Forum and Costume Controls

   FAQFAQ  SearchSearch  MemberlistMemberlist   UsergroupsUsergroups  medals.php?sid=f174996c78f64f4c73fc95b2204f8defMedals   RegisterRegister   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in

       
REMINDER: Do not change your e-mail address yourself. Please read this first for why.

An Apology

 
Post new topic   This topic is locked: you cannot edit posts or make replies.    Rebel Legion Forum Index -> Australia -> Hoth Base
View previous topic :: View next topic  
Author Message
kev vader
Guest







PostPosted: Tue May 12, 2020 9:37 am    Post subject: An Apology Reply with quote

Attention Troopers:
I am in an unenviable position where I come before you to make an apology.
The Australian 501st and Rebel Legion CO’s and XO’s are currently in a discussion regarding the upcoming Public Liability Insurance renewal.
I was asked by one of the Rebel Legion BCO’s, Sair Steele, to provide her with detailed information regarding who donated to last years PLI, and their donation amount.
I provided her with a list of names of those who donated, but declined to provide her with the amount each person donated, asserting that this was Confidential Information. To provide that information would be clearly ethically wrong of me, and I naively assumed that she would assume that too.
Nevertheless, she chose to not only seek the information from PayPal, but to subsequently publish it in a spreadsheet alongside your name, Unit and TKID.
It had honestly never occurred to me that she would go to such outrageous lengths.
I find it morally and ethically reprehensible that she took this action, and I apologise unreservedly for my short-sightedness in predicting her actions in this matter to all members who donated to the 2019/20 PLI and whose privacy has now been disgracefully breached.
Back to top
TigglesToggles ()
Active Legion Member


Joined: 01 Jan 2015
Posts: 27

Medals: None

PostPosted: Tue May 12, 2020 11:21 am    Post subject: Reply with quote

Hi Kev,

Are you talking about the publicly accessible information that can be obtained by clicking the PLI donations link?

I was not logged into the forum nor into paypal to see this information, I merely clicked the link that you provided.

This gave me personal names and amounts for every transaction made to the 2019-2020 PLI

How is this classified information when literally anyone can see it?
Back to top
View user's profile Send private message
Swanmor ()
Active Legion Member


Joined: 29 Oct 2015
Posts: 69

Medals: None

PostPosted: Tue May 12, 2020 12:14 pm    Post subject: Reply with quote

Hi Kev,

Please provide evidence of the breach of privacy. Also as this matter has been formally handed to,legion command you should not be commenting on this matter to every base in Australia.
Back to top
View user's profile Send private message
TigglesToggles ()
Active Legion Member


Joined: 01 Jan 2015
Posts: 27

Medals: None

PostPosted: Tue May 12, 2020 12:18 pm    Post subject: Reply with quote

Hi Kev,

I've noticed you've removed the links from the PLI threads,
if you require evidence of public access for future reference I have retained screenshots of the process before you edited your posts.

Please keep in mind, it's all previous years that can be accessed, so if you plan on actually making all the information confidential you should probably go back through previous years as well.
Back to top
View user's profile Send private message
TigglesToggles ()
Active Legion Member


Joined: 01 Jan 2015
Posts: 27

Medals: None

PostPosted: Tue May 12, 2020 12:29 pm    Post subject: Reply with quote

Also, would the report be anything like this publicly accessible report done up by the redback garrison for the 2017-18 PLI, which contains names, membership details and amounts donated?
http://501st.com.au/forum/PLI_report.php...em=PLI2017
Back to top
View user's profile Send private message
longshot7014 (William Holmes)
Legion CO
Legion CO


Joined: 26 Sep 2011
Posts: 4326
Location: Imperial Beach, California
Medals: 6 (View more...)
Rebel Legion Supporter (Amount: 1)

PostPosted: Tue May 12, 2020 2:28 pm    Post subject: Reply with quote

Swanmor wrote:
Please provide evidence of the breach of privacy. Also as this matter has been formally handed to,legion command you should not be commenting on this matter to every base in Australia.


I agree. As of now Legion Command nor the LCOGs have not received any such charges, other than here in the Forum.

Our LCOG will be looking for such proof and allegations.

--Bill
_________________
Legion Commanding Officer
Sunrider Base
Southern Region

Back to top
View user's profile Send private message Send e-mail
M.J ()
Active Legion Member


Joined: 13 Jun 2016
Posts: 65

Medals: None

PostPosted: Tue May 12, 2020 10:36 pm    Post subject: Reply with quote

Kev,
Thank you for all the research and negotiating for the groups PLI all these years.
This is not an easy task
My family are very great full.
I commend you giving us transparency every year.
No need for an apology you go beyond what is asked as a member.
_________________
Back to top
View user's profile Send private message
Moxxxie (Jacqui Doyle)
Rebel Legion Reserve


Joined: 23 Oct 2011
Posts: 193

Medals: None

PostPosted: Sat May 16, 2020 2:40 am    Post subject: Reply with quote

As somebody with a professional background in data governance and security, I'd like to bring up a few points.

As a contributing member of both clubs, I consented to having my data shown on the Paypal site for contributions to the PLI. That was part of the terms and conditions that I agreed to as part of donating to the Paypal Pool. By accepting these terms and conditions, it also gave me a way to see how much money had been collected for the PLI that year, and how close we were to the target amount.

So far, so good.

What has occurred since then, is that my PayPal data has been harvested, along with my Base and Garrison membership information - and that personal information has now been distributed to 3rd parties without my consent.

This action, I am told, was performed by a person in a leadership position. This person has been conspicuously absent in explaining her actions, or apologising for this breach of trust.

The fact remains that my data has been harvested and distributed without my consent, which is a direct infringement on GDPR and Australian Data Protection Act (2018).
_________________
Back to top
View user's profile Send private message
Moxxxie (Jacqui Doyle)
Rebel Legion Reserve


Joined: 23 Oct 2011
Posts: 193

Medals: None

PostPosted: Sat May 16, 2020 3:05 am    Post subject: Reply with quote

longshot7014 wrote:
Swanmor wrote:
Please provide evidence of the breach of privacy. Also as this matter has been formally handed to,legion command you should not be commenting on this matter to every base in Australia.


I agree. As of now Legion Command nor the LCOGs have not received any such charges, other than here in the Forum.

Our LCOG will be looking for such proof and allegations.

--Bill


As Legion CO, you are going to be held responsible, under Australian Data Privacy Laws, for complying with the Mandatory Data Breach reporting.

This is not something that the Australian Government negotiates on.

You have 30 days, from the breach act itself, to report the breach, and contact all affected individuals.

Failure to comply with this legislation could result in criminal charges or fines.

Not to mention, several of our members also have European Citizenship, so therefore are also covered under the GDPR - a completely separate set of requirements. GDPR is much more serious than the Australian legislation, because this data protection policy gives you only 7 days to comply.

I stress you place some importance on this issue, as you will be the figurehead that will be called to task and held accountable.

I do not envy your position, nor can I downplay the seriousness of this breach of trust.

The fact that part of the information was publicly visible is largely meaningless. So too, LinkedIn data is visible to the public. That would not give me the right to list and catalogue your work collegues, nor distribute your working history for my own advantage. Nor would it give me the right to harvest your information from financial-based Rebel Legion transactions.

Regardless of the data compliance policy involved, time is of the essence. And, regretfully, as LCO, you are going to be directly involved.
_________________
Back to top
View user's profile Send private message
MaximusStabby ()
Rebel Legion Reserve


Joined: 19 Jun 2012
Posts: 59
Location: Australia
Medals: None

PostPosted: Sat May 16, 2020 7:48 am    Post subject: Reply with quote

Please cite the laws that are being violated so they may be researched more thoroughly, to determine IF a breach has taken place.

As yet the only way this data has been made publicly visible has been through the negligence of Kev himself. Negligence that he has apologised for, and taken steps to rectify.

Or are you referring to documents that have NOT actually been made public, built from information that has been, at the time, publicly available, and kept within a small circle of a command group.

Please note that a failure to cite the articles of legislature for reference, will result in such a grandiose threat being entirely disregarded =)

Edited for autocorrect
Back to top
View user's profile Send private message
Moxxxie (Jacqui Doyle)
Rebel Legion Reserve


Joined: 23 Oct 2011
Posts: 193

Medals: None

PostPosted: Sat May 16, 2020 9:36 am    Post subject: Reply with quote

https://www.oaic.gov.au/privacy/notifiable-data-breaches/

Quote:
Notifiable data breaches RSS feed
A data breach happens when personal information is accessed or disclosed without authorisation or is lost. If the Privacy Act 1988 covers your organisation or agency, you must notify affected individuals and us when a data breach involving personal information is likely to result in serious harm.


Sharing names, paypal account details, club affiliations and donation amounts could lead to serious targeted fraud attempts, and it covered under this jurisdiction.

This is not a threat. This is Australian legislation. Failure to comply could result in criminal charges, fines or legal charges.
_________________
Back to top
View user's profile Send private message
Moxxxie (Jacqui Doyle)
Rebel Legion Reserve


Joined: 23 Oct 2011
Posts: 193

Medals: None

PostPosted: Sat May 16, 2020 9:37 am    Post subject: Reply with quote

Be aware that an active OAIC investigation is already underway.
_________________
Back to top
View user's profile Send private message
strider (Tim Helbing)
Captain of the Guard
Captain of the Guard


Joined: 13 Jul 2014
Posts: 675
Location: Fort Wayne, IN
Medals: 9 (View more...)
Paris Support Badge (Amount: 1)

PostPosted: Sat May 16, 2020 2:57 pm    Post subject: Reply with quote

Moxxxie wrote:
Be aware that an active OAIC investigation is already underway.


Can you provide a case number or other form of reference for us to verify this information?

With the threat of legal action and liability, I am locking this thread for a cooldown period. If anyone has questions or additional information please contact me directly via forum PM or at cog@rebellegion.com

Sincerely,
Tim Helbing (Strider)
Rebel Legion Captain of the Guard.
Back to top
View user's profile Send private message Send e-mail AIM Address
strider (Tim Helbing)
Captain of the Guard
Captain of the Guard


Joined: 13 Jul 2014
Posts: 675
Location: Fort Wayne, IN
Medals: 9 (View more...)
Dragon Con 2015 (Amount: 1)

PostPosted: Sun Jul 12, 2020 9:12 pm    Post subject: Reply with quote

Statement from Legion Council: "Sarah Steele, Tython Base Commanding Officer, is a member in good standing. There are no outstanding charges against her and she has the full support of the Legion Council in the execution of her duties."
Back to top
View user's profile Send private message Send e-mail AIM Address
Display posts from previous:   
Post new topic   This topic is locked: you cannot edit posts or make replies.    Rebel Legion Forum Index -> Australia -> Hoth Base All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot post calendar events in this forum
The Rebel Legion is a worldwide Star Wars costuming organization comprised of and operated by Star Wars fans. While not sponsored by Lucasfilm Ltd., it is Lucasfilm's preferred volunteer Rebel costuming group. Star Wars, its characters, costumes, and all associated items are the intellectual property of Lucasfilm. © 2020 Lucasfilm Ltd. & ™ All rights reserved. Used under authorization.


Powered by phpBB © 2001, 2005 phpBB Group