0 Replies Latest reply on Sep 16, 2016 9:40 AM by reyg

    Privacy concerns regarding bills sent via email

    reyg

      Hi Everyone,

       

      I hope you guys can help me reach the necessary people within Globe.

       

      I have concerns with regards to their bills sent via e-mail.

       

      Previously, e-mails that has our bills attached to it doesn't contain any Personally Identifiable Information(PII). However, when they tried to make the e-mail content 'pretty' the whole content is FULL OF PIIs which is a big privacy concern. Not to mention this defeats the purpose of the 'password protected' PDF. Since the SURNAME and MOBILE NUMBER is already indicated in the e-mail! (0_o)

      This is what I mean:

      The screenshot is from the new bill e-mail for my phone.

       

      This has 2 MAJOR PII VIOLATIONS (items 1 & 2):

      1. My FULL name, As in FIRST NAME, FULL MIDDLE NAME, SURNAME is indicated in the e-mail.
      2. My Complete Mobile number is indicated as well.
      3. The full account number is indicated (though this can be ignored; this is just me being OC as that number can be linked to me as well).

      Bill1.jpg

      Here are my suggested improvements:

      1. REMOVE the NAME COMPLETELY! If not and you feel you want to be 'personable' then use the first name.
      2. REMOVE the MOBILE NUMBER. The password in the PDF is now POINTLESS since you already gave both the lock and the key (i.e. our surname + last 4 digits of our number).
      3. HIDE most of the Account Number in the subject and in the e-mail body.

       

      In comparison to the previous e-mail set up, this is the e-mail I received for the broadband.

      Bill2.jpg

      I did not write this one to persecute Globe or have someone from the development team sacked. I just wanted to point out concerns with regards to this topic in our bills sent via e-mail. I hope Globe immediately acts on this one. I would have just e-mailed this concern to the customer support however I find it difficult to actually locate their e-mail address for this kind of concern (if they even have one).