Data breach scheme to become law
New laws that will force companies to disclose data breaches have passed the Senate.
Mandatory data breach notification will finally become law in Australia, after the Senate today gave the scheme the green light.
The change to the Privacy Act, which forces organisations to disclose to the Australian Information Commissioner and affected individuals when a data breach has occurred, is outlined in the Privacy Amendment (Notifiable Data Breaches) Bill 2016.
The bill, which passed the House of Representatives last week after being debated for a number of years, passed through the Senate on Monday.
It defines an eligible data breach as “unauthorised access to, unauthorised disclosure of, or loss of, personal information held by an entity” where “the access, disclosure or loss is likely to result in serious harm to any of the individuals to whom the information relates”.
“Examples of when data breach notification may be required could include a malicious breach of the secure storage and handling of information (eg in a cyber security incident), an accidental loss (most commonly of IT equipment or hard copy documents), a negligent or improper disclosure of information, or otherwise, where the incident satisfies the applicable harm threshold (if any),” the bill says.
The long-awaited passage of the laws was welcome and an important step, Macquarie Telecom said.
“We’ve long supported mandatory notification of serious breaches as a foundation of better national cyber security,” CEO David Tudehope said.
“Consumers need to know promptly when their data may have been lost in a serious breach so they can take their own remedial action.
“The new regime also helps other businesses and organisations to become aware of possible vulnerabilities in their own networks,” Mr Tudehope said.
“Every day there are reports of new incidences of unauthorised disclosures of private and personal information. The legislation, passed today is a big step forward in ensuring that consumers are kept in the loop about what happens to their information.
“Keeping Australian citizens information onshore was also a further step businesses should take to securing consumer data.”
New cold war? America fights back over DeepSeek
China outmanoeuvred the US with the launch of DeepSeek. But the US’s biggest tech companies are fighting back to maintain dominance in the AI race.
Atlassian founders add $4bn to their personal fortunes
The personal fortunes of two of the nation’s richest businessmen rocketed by a massive $4bn on paper Friday when investors responded to their tech company beating revenue expectations.