| View previous topic :: View next topic |
| Author |
Message |
kev vader
Guest
|
 Posted: Tue May 12, 2020 9:37 am Post subject: An Apology
|
 |
|
Attention Troopers:
I am in an unenviable position where I come before you to make an apology.
The Australian 501st and Rebel Legion CO’s and XO’s are currently in a discussion regarding the upcoming Public Liability Insurance renewal.
I was asked by one of the Rebel Legion BCO’s, Sair Steele, to provide her with detailed information regarding who donated to last years PLI, and their donation amount.
I provided her with a list of names of those who donated, but declined to provide her with the amount each person donated, asserting that this was Confidential Information. To provide that information would be clearly ethically wrong of me, and I naively assumed that she would assume that too.
Nevertheless, she chose to not only seek the information from PayPal, but to subsequently publish it in a spreadsheet alongside your name, Unit and TKID.
It had honestly never occurred to me that she would go to such outrageous lengths.
I find it morally and ethically reprehensible that she took this action, and I apologise unreservedly for my short-sightedness in predicting her actions in this matter to all members who donated to the 2019/20 PLI and whose privacy has now been disgracefully breached. |
|
| Back to top |
|
 |
TigglesToggles ()
Active Legion Member
Joined: 01 Jan 2015
Posts: 27
Medals: None
|
| Posted: Tue May 12, 2020 11:21 am Post subject:
|
|
|
Hi Kev,
Are you talking about the publicly accessible information that can be obtained by clicking the PLI donations link?
I was not logged into the forum nor into paypal to see this information, I merely clicked the link that you provided.
This gave me personal names and amounts for every transaction made to the 2019-2020 PLI
How is this classified information when literally anyone can see it? |
|
| Back to top |
|
|
Swanmor ()
Active Legion Member
Joined: 29 Oct 2015
Posts: 84
Medals: None
|
| Posted: Tue May 12, 2020 12:14 pm Post subject:
|
|
|
Hi Kev,
Please provide evidence of the breach of privacy. Also as this matter has been formally handed to,legion command you should not be commenting on this matter to every base in Australia. |
|
| Back to top |
|
|
TigglesToggles ()
Active Legion Member
Joined: 01 Jan 2015
Posts: 27
Medals: None
|
| Posted: Tue May 12, 2020 12:18 pm Post subject:
|
|
|
Hi Kev,
I've noticed you've removed the links from the PLI threads,
if you require evidence of public access for future reference I have retained screenshots of the process before you edited your posts.
Please keep in mind, it's all previous years that can be accessed, so if you plan on actually making all the information confidential you should probably go back through previous years as well. |
|
| Back to top |
|
|
TigglesToggles ()
Active Legion Member
Joined: 01 Jan 2015
Posts: 27
Medals: None
|
| Posted: Tue May 12, 2020 12:29 pm Post subject:
|
|
|
Also, would the report be anything like this publicly accessible report done up by the redback garrison for the 2017-18 PLI, which contains names, membership details and amounts donated?
http://501st.com.au/forum/PLI_report.php...em=PLI2017 |
|
| Back to top |
|
|
longshot7014 (William Holmes)
Legion CO
Joined: 26 Sep 2011
Posts: 4630
Location: Imperial Beach, California
Medals: 6 (View more...)
|
| Posted: Tue May 12, 2020 2:28 pm Post subject:
|
|
|
| Swanmor wrote: | | Please provide evidence of the breach of privacy. Also as this matter has been formally handed to,legion command you should not be commenting on this matter to every base in Australia. |
I agree. As of now Legion Command nor the LCOGs have not received any such charges, other than here in the Forum.
Our LCOG will be looking for such proof and allegations.
--Bill
_________________
Legion Commanding Officer
Sunrider Base
Southern Region
 |
|
| Back to top |
|
|
M.J ()
Active Legion Member
Joined: 13 Jun 2016
Posts: 72
Medals: None
|
| Posted: Tue May 12, 2020 10:36 pm Post subject:
|
|
|
Kev,
Thank you for all the research and negotiating for the groups PLI all these years.
This is not an easy task
My family are very great full.
I commend you giving us transparency every year.
No need for an apology you go beyond what is asked as a member.
_________________
 |
|
| Back to top |
|
|
Moxxxie (Jacqui Doyle)
Rebel Legion Reserve
Joined: 23 Oct 2011
Posts: 197
Medals: None
|
| Posted: Sat May 16, 2020 2:40 am Post subject:
|
|
|
As somebody with a professional background in data governance and security, I'd like to bring up a few points.
As a contributing member of both clubs, I consented to having my data shown on the Paypal site for contributions to the PLI. That was part of the terms and conditions that I agreed to as part of donating to the Paypal Pool. By accepting these terms and conditions, it also gave me a way to see how much money had been collected for the PLI that year, and how close we were to the target amount.
So far, so good.
What has occurred since then, is that my PayPal data has been harvested, along with my Base and Garrison membership information - and that personal information has now been distributed to 3rd parties without my consent.
This action, I am told, was performed by a person in a leadership position. This person has been conspicuously absent in explaining her actions, or apologising for this breach of trust.
The fact remains that my data has been harvested and distributed without my consent, which is a direct infringement on GDPR and Australian Data Protection Act (2018).
_________________
 |
|
| Back to top |
|
|
Moxxxie (Jacqui Doyle)
Rebel Legion Reserve
Joined: 23 Oct 2011
Posts: 197
Medals: None
|
| Posted: Sat May 16, 2020 3:05 am Post subject:
|
|
|
| longshot7014 wrote: | | Swanmor wrote: | | Please provide evidence of the breach of privacy. Also as this matter has been formally handed to,legion command you should not be commenting on this matter to every base in Australia. |
I agree. As of now Legion Command nor the LCOGs have not received any such charges, other than here in the Forum.
Our LCOG will be looking for such proof and allegations.
--Bill |
As Legion CO, you are going to be held responsible, under Australian Data Privacy Laws, for complying with the Mandatory Data Breach reporting.
This is not something that the Australian Government negotiates on.
You have 30 days, from the breach act itself, to report the breach, and contact all affected individuals.
Failure to comply with this legislation could result in criminal charges or fines.
Not to mention, several of our members also have European Citizenship, so therefore are also covered under the GDPR - a completely separate set of requirements. GDPR is much more serious than the Australian legislation, because this data protection policy gives you only 7 days to comply.
I stress you place some importance on this issue, as you will be the figurehead that will be called to task and held accountable.
I do not envy your position, nor can I downplay the seriousness of this breach of trust.
The fact that part of the information was publicly visible is largely meaningless. So too, LinkedIn data is visible to the public. That would not give me the right to list and catalogue your work collegues, nor distribute your working history for my own advantage. Nor would it give me the right to harvest your information from financial-based Rebel Legion transactions.
Regardless of the data compliance policy involved, time is of the essence. And, regretfully, as LCO, you are going to be directly involved.
_________________
|
|
| Back to top |
|
|
MaximusStabby ()
Rebel Legion Reserve
Joined: 19 Jun 2012
Posts: 59
Location: Australia
Medals: None
|
| Posted: Sat May 16, 2020 7:48 am Post subject:
|
|
|
Please cite the laws that are being violated so they may be researched more thoroughly, to determine IF a breach has taken place.
As yet the only way this data has been made publicly visible has been through the negligence of Kev himself. Negligence that he has apologised for, and taken steps to rectify.
Or are you referring to documents that have NOT actually been made public, built from information that has been, at the time, publicly available, and kept within a small circle of a command group.
Please note that a failure to cite the articles of legislature for reference, will result in such a grandiose threat being entirely disregarded =)
Edited for autocorrect |
|
| Back to top |
|
|
Moxxxie (Jacqui Doyle)
Rebel Legion Reserve
Joined: 23 Oct 2011
Posts: 197
Medals: None
|
| Posted: Sat May 16, 2020 9:36 am Post subject:
|
|
|
https://www.oaic.gov.au/privacy/notifiable-data-breaches/
| Quote: | Notifiable data breaches RSS feed
A data breach happens when personal information is accessed or disclosed without authorisation or is lost. If the Privacy Act 1988 covers your organisation or agency, you must notify affected individuals and us when a data breach involving personal information is likely to result in serious harm. |
Sharing names, paypal account details, club affiliations and donation amounts could lead to serious targeted fraud attempts, and it covered under this jurisdiction.
This is not a threat. This is Australian legislation. Failure to comply could result in criminal charges, fines or legal charges.
_________________
|
|
| Back to top |
|
|
Moxxxie (Jacqui Doyle)
Rebel Legion Reserve
Joined: 23 Oct 2011
Posts: 197
Medals: None
|
| Posted: Sat May 16, 2020 9:37 am Post subject:
|
|
|
Be aware that an active OAIC investigation is already underway.
_________________
|
|
| Back to top |
|
|
strider (Tim Helbing)
Captain of the Guard
Joined: 13 Jul 2014
Posts: 831
Location: Fort Wayne, IN
Medals: 9 (View more...)
|
| Posted: Sat May 16, 2020 2:57 pm Post subject:
|
|
|
| Moxxxie wrote: | | Be aware that an active OAIC investigation is already underway. |
Can you provide a case number or other form of reference for us to verify this information?
With the threat of legal action and liability, I am locking this thread for a cooldown period. If anyone has questions or additional information please contact me directly via forum PM or at cog@rebellegion.com
Sincerely,
Tim Helbing (Strider)
Rebel Legion Captain of the Guard. |
|
| Back to top |
|
|
strider (Tim Helbing)
Captain of the Guard
Joined: 13 Jul 2014
Posts: 831
Location: Fort Wayne, IN
Medals: 9 (View more...)
|
| Posted: Sun Jul 12, 2020 9:12 pm Post subject:
|
|
|
| Statement from Legion Council: "Sarah Steele, Tython Base Commanding Officer, is a member in good standing. There are no outstanding charges against her and she has the full support of the Legion Council in the execution of her duties." |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot post calendar events in this forum
|
|
FAQ 
Search 
Memberlist 
Usergroups 
Medals
Register
Profile 
Log in to check your private messages 
Log in
