this post was submitted on 01 Sep 2024
19 points (95.2% liked)

Melbourne

1870 readers
53 users here now

This community is a place created for the people of Melbourne and Victoria. We are a positive, welcoming and inclusive community. We might not agree about everything, but we always strive to stay civil and respectful.

The focus of our discussions is based around things that affect Victoria, but we are also free to discuss our local perspective on wider issues. Or head to the regular Daily Random Discussion thread to talk about anything.

Full Community Guidelines

Ongoing discussions, FAQs & Resources (still under construction)

Adoption Certificate for Nellie, the Daily Thread numbat (with thanks to @Catfish)

Feedback & Suggestions

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] Cendana@aussie.zone 5 points 2 months ago (1 children)

So I noticed a company had put up a poorly redacted screenshot of a customer order, so basically they just gave away a person’s name, email address and physical address on Instagram.

What would you do?

  1. Inform the victim

  2. Inform the vendor

  3. Contact OAIC

  4. Email 131444

[–] tombruzzo@aussie.zone 6 points 2 months ago (1 children)

I remember I had some compliance training on this recently. Maybe start with informing the vendor and if you don't like their response, go to the victim and the OAIC

[–] Baku@aussie.zone 4 points 2 months ago

Oh, how cool's that? I literally just finished my TAFE class, got out, and this is the first thing I see. We just had an assessment about privacy breaches and the complaints process, and this was basically my answer for the complaints process

Strong agree with what you said. Although personally, I do somewhat feel a moral responsibility to tell the victim. It's a tricky one though, especially if you go to the vendor as well, there may be some blowback because they know who told the victim, and if they stop working with the vendor, I imagine they're likely to blame OP.

Tldr: vendor first, then victim and OAIC is the advisable and smart approach, victim first then the vendor is the less smart approach, but also the one I think I'd feel compelled to take