Data breach in Malta: 65.000 € fine for C-Planet
Content
Following a complaint by noyb, the Information & Data Protection Commissioner (IDPC) imposed a fine of 65 000 € on the IT company C-Planet. The company had illegally collected data of 98% of Maltese voters, including political preferences and failed to take appropriate data-protection measures. C-Planet notified neither the users nor the data protection authority about the data breach. Download: Decision of the IDPC against C-PLANET Complaint filed in 2020. In November 2020, noyb filed a complaint against C-Planet IT Solutions, the company responsible for huge leaked database of voter’s data in Malta. The leaked personal information included telephone numbers, dates of birth and, voting intentions and party leanings of over 330,000 individuals affected. No lawful basis. The IDPC found that the data were processed without any valid legal basis under Article 6 and 9 GDPR. The decision Commissioner concluded that the numerical identifier in the database referred to the political opini