Louder bark with no bite: Privacy protection through the regulation of mandatory data breach notification in Australia

Future Generation Computer Systems

40 Pages Posted:

See all articles by Mamoun Alazab

Mamoun Alazab

Cyber Security

Seung-Hun Hong

Korea Institute of Public Administration

Jenny Ng

Charles Darwin University

Date Written: October 17, 2020

Abstract

The disruptive shift of technologies in the Internet age poses the challenge of securing our digital asset and cyberspace from large-scale, sophisticatedly targeted offenses and cybercrimes. As a response, many governments have introduced mandatory notification schemes in which an entity bears an obligation to notify the regulator and affected individuals if personal data it holds is compromised. Focusing on Australia’s Notifiable Data Breach (NDB) scheme introduced in 2018, this paper points out that the NDB scheme gives entities that should be responsible for data protection much leeway while holding individuals, only victims of a data breach, responsible for dealing with the consequences. This is problematic as redressing the grievances caused by a data breach is difficult in the Australian context. It is difficult for a victim of a breach of privacy to bring an action in court mainly because there is no established tort of privacy in Australia. Further, bringing a class action for data breaches is a difficult process. We suggest that the real effect of the NDB scheme requires an understanding in a broader context of Australian Privacy Principles (APPs). Regulated in a broader APPs context, the NDB scheme could become a part of a privacy protection regime that requires public agencies and businesses to have better accountability and responsibility mechanisms.

Suggested Citation

Alazab, Mamoun and Hong, Seung-Hun and Ng, Jenny, Louder bark with no bite: Privacy protection through the regulation of mandatory data breach notification in Australia (October 17, 2020). Future Generation Computer Systems, Available at SSRN: https://ssrn.com/abstract=

Mamoun Alazab

Cyber Security ( email )

Australia

HOME PAGE: http://https://sites.google.com/view/alazabm

Seung-Hun Hong (Contact Author)

Korea Institute of Public Administration ( email )

235 Jinheung-ro
Eunpyeong-gu
Seoul, 03367
Korea, Republic of (South Korea)

HOME PAGE: http://sites.google.com/view/seunghun-hong-page

Jenny Ng

Charles Darwin University ( email )

Ellengowan Dr, Casuarina NT
Darwin, 0810
Australia

Here is the Coronavirus
related research on SSRN

Paper statistics

Downloads
1
Abstract Views
10
PlumX Metrics