Damage Control and Remedies
In the example above, the political campaign who ‘stole’ the data are certainly responsible for a lot of wrongdoing. But that doesn’t exonerate the app company from blame. The app company should have protected the users’ data better. The app company should first of all do all that it can to stop the problem before it unfolds further. Second, it should inform all the involved data subjects about the situations. Third, it should resolve the security problem so it doesn’t happen again, and finally it should try to remedy all consequences of the breach. Such remedies can include accepting legal consequences, voluntarily compensating the ‘data victims’ etc.
Compliance with the Principle
At Seluxit we are accountable for all our actions, and we take the responsibility that comes with holding and using data very seriously. We comply with all relevant data regulations, including the GDPR, and should our use of data have unforeseen bad consequences in the future, we will inform everyone involved and do our best to resolve the issue.
It is Important to Take Responsibility for How You Handle Data.