IDCARE warns new privacy laws could exacerbate ransomware attacks

By
Follow google news

Paying attacker is cheaper than penalty.

National identity support service IDCARE is critical of the federal government’s increased penalties for privacy breaches, saying they could encourage companies to pay ransoms in an attempt to keep a breach secret.

IDCARE warns new privacy laws could exacerbate ransomware attacks

It made the comments in a submission [pdf] to the federal government’s review of the Privacy Act.

Breach frameworks seem “less about informing and supporting a person to take-action who has been placed in a potentially vulnerable position, but more about a need for ‘tick a box’ reporting to regulators and to protect other interests”, IDCARE said in its submission.

That leaves Australian businesses vulnerable to ongoing ransom attacks, the organisation said.

“In terms of ransomware attacks, Australia is open for business … there is little disincentive for these criminals to keep targeting Australian businesses and government agencies,” the submission said.

Fear of the recently-introduced penalties – up to $50 million for a serious privacy breach, one-third of the turnover for an affected company, or three times any financial benefit obtained through data misuse – makes things worse, IDCARE’s submission said.

“This is further exacerbated by the conflicting nature of compliance and notification environment," it said.

"Pay a million dollars or face a breach that may cost $50 million. Don’t pay and have your customer data exploited in the most abhorrent and public way in an attempt to send a clear signal to future organisations that this will be the consequence if their demands are not met."

While making the payment of ransoms a specific offence could discourage companies from paying, IDCARE said “there are many complexities to this”, including unnamed insurance companies that encourage the payment of a ransom, if that is the cheapest way for a victim company to recover their data.

IDCARE also warns that the government’s proposed amendments to the Privacy Act will have the “perverse outcome” of making privacy compliance “much more litigious”.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
idcareprivacy actransomwaresecuritystrategy

Sponsored Whitepapers

2026 Engineering Reality Report
2026 Engineering Reality Report
How Kraft Heinz Transformed Planning with AI & 5 M+ Data Sets
How Kraft Heinz Transformed Planning with AI & 5 M+ Data Sets
Defend Your Network from the Next Generation of AI Threats
Defend Your Network from the Next Generation of AI Threats
Optus Enterprise Mobility
Optus Enterprise Mobility
Life After VMware: Scale Securely with mCloud by Micron21
Life After VMware: Scale Securely with mCloud by Micron21

Events

Most Read Articles

BoM showers Accenture with $31m for digital channels rebuild

BoM showers Accenture with $31m for digital channels rebuild
ANZ Banking Group wants better value from its tech vendors

ANZ Banking Group wants better value from its tech vendors
Qld tables $1 billion for major whole-of-government tech overhaul

Qld tables $1 billion for major whole-of-government tech overhaul
Woolworths digital and analytics capabilities to only grow in importance

Woolworths digital and analytics capabilities to only grow in importance
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio

Log In

  |  Forgot your password?