Rabat: Morocco’s National Commission for the Control and the Protection of Personal Data (CNDP) has flagged the risks associated with the use of personal data that may have resulted from a leak or been published on unauthorized channels, following a series of cyber attacks that have particularly leaked data from the National Social Security Fund (CNSS).
According to Agence Marocaine De Presse, the CNDP reminds in a press release that the lawful processing of personal data is based on the informed consent of the individual concerned or on a legal framework authorized by Law No. 09-08. Any information obtained outside of this framework is unlawful, and its use is considered an offense, it warns.
In this regard, the CNDP emphasizes that it is specifically vested with investigative and inquiry powers under Article 30 of Law No. 09-08, enabling it to ensure that personal data controllers process data in accordance with Law No. 09-08, and that the processed personal data is protected in a manner that complies wit
h the provisions of Article 24 of Law No. 09-08.
As part of its mission, the CNDP shares its readiness to receive and handle complaints from any individual who believes they are a victim of a leak or unauthorized publication of personal data, and will initiate an investigation to verify whether the processing of said data complies with the provisions of Law No. 09-08 and its implementing regulations, particularly in light of initial checks carried out by certain stakeholders, which revealed that some leaked documents attributed to this cyber attack were found to be false, inaccurate, or distorted.