Senate urged to pass data breach notification law

By

Privacy Alerts Bill gets glowing tick.

The Senate has been urged by a standing committee to pass mandatory data breach notification law that has been in the making since 2008.

Senate urged to pass data breach notification law

The Privacy Amendments (Privacy Alerts) Bill 2013 was formed from recommendations by the Australian Law Reform Commission, and would force organisations to tell the Federal Privacy Commissioner, affected consumers and on occasion the media, when data breaches occur.

Organisations would be fined for breaches resulting from lax security controls that failed to take "reasonable steps" to protect user data as required by the Privacy Act.

If passed, the scheme could be enforced as early as March next year when a suite of privacy reforms come into effect.

While the six-person committee recommended the Bill be passed, they flagged issues raised in received submissions.

These included an apparent lack of clarity on the definition of "real risk of serious harm" within the definition of "serious data breach" and the breadth of exceptions to notification.

The Australian Bankers' Association, for example, argued it would be difficult to determine "what to report and what not to report".

But the government dismissed those concerns, pointing out that existing guidelines by the Office of the Australian Information Commissioner (OAIC) made it clear that only breaches likely to cause serious harm would be reported.  

Other security professionals commenting on the leaked Draft Exposure Bill raised concerns with the specific security controls and processes that the Federal Privacy Commissioner would consider to be "reasonable steps".

Federal Privacy Commissioner Tim Pilgrim said he would update the OAIC guidance as a priority should the bill pass, a move which the standing committee said it supported.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?