Online services without HTTPS: fine of 15,000 euros

We are in 2022 and TLS certificates are also available for free. But for some unknown reason there are still sites that use the HTTP protocol instead of HTTPS. The Guarantor for the protection of personal data has imposed a fine of 15,000 euros to a company that offered access to online services without encryption.

Online services with unencrypted confidential data

The Privacy Guarantor had received the report from a company user Integrated Water Service Scpa regarding the non-use of the TLS protocol in the reserved area of ​​the site To access the username and password are required, but the HTTP protocol was used. The authority found that the company did not secure access with the protocol HTTPS.

Integrated Water Service Scpa announced that the transition to the protocol would take place shortly (the certificates had already been purchased). The company also specified that in the reserved area there are customer data, bills issued and other services, including self-reading. There are no payment details because it is not possible to pay online or activate domiciliation. In any case, there are no data breaches.

However, the Guarantor noted that the solution adopted by the company violated important principles enshrined in the GDPR, including that of data integrity and confidentiality processed (the owner must implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, such as encryption) and that of data protection right from the design stage (the owner must implement adequate technical and organizational measures to protect personal data and subsequently carry out periodic reviews of the security measures adopted).

The obligations also apply to systems pre-existing at the entry into force of the regulation (25 May 2018). Taking into account the number of affected users (about 13,000), the updating of the system and the collaborative attitude of the company, the Guarantor has inflicted a fine of 15,000 euros.

This article contains affiliate links: purchases or orders placed through these links will allow our site to receive a commission.

Source link

About Eric Wilson

The variety offered by video games never ceases to amaze him. He loves OutRun's drifting as well as the contemplative walks of Dear Esther. Immersing himself in other worlds is an incomparable feeling for him: he understood it by playing for the first time in Shenmue.

Check Also

A scholarship week can be worth a whole year of waiting

The financial markets are the realm of surprises and if someone dares to have convictions, …

Leave a Reply

Your email address will not be published. Required fields are marked *