Originally Posted by
Cambo
Actually, there is nothing new in that. Those with 2 feet on the ground are already telling this for ages. Collecting data [at this scale, being a private company or government] is asking for some embarrassing moments, somewhere in future, not the IF is relevant, only the WHEN it will happen.
That's called privacy and with the GDPR, the EU showed this backbone of fundamental data collection should be stopped. Companies will more and more refrain from collecting this data, simply because the [financial, fine] risks are to high.
Yes and no.
I work in an industry where clients collect all manner of data. If a consumer wants coupons offering a discount towards a product, companies now want you to sign up with an email address (or more info) in order to get the coupons but also possibly track purchase behavior. Sure, one can use a freemail without name, but the concept is still in place, whereas previously, you could just take a coupon off the shelf in a store.
When you go to a store or other place where you make purchases of products and services, some retailers/companies ask for your postal code. They are tracking you and sure, you can use one that does not belong to you. I have a list of other examples which I won't post here.
In the retail and packaged goods industries, consumers have little reservation about turning over some of their info, just to get free stuff. All the privacy legislation in the world won't matter when someone clicks "Accept" on a website - be it reading a newspaper (tracking), or getting discount coupons towards a purchase.
When you buy anything with a credit card, the company/bank who issues that card tracks you and the agreement to be tracked and your purchase behaviour shared is often in the fine print of the cc user agreement.
When you purchase an airline ticket, you enter your name, address, email, cc and other info like your FF #, passport and other ID.
Or, it auto-populates if you are logged into your FFP. The airline has all this data. And for reasons we all know, it will often get turned over to the U.S. or others.
There have been breaches of customer data at AC and BA and while those affected at AC were a small number, BA and CX were not. Yet, the response from those who run BA and CX has essentially been a shrug, IMHO. There have been massive breaches at Yahoo, retailers, government agencies and of course, those clowns at the credit checking agencies.
Almost all the responses have been variations of a shrug.
You can all think what you like and yes, I do not live in HK and rules in Canada are somewhat different, but if customers and consumers don't want their personal data made available to companies, they can make a choice not to turn it over. It will be very difficult with airlines if one wants to fly. It will be very difficult with government departments who dispense medical services. When they get hacked, no one really wins battling either of them.
I don't know if lawsuits will change anything as they drag on in courts for years and money doesn't replace identity theft.
So what's the choice that is left?
Not fly that airline...until the next one you fly gets hacked because they also didn't take protection of data seriously?
And apologies to those on this forum who don't like outsiders weighing in on what some think is a local issue that matters only to those who fly CX or live in HK. All of us who fly CX were affected, wherever we live.