The proposed changes would remove the maximum penalty for serious data breaches. (Representative)
Canberra:
Australia will introduce legislation in parliament to increase penalties for companies subject to major data breaches, Attorney-General Mark Dreyfuss said, after high-profile cyberattacks hit millions of Australians in recent weeks.
Australia’s telco, financial and government sectors are on high alert after the country’s second largest telco, Singtel-owned Optus, on 22 September uncovered a hack that saw the theft of personal data from 10 million accounts.
That attack followed a data breach this month at health insurer Medibank Pvt, involving one-sixth of Australia, resulting in the theft of 100 customers’ personal information, including medical diagnostics and procedures, over 200 gigabytes of data. as part of the theft.
Dreyfus said in an official statement released on Saturday that the government would “significantly increase the penalties for repeated or serious privacy breaches” with amendments to privacy laws next week.
The proposed change would increase the maximum penalty for serious or recurrent privacy breaches from the current A$2.22 million ($1.4 million) to more than A$50 million, three times the value of profit derived through misuse of information, or 30% of turnover Will increase to In the relevant period, he said.
The attorney-general said that when Australians were asked to hand over personal data to companies, they had a right to expect it to be protected.
“Significant privacy breaches in recent weeks have shown that existing security measures are inadequate. This is not enough to warrant a penalty for a large data breach, which can be seen as a cost of doing business,” Dreyfus said.
“We need better laws to regulate how companies manage the huge amounts of data they collect, and bigger penalties to encourage better behavior.”
The announcement comes after the government earlier this month revealed plans to overhaul consumer privacy rules that would help facilitate targeted data sharing between telecom firms and banks following a breach in Optus.
In the wake of the Optus attack, two Australian regulators launched investigations into the company, which has come under heavy fire for not stopping the hack, which is the biggest on record in Australia.
(Except for the title, this story has not been edited by NDTV staff and is published from a syndicated feed.)