Recently, the Jiangsu Huai'an police found that multiple QQ accounts on the Internet can pay to inquire citizens' personal information. After investigation, the criminal gang has formed a large-scale black industrial chain. The police rushed to 9 provinces and 12 cities and arrested 26 suspects. Among them, a certain bank staff member Ding only used his help to query bank card information, and his annual black income exceeded 300,000 yuan. When interviewed by the police, Ding said, "I really don't know that this is illegal."
Bank card information is not only personal privacy, but also an extremely "sensitive" item of private information. However, such important information is being resold on the Internet as a commodity by criminals. Such a black industrial chain not only violates the rights of citizens, but also directly jeopardizes the security of the financial system.
As a bank staff member, Ding said that he "did not know it was illegal." Behind such an explanation, there are undoubtedly two possibilities. First, Ding did not understand the law, but only thought that he violated bank regulations, so he was not afraid of it. The second is that Dingmou is quibbling, knowing that the law breaks the law, and also trying to pretend to be stupid to escape the pursuit of the law.
Either of these two situations is difficult to justify. As a bank employee, Ding learns to master relevant basic financial legal knowledge, which is the minimum professional requirement. The law never recognizes the exemption of the unknowing, and Ding must pay a heavy price for his oversight and theft.
For the protection of personal privacy information, banks are at the forefront. However, some bank staff have been tempted to be bought up by criminals, which has caused such defense lines to open up repeatedly, and users have also suffered from privacy leaks. In this regard, the law must not be taken lightly, and those who guard the self-stealers must pay a high cost, so as to cultivate the awe of bank employees for customer information and the law, and cut off the black industrial chain of personal information reselling from the source.
Ding was finally brought to justice by taking responsibility. In addition, this major personal information disclosure case also exposed the extensiveness and sloppyness of the relevant banks in customer information management. It is precisely because of internal control loopholes that Dingmou has an opportunity.
In fact, for the protection of personal information of financial institutions, financial regulatory agencies such as the central bank have long issued relevant regulations. For example, the central bank clearly requires that financial institutions should strengthen the monitoring, management and operation of personal information in accordance with technical standards such as data classification and desensitization, so as to implement the process of standardization and platformization of personal information protection. Combined with its own security situation, it can conduct data security capability maturity assessment or gap analysis, discover the weak links in data security, personal information protection and privacy security, and establish a personal information security protection system in a targeted manner.
If the relevant bank strictly implements the regulatory requirements and improves the relevant working mechanism for the protection of personal information, how can Ding dare to ignore the bank's regulations and commit a crime? How could this case last for a year without being discovered by the bank? Therefore, in this case, not only should Ding Mou be held accountable, his superiors and the bank ’s department responsible for the protection of personal information are equally liable.
Ding's case is probably not just a problem for individual banks. Recently, the leakage of the personal account of a well-known talk show actor was leaked by the bank, and it was once full of buzz. The incident also exposed the "risk exposure" of the relevant banks in the protection of personal information.
Therefore, it is urgent to strengthen the crackdown on bank information theft of underground industries. For each clue, the law enforcement department should search for it according to the picture and find out the hidden "inner ghost". Banks also need to raise risk awareness, strictly train employees for on-the-job training and assessment, and check customer information security in terms of systems and processes. Preventing in advance and pursuing punishment afterwards can deter the crime of reselling personal financial information and give the public a more secure sense of security.
Yu Ping Source: China Youth Daily