Last week, Bloomberg reported that electronic payment services firm Octopus Holdings has been selling customers’ personal data for four years, and the Hong Kong privacy commissioner was investigating the sales. Octopus cards are used as “cashless payment” for mass transit or other purchases. Cardholders add money to the card and the value is deducted as they make purchases. They can refill the cards. (In April, the Wall Street Journal reported on privacy questions Octopus Holdings’ plans to expand into China.)
Now, the International Business Times reports that the chief executive of Hong Kong Octopus Holdings “has resigned over its scandal of selling almost two million customer’s private data to third party, and the firm will donate HK$44 million ($5.7 million) in revenue to charity.”
The Octopus scandal has escalated with Chan on July 26 admitting that the company had earned HK$44 million in revenue by selling its clients’ personal data to merchants since January 2006.
The government, which launched a formal investigation into the matter last month, pressed Octopus to deal decisively with “management and corporate governance” issues on Wednesday, hours before the company’s board meeting. […]
Launched in 1997, the Octopus card has been adopted by 95% of people in Hong Kong aged 16 to 65 to travel, shop and dine without the hassle of coins, the company said in its website.
While Octopus cards can be purchased anonymously for cash, over 2.4 million customers have registered for the widely adopted Octopus Rewards program with their personal information, according to the information posted in its website.