Data Breach

SSeanSS

gctest50 wrote: »

SSeanSS wrote: »

This would not happen on Microsoft or MacOS, wouldn't happen either on most Linux distributions

Where does it say it was  OS encryption stuff?

SSeanSS wrote: »

There are no Microsft or MacOS updates that will unencrypt a disk, its complete lies!

Where does it say it was  OS encryption stuff?

SSeanSS wrote: »

there is one update that will crash in Windows 10 if disk is encrypted but it certainly wont dis-encrypt it.

Where does it say it was  OS encryption stuff?

SSeanSS wrote: »

Think of it like, how could a seperate update do this.. also if this were possible we'd have heard about it already!

telpis

I'm assuming it was an OS update as it affected the encryption?? An even bigger issue if there was a software update or file update that led to the encryption being affected. This would be even more ridiculous. Not sure what "telpis" is but I'm sure it was derogatory :rolleyes:

gazzamc

sexmag wrote: »

Henry Ford III wrote: »

Seems there are avenues open to seek redress and compensation.......

How is there avenue for compensation? What damages or losses have you financially sustained by this?

gazzamc wrote: »

Just got the email today stating they had a breach and my information was among those lost. Yesterday was the end of my contract with Eir. Fitting end to a poor service. I hope they get a hefty fine from breaching GDPR. And if I start getting dodgy calls, emails I'll be in contact with them soon. 

How will you prove any dodgy emails or calls came from their data breach of this laptop?

The calls should be easy, I don't get any dodgy ones and I don't share this number much. Emails would be harder..

ArrBee

SSeanSS wrote: »

gctest50 wrote: »

SSeanSS wrote: »

This would not happen on Microsoft or MacOS, wouldn't happen either on most Linux distributions

Where does it say it was  OS encryption stuff?

SSeanSS wrote: »

There are no Microsft or MacOS updates that will unencrypt a disk, its complete lies!

Where does it say it was  OS encryption stuff?

SSeanSS wrote: »

there is one update that will crash in Windows 10 if disk is encrypted but it certainly wont dis-encrypt it.

Where does it say it was  OS encryption stuff?

SSeanSS wrote: »

Think of it like, how could a seperate update do this.. also if this were possible we'd have heard about it already!

telpis

I'm assuming it was an OS update as it affected the encryption?? An even bigger issue if there was a software update or file update that led to the encryption being affected. This would be even more ridiculous. Not sure what "telpis" is but I'm sure it was derogatory :rolleyes:

Just for balance....

My laptop is encrypted at a HW layer, not at the OS.
The only update I can imagine impacting my encryption is a BIOS update, or disk firmware update.

One hypothetical could be that encryption was intentionally removed as a pre-step to some other update and either that update failed or the encryption was never redone at the end.
Another possibility is that the data never was encrypted and perhaps there is no policy on this internally but realising how bad that sounds a "press release" has been issued.

Henry Ford III

sexmag wrote: »

Henry Ford III wrote: »

Seems there are avenues open to seek redress and compensation.......

How is there avenue for compensation? What damages or losses have you financially sustained by this?

http://www.privacy-regulation.eu/en/article-82-right-to-compensation-and-liability-GDPR.htm

sexmag

Henry Ford III wrote: »

sexmag wrote: »

Henry Ford III wrote: »

Seems there are avenues open to seek redress and compensation.......

How is there avenue for compensation? What damages or losses have you financially sustained by this?

http://www.privacy-regulation.eu/en/article-82-right-to-compensation-and-liability-GDPR.htm

1. Any person who has suffered material or non-material damage as a result of an infringement of this Regulation shall have the right to receive compensation from the controller or processor for the damage suffered.


You have to prove that you suffered damges as a result, again how will you prove that your phone number was obtained by an unscrupulous person who then contacts you to scam money from you? I hardly give out my number yet in the last 2 days i received 3 calls from a number on the congo as has my work mate.

Edit: 2. Any controller involved in processing shall be liable for the damage caused by processing which infringes this Regulation. A processor shall be liable for the damage caused by processing only where it has not complied with obligations of this Regulation specifically directed to processors or where it has acted outside or contrary to lawful instructions of the controller.

This part is important too as it states that Eir may be liable if it didnt follow protocol, seems like they did up to an extent but id like to see how this plays out with the Data Protection Comissioner

sexmag

gazzamc wrote: »

sexmag wrote: »

Henry Ford III wrote: »

Seems there are avenues open to seek redress and compensation.......

How is there avenue for compensation? What damages or losses have you financially sustained by this?

gazzamc wrote: »

Just got the email today stating they had a breach and my information was among those lost. Yesterday was the end of my contract with Eir. Fitting end to a poor service. I hope they get a hefty fine from breaching GDPR. And if I start getting dodgy calls, emails I'll be in contact with them soon. 

How will you prove any dodgy emails or calls came from their data breach of this laptop?

The calls should be easy, I don't get any dodgy ones and I don't share this number much. Emails would be harder..

we all get dodgy ones, they are randomly generated by a bot with the expectation you will call the number back and incur the fee for calling the number

SSeanSS

ArrBee wrote: »

SSeanSS wrote: »

gctest50 wrote: »

SSeanSS wrote: »

This would not happen on Microsoft or MacOS, wouldn't happen either on most Linux distributions

Where does it say it was  OS encryption stuff?

SSeanSS wrote: »

There are no Microsft or MacOS updates that will unencrypt a disk, its complete lies!

Where does it say it was  OS encryption stuff?

SSeanSS wrote: »

there is one update that will crash in Windows 10 if disk is encrypted but it certainly wont dis-encrypt it.

Where does it say it was  OS encryption stuff?

SSeanSS wrote: »

Think of it like, how could a seperate update do this.. also if this were possible we'd have heard about it already!

telpis

I'm assuming it was an OS update as it affected the encryption?? An even bigger issue if there was a software update or file update that led to the encryption being affected. This would be even more ridiculous. Not sure what "telpis" is but I'm sure it was derogatory :rolleyes:

Just for balance....

My laptop is encrypted at a HW layer, not at the OS.
The only update I can imagine impacting my encryption is a BIOS update, or disk firmware update.

One hypothetical could be that encryption was intentionally removed as a pre-step to some other update and either that update failed or the encryption was never redone at the end.
Another possibility is that the data never was encrypted and perhaps there is no policy on this internally but realising how bad that sounds a "press release" has been issued.

Thanks for the input, i think you're right with your two possibilities above, but from their statement "In this case the laptop had been decrypted by a faulty security update the previous working day, which had affected a subset of our laptops and has since been corrected." - it sounds as if they are telling us it was directly done by this update, which is of course lies. Having worked in IT Security for a number of years I realize that mistakes do happen but I do think that if a company blatantly lies to their customers it is important they are called out on this. The details of what was stolen wasn't all that bad and in my opinion is forgivable, what is not acceptable is the way eir has gone about explaining this.

Henry Ford III

Non material damage is the lack of care of my personal data I'd have imagined.

Johnboy1951

SSeanSS wrote: »

ArrBee wrote: »

SSeanSS wrote: »

gctest50 wrote: »

SSeanSS wrote: »

This would not happen on Microsoft or MacOS, wouldn't happen either on most Linux distributions

Where does it say it was  OS encryption stuff?

SSeanSS wrote: »

There are no Microsft or MacOS updates that will unencrypt a disk, its complete lies!

Where does it say it was  OS encryption stuff?

SSeanSS wrote: »

there is one update that will crash in Windows 10 if disk is encrypted but it certainly wont dis-encrypt it.

Where does it say it was  OS encryption stuff?

SSeanSS wrote: »

Think of it like, how could a seperate update do this.. also if this were possible we'd have heard about it already!

telpis

I'm assuming it was an OS update as it affected the encryption?? An even bigger issue if there was a software update or file update that led to the encryption being affected. This would be even more ridiculous. Not sure what "telpis" is but I'm sure it was derogatory :rolleyes:

Just for balance....

My laptop is encrypted at a HW layer, not at the OS.
The only update I can imagine impacting my encryption is a BIOS update, or disk firmware update.

One hypothetical could be that encryption was intentionally removed as a pre-step to some other update and either that update failed or the encryption was never redone at the end.
Another possibility is that the data never was encrypted and perhaps there is no policy on this internally but realising how bad that sounds a "press release" has been issued.

Thanks for the input, i think you're right with your two possibilities above, but from their statement "In this case the laptop had been decrypted by a faulty security update the previous working day, which had affected a subset of our laptops and has since been corrected." - it sounds as if they are telling us it was directly done by this update, which is of course lies. Having worked in IT Security for a number of years I realize that mistakes do happen but I do think that if a company blatantly lies to their customers it is important they are called out on this. The details of what was stolen wasn't all that bad and in my opinion is forgivable, what is not acceptable is the way eir has gone about explaining this.

The wording might be a bit ambiguous .......  this being an internal IT roll out of an update, as part of the updating procedure they would likely disable/remove encryption, do the update, and enable/reapply the encryption afterwards.
Maybe a bunch of laptops did not have the encryption reapplied after whatever update roll out occurred.

That scenario would be covered by "a faulty security update" but would more correctly be 'a faulty security update procedure'.
This might be the more likely.

sexmag

Henry Ford III wrote: »

Non material damage is the lack of care of my personal data I'd have imagined.

The Contracts and Torts Act further defines non-material damage as causing another physical pain or mental anguish, or fear, and provides that the court will (if so justified by the circumstances of the particular case) award fair compensation for:

• physical pain suffered;
  
• mental anguish suffered, due to loss of amenity, disfigurement, defamation of reputation and honor, violation of freedom and personal rights, and
  
• death of a close relative.
  

Not being smart but not of the above has happened due your name,account number,contact number and email "possibly" being in the hands of thief. The thief in question is probably a low life looking to make a quick bit of money and would highly doubtedly have connections to sell peoples data to someone so they can then "attempt" to scam them by email or phone

Henry Ford III

sexmag wrote: »

Henry Ford III wrote: »

Non material damage is the lack of care of my personal data I'd have imagined.

The Contracts and Torts Act further defines non-material damage as causing another physical pain or mental anguish, or fear, and provides that the court will (if so justified by the circumstances of the particular case) award fair compensation for:

• physical pain suffered;
  
• mental anguish suffered, due to loss of amenity, disfigurement, defamation of reputation and honor, violation of freedom and personal rights, and
  
• death of a close relative.
  
  
  

[*]

Not being smart but not of the above has happened due your name,account number,contact number and email "possibly" being in the hands of thief. The thief in question is probably a low life looking to make a quick bit of money and would highly doubtedly have connections to sell peoples data to someone so they can then "attempt" to scam them by email or phone

[*]
Eir have a duty of care over my data and have totally failed in that regard. We don't know the identity of the thief or what they could have done with my details.

I'm worried about it however.

Bingo.

sexmag

Henry Ford III wrote: »

sexmag wrote: »

Henry Ford III wrote: »

Non material damage is the lack of care of my personal data I'd have imagined.

The Contracts and Torts Act further defines non-material damage as causing another physical pain or mental anguish, or fear, and provides that the court will (if so justified by the circumstances of the particular case) award fair compensation for:

• physical pain suffered;
  
• mental anguish suffered, due to loss of amenity, disfigurement, defamation of reputation and honor, violation of freedom and personal rights, and
  
• death of a close relative.
  
  
  
  
  

[*]

Not being smart but not of the above has happened due your name,account number,contact number and email "possibly" being in the hands of thief. The thief in question is probably a low life looking to make a quick bit of money and would highly doubtedly have connections to sell peoples data to someone so they can then "attempt" to scam them by email or phone

[*]
Eir have a duty of care over my data and have totally failed in that regard. We don't know the identity of the thief or what they could have done with my details.

I'm worried about it however.

Bingo.

[*]
Being worried about something doesnt fall under the Non-Material Damage definitions.

Duty of care yes but how the data was lost will be reviewed by DP commisioner and if found that they have failed in that regard by their own negligence Eir will be fined by them

Nothing stopping you contacting a solicitor though to try and take a case but id be of the opinion they will tell you that without any valid financial loss due to the loss of this data you wont any claim for compensation,not to mention anyone who has the data in question wont be able to cause you any financial loss because they are in possesion of it.

Reminder that Eir lost two laptops about 8 years ago with customers details on it under similar circumstances and i dont recall any cases being brought against them by the public to claim compensation and the rights of people under the data protection act then are pretty much the same under GDPR

ArrBee

SSeanSS wrote: »

Thanks for the input, i think you're right with your two possibilities above, but from their statement "In this case the laptop had been decrypted by a faulty security update the previous working day, which had affected a subset of our laptops and has since been corrected." - it sounds as if they are telling us it was directly done by this update, which is of course lies. Having worked in IT Security for a number of years I realize that mistakes do happen but I do think that if a company blatantly lies to their customers it is important they are called out on this. The details of what was stolen wasn't all that bad and in my opinion is forgivable, what is not acceptable is the way eir has gone about explaining this.

oh, I agree.  Any lies need to be called out for sure.
And my position has always been, that I dont believe the reasons given for lack of encryption and that this, to me, is (should be) the single focus of wrong doing.

Henry Ford III

sexmag wrote: »

Henry Ford III wrote: »

sexmag wrote: »

Henry Ford III wrote: »

Non material damage is the lack of care of my personal data I'd have imagined.

The Contracts and Torts Act further defines non-material damage as causing another physical pain or mental anguish, or fear, and provides that the court will (if so justified by the circumstances of the particular case) award fair compensation for:

• physical pain suffered;
  
• mental anguish suffered, due to loss of amenity, disfigurement, defamation of reputation and honor, violation of freedom and personal rights, and
  
• death of a close relative.
  
  
  
  
  
  
  

[*]

Not being smart but not of the above has happened due your name,account number,contact number and email "possibly" being in the hands of thief. The thief in question is probably a low life looking to make a quick bit of money and would highly doubtedly have connections to sell peoples data to someone so they can then "attempt" to scam them by email or phone

[*]
Eir have a duty of care over my data and have totally failed in that regard. We don't know the identity of the thief or what they could have done with my details.

I'm worried about it however.

Bingo.

[*]
Being worried about something doesnt fall under the Non-Material Damage definitions.

Duty of care yes but how the data was lost will be reviewed by DP commisioner and if found that they have failed in that regard by their own negligence Eir will be fined by them

Nothing stopping you contacting a solicitor though to try and take a case but id be of the opinion they will tell you that without any valid financial loss due to the loss of this data you wont any claim for compensation,not to mention anyone who has the data in question wont be able to cause you any financial loss because they are in possesion of it.

Reminder that Eir lost two laptops about 8 years ago with customers details on it under similar circumstances and i dont recall any cases being brought against them by the public to claim compensation and the rights of people under the data protection act then are pretty much the same under GDPR

[*]
"mental anguish or fear". It's in your own definition above. There's no need for a financial loss. Eir failed under their D.P. obligations and caused me fear because of it.

To me that's pretty clearcut.

sexmag

Henry Ford III wrote: »

sexmag wrote: »

Henry Ford III wrote: »

sexmag wrote: »

Henry Ford III wrote: »

Non material damage is the lack of care of my personal data I'd have imagined.

The Contracts and Torts Act further defines non-material damage as causing another physical pain or mental anguish, or fear, and provides that the court will (if so justified by the circumstances of the particular case) award fair compensation for:

• physical pain suffered;
  
• mental anguish suffered, due to loss of amenity, disfigurement, defamation of reputation and honor, violation of freedom and personal rights, and
  
• death of a close relative.
  
  
  
  
  
  
  
  
  

[*]

Not being smart but not of the above has happened due your name,account number,contact number and email "possibly" being in the hands of thief. The thief in question is probably a low life looking to make a quick bit of money and would highly doubtedly have connections to sell peoples data to someone so they can then "attempt" to scam them by email or phone

[*]
Eir have a duty of care over my data and have totally failed in that regard. We don't know the identity of the thief or what they could have done with my details.

I'm worried about it however.

Bingo.

[*]
Being worried about something doesnt fall under the Non-Material Damage definitions.

Duty of care yes but how the data was lost will be reviewed by DP commisioner and if found that they have failed in that regard by their own negligence Eir will be fined by them

Nothing stopping you contacting a solicitor though to try and take a case but id be of the opinion they will tell you that without any valid financial loss due to the loss of this data you wont any claim for compensation,not to mention anyone who has the data in question wont be able to cause you any financial loss because they are in possesion of it.

Reminder that Eir lost two laptops about 8 years ago with customers details on it under similar circumstances and i dont recall any cases being brought against them by the public to claim compensation and the rights of people under the data protection act then are pretty much the same under GDPR

[*]
"mental anguish or fear". It's in your own definition above. There's no need for a financial loss. Eir failed under their D.P. obligations and caused me fear because of it.

To me that's pretty clearcut.

[*]
You realise to prove this you will need to go to a doctor and have them independently assess you and confirm the fact that your name,account number,emal and phone number were lost and this has effected you to such an extent you live in a state of constant "fear" and it has adversely effected your life and have evidence to support this in a court case?

How are you living in fear by the way?

Henry Ford III

sexmag wrote: »

Henry Ford III wrote: »

sexmag wrote: »

Henry Ford III wrote: »

sexmag wrote: »

Henry Ford III wrote: »

Non material damage is the lack of care of my personal data I'd have imagined.

The Contracts and Torts Act further defines non-material damage as causing another physical pain or mental anguish, or fear, and provides that the court will (if so justified by the circumstances of the particular case) award fair compensation for:

• physical pain suffered;
  
• mental anguish suffered, due to loss of amenity, disfigurement, defamation of reputation and honor, violation of freedom and personal rights, and
  
• death of a close relative.
  
  
  
  
  
  
  
  
  
  
  

[*]

Not being smart but not of the above has happened due your name,account number,contact number and email "possibly" being in the hands of thief. The thief in question is probably a low life looking to make a quick bit of money and would highly doubtedly have connections to sell peoples data to someone so they can then "attempt" to scam them by email or phone

[*]
Eir have a duty of care over my data and have totally failed in that regard. We don't know the identity of the thief or what they could have done with my details.

I'm worried about it however.

Bingo.

[*]
Being worried about something doesnt fall under the Non-Material Damage definitions.

Duty of care yes but how the data was lost will be reviewed by DP commisioner and if found that they have failed in that regard by their own negligence Eir will be fined by them

Nothing stopping you contacting a solicitor though to try and take a case but id be of the opinion they will tell you that without any valid financial loss due to the loss of this data you wont any claim for compensation,not to mention anyone who has the data in question wont be able to cause you any financial loss because they are in possesion of it.

Reminder that Eir lost two laptops about 8 years ago with customers details on it under similar circumstances and i dont recall any cases being brought against them by the public to claim compensation and the rights of people under the data protection act then are pretty much the same under GDPR

[*]
"mental anguish or fear". It's in your own definition above. There's no need for a financial loss. Eir failed under their D.P. obligations and caused me fear because of it.

To me that's pretty clearcut.

[*]
You realise to prove this you will need to go to a doctor and have them independently assess you and confirm the fact that your name,account number,emal and phone number were lost and this has effected you to such an extent you live in a state of constant "fear" and it has adversely effected your life and have evidence to support this in a court case?

How are you living in fear by the way?

[*]
You do in your hole.

If you are worried about something it doesn't necessarily affect your physical or mental health. In this instance I'm worried that my data has been accessed and might be used by 3rd parties.

That doesn't require me coming out in spots or visiting my G.P. for depression.  

sexmag

Henry Ford III wrote: »

sexmag wrote: »

Henry Ford III wrote: »

sexmag wrote: »

Henry Ford III wrote: »

sexmag wrote: »

Henry Ford III wrote: »

Non material damage is the lack of care of my personal data I'd have imagined.

The Contracts and Torts Act further defines non-material damage as causing another physical pain or mental anguish, or fear, and provides that the court will (if so justified by the circumstances of the particular case) award fair compensation for:

• physical pain suffered;
  
• mental anguish suffered, due to loss of amenity, disfigurement, defamation of reputation and honor, violation of freedom and personal rights, and
  
• death of a close relative.
  
  
  
  
  
  
  
  
  
  
  
  
  

[*]

Not being smart but not of the above has happened due your name,account number,contact number and email "possibly" being in the hands of thief. The thief in question is probably a low life looking to make a quick bit of money and would highly doubtedly have connections to sell peoples data to someone so they can then "attempt" to scam them by email or phone

[*]
Eir have a duty of care over my data and have totally failed in that regard. We don't know the identity of the thief or what they could have done with my details.

I'm worried about it however.

Bingo.

[*]
Being worried about something doesnt fall under the Non-Material Damage definitions.

Duty of care yes but how the data was lost will be reviewed by DP commisioner and if found that they have failed in that regard by their own negligence Eir will be fined by them

Nothing stopping you contacting a solicitor though to try and take a case but id be of the opinion they will tell you that without any valid financial loss due to the loss of this data you wont any claim for compensation,not to mention anyone who has the data in question wont be able to cause you any financial loss because they are in possesion of it.

Reminder that Eir lost two laptops about 8 years ago with customers details on it under similar circumstances and i dont recall any cases being brought against them by the public to claim compensation and the rights of people under the data protection act then are pretty much the same under GDPR

[*]
"mental anguish or fear". It's in your own definition above. There's no need for a financial loss. Eir failed under their D.P. obligations and caused me fear because of it.

To me that's pretty clearcut.

[*]
You realise to prove this you will need to go to a doctor and have them independently assess you and confirm the fact that your name,account number,emal and phone number were lost and this has effected you to such an extent you live in a state of constant "fear" and it has adversely effected your life and have evidence to support this in a court case?

How are you living in fear by the way?

[*]
You do in your hole.

If you are worried about something it doesn't necessarily affect your physical or mental health. In this instance I'm worried that my data has been accessed and might be used by 3rd parties.

That doesn't require me coming out in spots or visiting my G.P. for depression.  

[*]
Right so explain to me how you will get compensation?

Just fire off an email to Eir saying your worried and bam they send you a cheque? 

What world are you living in? In fact i ask you to start a thread in the legal discussion forum and ask them in cases like how likely is it for someone to receive compensation based on "fear" of 3rd parties have inconsequential data about you

Also i never mentioned depression or "spots" but without any evidence it is effecting you in a significant way you wont get anywhere

The J Stands for Jay

ArrBee wrote: »

Thats an incorrect speculation.
That is a greater risk for virus infection.

That's how it's done everywhere I worked.

The J Stands for Jay

sexmag wrote: »

Many traveeling sales men have laptops and lots and lots of customers data on it, clients,their orders,locations etc, i still dont know why you can understand why a work laptop would be off site.....also they are not oblidged to tell you either other than to let you know what happened

Why would someone in sales need customers' details? They should be getting new customers

sexmag

McGaggs wrote: »

sexmag wrote: »

Many traveeling sales men have laptops and lots and lots of customers data on it, clients,their orders,locations etc, i still dont know why you can understand why a work laptop would be off site.....also they are not oblidged to tell you either other than to let you know what happened

Why would someone in sales need customers' details? They should be getting new customers

Not always, they have a list of current clients whos needs they meet every month, they could also be their point of contact, they may also need to contact them to advise of new products and services that may be of use to them. Plenty of reasons

The J Stands for Jay

ArrBee wrote: »

Any task that would normally be performed on the data while "at work" can be performed on the data while "not at work".
As I mentioned, that is only 1 scenario where the data would be validly stored on a laptop.  There are other scenarios.

It sounds to me that your main point is that no one should be working outside of the office, thereby not ever taking a laptop outside of the office.
This is an unrealistic position to have in the modern world.
Even if it were the case, there will be situations where the data is still on a laptop and by it's nature of being portable, may be in a public place.

My main point is that anyone who would be working from home, or working on the road would have no need for a list of customer contact details. This is basic stuff.

Pelvis

McGaggs wrote: »

My main point is that anyone who would be working from home, or working on the road would have no need for a list of customer contact details. This is basic stuff.

Well, obviously you're wrong. If there's no need for them then they wouldn't have been on the laptop.

The J Stands for Jay

sexmag wrote: »

Not always, they have a list of current clients whos needs they meet every month, they could also be their point of contact, they may also need to contact them to advise of new products and services that may be of use to them. Plenty of reasons

Given the number of customers' details that are lost, it would be likely they are personal customers. They definitely don't have a point of contact (and probably find it very difficult to contact anyone in eir) and only get new product details by post or email.

OK, maybe they worked in marketing and were about to do a mailmerge. Guess that answers my question.

Henry Ford III

sexmag wrote: »

[*]
Right so explain to me how you will get compensation?

Just fire off an email to Eir saying your worried and bam they send you a cheque? 

What world are you living in? In fact i ask you to start a thread in the legal discussion forum and ask them in cases like how likely is it for someone to receive compensation based on "fear" of 3rd parties have inconsequential data about you

Also i never mentioned depression or "spots" but without any evidence it is effecting you in a significant way you wont get anywhere

[*]
A solicitor specialising in the D.P. area is taking the case on a no foal/no fee basis.

He says it's a no brainer. Might drag out a bit but there's no doubt that Eir are liable. The quantum remains to be seen but he wouldn't take it on unless it'd pay him presumably?

ArrBee

McGaggs wrote: »

ArrBee wrote: »

Thats an incorrect speculation.
That is a greater risk for virus infection.

That's how it's done everywhere I worked.

Fair enough.
I've never worked in a large corporation that operated the way you describe.
It's always been the case that non "Standard Operating Environments" were blocked from accessing the corporate network for fear of malicious software.

sexmag

Henry Ford III wrote: »

[*]
A solicitor specialising in the D.P. area is taking the case on a no foal/no fee basis.

He says it's a no brainer. Might drag out a bit but there's no doubt that Eir are liable. The quantum remains to be seen but he wouldn't take it on unless it'd pay him presumably?

Grand and will all other 37k customers be taking separate cases as well?

I find it hard to tell if you're being sincere or not but either way I'm done discussing this as I've said all I can on the subject

Henry Ford III

sexmag wrote: »

Henry Ford III wrote: »

[*]
A solicitor specialising in the D.P. area is taking the case on a no foal/no fee basis.

He says it's a no brainer. Might drag out a bit but there's no doubt that Eir are liable. The quantum remains to be seen but he wouldn't take it on unless it'd pay him presumably?

[*]

Grand and will all other 37k customers be taking separate cases as well?

I find it hard to tell if you're being sincere or not but either way I'm done discussing this as I've said all I can on the subject

[*]
1/. No idea.

2/. Great.

ArrBee

McGaggs wrote: »

ArrBee wrote: »

Any task that would normally be performed on the data while "at work" can be performed on the data while "not at work".
As I mentioned, that is only 1 scenario where the data would be validly stored on a laptop.  There are other scenarios.

It sounds to me that your main point is that no one should be working outside of the office, thereby not ever taking a laptop outside of the office.
This is an unrealistic position to have in the modern world.
Even if it were the case, there will be situations where the data is still on a laptop and by it's nature of being portable, may be in a public place.

My main point is that anyone who would be working from home, or working on the road would have no need for a list of customer contact details. This is basic stuff.

I really don't see what qualifies you to say that.
I mean that's such a large leap of assumption that you'd have to be working in Eir and be intimately familiar with the data and person who lost the laptop to be able to say "they had no business having that data".

There are thousands of potential legitimate uses for customer data, and I would agree thousands of illegitimate uses of the same data.
I don't see how you can jump to the conclusion that it must be one of the illegitimate uses.

For example,  it could be a database dump that was provided to the person to cross reference against another data set to highlight pre-sales opportunities.
This sort of thing goes on all the time.

Seth Brundle

sexmag wrote: »

Grand and will all other 37k customers be taking separate cases as well?

Remember that Class Actions are permitted under the Regulation but the right is there for each of the 37k "victims" to independently look for redress.

sexmag

Seth Brundle wrote: »

Remember that Class Actions are permitted under the Regulation but the right is there for each of the 37k "victims" to independently look for redress.

Again though they would need to prove damages and not potentional damages. I also doubt a judge will entertain the idea that 37k people will live in fear because their email address was stolen