Australia has shown its ambition regarding personal information protection and data breach punishment. With the flood of data security incidents in these years, Albanese Government takes immediate action to contain them.
The upcoming Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022 increases the maximum penalties for serious or repeated privacy breaches from the current $2.22 million penalty to whichever is the greater of:
- $50 million;
- three times the value of any benefit obtained through the misuse of information; or
- 30 per cent of a company’s adjusted turnover in the relevant period.
The Bill also provides the Australian Information Commissioner with greater powers to resolve privacy breaches and quickly share information about data breaches to help protect customers.
Simple and proforma data privacy and security compliance, e.g., only privacy policy and internal compliance policy with neither employee awareness training nor Privacy by Design, may not be sufficient or competent to comply with gradually strict privacy laws and regulations.
Data privacy and security compliance practice is an on-going business. Companies shall devote their efforts into privacy protection and seek out legal and compliance opinions from their Data Protection Officer or external privacy counsel for their new products and services.
For more insights on data privacy and security compliance, please contact us.
Resource: