The Introduction of Data Breach Notification Legislation in Australia: A Comparative View

(2018) Computer Law & Security Review (Forthcoming)

48 Pages Posted: 30 Jan 2018

See all articles by Angela Daly

Angela Daly

University of Strathclyde - School of Law; Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT)

Date Written: January 21, 2018

Abstract

This article argues that Australia’s recently-passed data breach notification legislation, the Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth), and its coming into force in 2018, makes an internationally important, yet imperfect, contribution to data breach notification law. Against the backdrop of data breach legislation in the United States and European Union, a comparative analysis is undertaken between these jurisdictions and the Australian scheme to elucidate this argument. Firstly, some context to data breach notification provisions is offered, which are designed to address some of the problems data breaches cause for data privacy and information security. There have been various prominent data breaches affecting Australians over the last few years, which have led to discussion of what can be done to deal with their negative effects. The international context of data breach notification legislation will be discussed, with a focus on the United States and European Union jurisdictions which have already adopted similar laws. The background to the adoption of the Australia legislation will be examined, including the general context of data privacy and security protection in Australia. The reform itself will be then be considered, along with the extent to which this law is fit for purpose and some outstanding concerns about its application. While data breach notification requirements are likely to be a positive step for data security, further reform is probably necessary to ensure strong cybersecurity. However, such reform should be cognisant of the international trends towards the adoption of data breach notification, but lack of alignment in standards, which may be burdensome for entities operating in the transnational data economy.

Keywords: data breach notification, data protection, data security, Australia, European Union, GDPR, US, FTC

JEL Classification: K00, K10, K20, K23, K42

Suggested Citation

Daly, Angela, The Introduction of Data Breach Notification Legislation in Australia: A Comparative View (January 21, 2018). (2018) Computer Law & Security Review (Forthcoming), Available at SSRN: https://ssrn.com/abstract=3106219

Angela Daly (Contact Author)

University of Strathclyde - School of Law ( email )

Lord Hope Building
John Anderson Campus 141 St. James' Rd
Glasgow G4 0LT, Scotland G4 0LT
United Kingdom

Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT) ( email )

P.O.Box 90153
Prof. Cobbenhagenlaan 221
Tilburg, 5037
Netherlands

Here is the Coronavirus
related research on SSRN

Paper statistics

Downloads
212
Abstract Views
1,416
rank
159,050
PlumX Metrics