Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

Data breach notification law finally makes it to Australia's Parliament

Five years after first floated, bill passes lower house vote, flogs offenders with wet lettuce

Australia's long-awaited and long-delayed data breach notification laws are back on the political agenda, after the nation's House of Representatives passing the legislation yesterday.

The bill now before Australia's Senate is the rather limp document that landed in October 2016.

Companies will have the chance to keep mum about a breach, if they believe it's not going to harm anybody. As we noted last year, the explanatory memorandum puts it like this:

“It would not be appropriate for minor breaches to be notified,” the memorandum says, “because of the administrative burden that may place on entities, the risk of ‘notification fatigue’ on the part of individuals, and the lack of utility where notification does not facilitate harm mitigation.”

The Register understands that sending an email attachment to the wrong person would pass the "minor breach" test.

The laws were first mooted under a Labor government in 2012, but faded from view with the change of government in 2013. The idea was revived later that year, at which time Vulture South optimistically thought it would be legislated “soon”.

After another year of sitting in the legislative to-do list, a financial services inquiry dusted off the idea.

Former prime minister Tony Abbott's government then ignored the legislation for a couple of years. Current prime minister Malcolm Turnbull had other priorities after winning the job.

The Bill's passage will bring joy to security vendors, who lobbied hard for Australia to follow the many other nations that have introduced such laws. Those efforts were, of course, aimed at creating a wider market for data loss prevention tools and other products. In our interests. And those of vendors' shareholders. ®

 

Similar topics

TIP US OFF

Send us news


Other stories you might like