Australia's Data Breach Notification Bill: Transparency Deficits

(2016) 139 Privacy Laws & Business International Report, 18-19

UNSW Law Research Paper No. 2016-54

4 Pages Posted: 16 Apr 2016 Last revised: 7 Sep 2016

Graham Greenleaf

University of New South Wales, Faculty of Law

Date Written: January 30, 2016

Abstract

Australia’s conservative coalition agreed to introduce a mandatory data breach notification (MDBN) scheme, as part of the political trade-off to obtain parliamentary passage of its data retention law in 2015, and as recommended by a Parliamentary Joint. MDBN legislation had previously been recommended by the Australian Law Reform Commission’s (ALRC) report, and had been the subject of a Bill by the previous Labor government in 2013 which did not obtain passage during its term. This article discusses the government’s exposure draft of the Privacy Amendment (Notification of Serious Data Breaches) Bill (December 2015). The Bill proposes amendments to the Privacy Act 1988.

Matters discussed include significant limitations on the Bill’s scope; the meaning of a ‘real risk of serious harm’; how remedies under the Privacy Act may be available in the event of breaches, and in extreme cases also civil penalty provisions for ‘serious’ or ‘repeated’ breaches; and deficiencies in the transparency of how breaches.

Keywords: privacy, data protection, data breach notification

Suggested Citation

Greenleaf, Graham, Australia's Data Breach Notification Bill: Transparency Deficits (January 30, 2016). (2016) 139 Privacy Laws & Business International Report, 18-19; UNSW Law Research Paper No. 2016-54. Available at SSRN: https://ssrn.com/abstract=2761798

Graham Greenleaf (Contact Author)

University of New South Wales, Faculty of Law ( email )

Sydney, New South Wales 2052
Australia
+61 2 9385 2233 (Phone)
+61 2 9385 1175 (Fax)

HOME PAGE: http://www2.austlii.edu.au/~graham

Register to save articles to
your library

Register

Paper statistics

Downloads
74
rank
292,766
Abstract Views
382
PlumX