The Belgian spoorvervoerder SNCB has broken the law on the storage of personal data, the privacy Commission ruled. The research is transferred to the public prosecutor in Brussels as a legal research.
It is now up to the prosecutor of the public prosecutor as to whether or not persecution, but for the Commission it is clear that the NMBS, the privacy act has violated. As the data was not well enough protected; there was no form of encryption is used and anyone could retrieve data. In addition, the SNCB according to the privacy Commission, the Belgian equivalent of the CBP, a clause in the law about the ‘fair and lawful processing of personal data is violated.
It is according to the chairman of the privacy Commission, Willem Debeuckelaere, for the first time in Belgium an investigation of a datalek is passed on to a court. That he said to the Belgian newspaper het Nieuwsblad. Thanks to the leak were the personal data of 700,000 TRAIN passengers accessible. It included data from ministers, officials of the European Commission, staff of embassies and the American ministry of Foreign Affairs.
The datalek, that occurred to the international branch of the spoorvervoerder, came in december to the light, and then a link to the data has been put online. In the beginning it was the NMBS to prevent the data but a short time, online standing, but in reality were the data has already been ‘many months’ unsecured online. A spokesman of the spoorvervoerder will not substantively respond.