e-mail and Security of Personal data. BA.
Thread Starter
e-mail and Security of Personal data. BA.
I have a common e-mail set up. I use Outlook on my pc, and the mail is through BT. From the wisdom on here, I try to ensure that I do not do stupid things - like sending any personal data over e-mail. I have no "special" encryption, so I assume that all e-mails can be read by the naughty folk.
I was extremely surprised to read an e-mail from BA yesterday. "[email protected]" sent me, in open text, my full APIS data to check.
The full APIS data set. Everything a con-artist would need to set themselves up as me. Surely this is Unlawful?
If it is not unlawful, it must be stupid, or am I missing something?
I was extremely surprised to read an e-mail from BA yesterday. "[email protected]" sent me, in open text, my full APIS data to check.
The full APIS data set. Everything a con-artist would need to set themselves up as me. Surely this is Unlawful?
If it is not unlawful, it must be stupid, or am I missing something?
Last edited by Ancient Observer; 8th Jun 2018 at 14:43.
The full APIS data set would, I believe, constitute personally identifiable information (PII) under GDPR:
To protect PII in transit, minimum technical measures under the GDPR would include:
If you feel that your personal data is being put at risk by the data processor in breach of the GDPR, you should complain to the supervisory authority - in the UK that would be:
The Information Commissioner’s Office
Water Lane, Wycliffe House
Wilmslow - Cheshire SK9 5AF
Tel. +44 1625 545 745
e-mail: [email protected]
Website: https://ico.org.uk
FBW
- Full name (last name, first name, middle name if applicable)
- Gender
- Date of birth
- Nationality
- Country of residence
- Travel document type (normally passport)
- Travel document number (expiry date and country of issue for passport)
To protect PII in transit, minimum technical measures under the GDPR would include:
- Encryption of personal data in transit by using suitable encryption solutions. This may include SSL and IPsec VPN connections which are appropriate for machine-to-machine connections, or PGP which is generally used for messaging, such as, e-mail.
If you feel that your personal data is being put at risk by the data processor in breach of the GDPR, you should complain to the supervisory authority - in the UK that would be:
The Information Commissioner’s Office
Water Lane, Wycliffe House
Wilmslow - Cheshire SK9 5AF
Tel. +44 1625 545 745
e-mail: [email protected]
Website: https://ico.org.uk
FBW
AirAys vs airways
"[email protected]"
Such an email would cause me some concern and I would not reply to it.
The registration of Almost Look Alike domain names is one way that people are persuaded to open malicious emails.
I hope is was just a typo on your part?
Such an email would cause me some concern and I would not reply to it.
The registration of Almost Look Alike domain names is one way that people are persuaded to open malicious emails.
I hope is was just a typo on your part?