Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
The final report outlining the amendments to Australia’s Privacy Act and possible new data breach disclosure laws will be released on August 11th.Federal Cabinet Secretary John Faulkner, and Attorney-General Robert McClelland will officially launch the report, which is embargoed till the 11th, in a briefing in Sydney on the day.The final report, the result of several draft papers by the Australian Law Reform Commission (ALRC) and stakeholder feedback was delivered to the Attorney-General on 30th May and followed up by tabling in federal Parliament.According to the ALRC, the Commission was initially prompted to review the Privacy Act in January 2006 by the then Attorney-General in a move to examine the Act’s effectiveness, taking into consideration the advancements in digital technology as a factor. Discussions surrounding mandatory data breach disclosure laws by business and government quickly became a focal point of the debate with both the Privacy Commissioner and analysts urging the inclusion of such a mandate. Karen Curtis, the Australian Privacy Commissioner renewed calls for mandatory information breach disclosure laws on several occassions including in a 786-page submission to the ALRC in January. Curtis said disclosing a major data breach would be proportional to the severity of the incident but will provide a strong incentive for organisations to secure their data.Andrew Hayne, acting director of Policy at the OPC said in February that a requirement to notify significant data breaches would also encourage organisations and agencies to take adequate steps in the first place to ensure information is secure.However, speaking at the SecurityPoint 2008 conference in Sydney he said the ALRC has supported the idea of data breach notification requirements. However, the details of how such a requirement should neither impose or be an unreasonable burden on agencies was a concern. Gartner analyst, Andrew Walls, said he would at least like to see mandatory disclosure to government by business or any other organisation in the case of a breach, similar to that in Singapore.“You don’t tell anyone else you tell the government,” said Walls. “That will allow the government to monitor and be aware of the level of breaches and failures in the country.“We are not in a place to know that.”“People like myself have been making noise for a long time saying that the privacy act as it stands is not even regulary enforced.”Industry will require clear guidelines and organsations will want to have their legal right clear, added Walls. The Australian Law Reform Commission President, Prof David Weisbrot AM and Commissioner in charge of the Inquiry, Prof Les McCrimmon will be present at the launch.The ALRC said it is undable to comment on the specifics of the report until the report is released.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.