 20 February 2018, SPH Magazines notified the commission that the account of a senior moderator of its HardwareZone forum site had been accessed by a hacker. The senior moderator’s email address and password was published on a credential leak database on 5 December 2017. 

Meanwhile, Singtel was issued a financial penalty of SG$9,000 for putting personal data of 750 individuals at risk. The incident took place over a period of approximately 11 hours on 20 February 2018 and the personal data of 750 subscribers were exposed to the risk of access by other subscribers. Of these, according to the PDPC case filing, only personal data of 39 subscribers were accessed by other subscribers. Some other brands who received fines from PDPC include NTUC Income, AXA Insurance, Ninja Van, and Royal Caribbean Cruises (Asia).

Related Articles:
PDPC pushes for data innovation and accountability with 3 new initiatives
Singtel and Ninja Van fined by PDPC for personal data exposure
Genki Sushi SG among 5 companies fined by PDPC over personal data breach