The national data protection authority (DPA) has issued telecoms company Proximus with an administrative fine of €20,000 after the company refused a client request to delete her personal details from the phone book.
The customer applied to Proximus in January last year to have her personal details removed not only from Proximus’ own servers, but also from the systems of third parties with whom Proximus has a contract to supply telephone details.
Proximus lists the telephone numbers of private customers in its annual published telephone book, as well as its telephone enquiry service 1207, and websites 1207.be and 1307.be.
She also demanded that Proximus provide her with a new telephone number with her new provider Telenet.
Two weeks later Proximus contacted her to inform her the telephone number was no longer listed in the phone book, the 1207 service or the website 1207.be.
In August last year, however, the customer contacted Proximus again after finding her details were still being offered via all the previous channels, as well as in phone number services run by third parties.
The customer then brought the matter to the attention of the DPA, providing proof in the form of screen captures that information provided by Proximus was published revealing her full name, full postal address and telephone number.
The DPA found the complaint admissible, and turned the matter over to its own litigation chamber. Now that authority, having heard submissions from the parties, has found against Proximus. The chamber rejected the company’s argument that it could not be held responsible for the use of data by third parties.
The fine, the DPA said, is internationally high enough to serve as an example to others, given the position of Proximus as an industry leaders, and one in which the government is invested.
The company will now consider whether to appeal the decision.