AEPD (Spain) - EXP202306073

Facts: The data protection authority (DPA) has fined a telecommunications company €400,000 for unlawfully changing the owner of a mobile phone subscription and issuing an identical SIM card without proper identity verification, violating [Article 6 of the GDPR], following a fraud case involving the exchange of a SIM card. The DPA has also fined a telecom provider €300,000 for unlawfully changing the owner of a mobile phone subscription and issuing an identical SIM card to a third party who pretended to be a customer. According to the DPA, the provider did not properly verify the customer's identity.

Summary in English:
Summary in English:

This content has been automatically translated using machine translation. The original version is available in the source language.

This content was automatically translated using machine translation. The original version is available in the source language.