The Federal Court has ordered Australian Clinical Labs (ACL) to pay AU$5.8 million in civil penalties following a 2022 data breach involving its then-newly acquired Medlab Pathology business. The breach affected over 223,000 individuals whose data was accessed and infiltrated by malicious actors and is one of Australia’s most significant healthcare cyber incidents.
Read MoreBy: Cameron Abbott, Rob Pulham, and Stephanie Mayhew
This week the Australian Government released its Final Report on the Age Assurance Technology Trial. Its findings will underpin the coming into effect of new rules to implement the social media minimum age limit laws, required to be in place by December 10.
Read MoreBy: Amigo Xie, Dan Wu and Sarah Kwong
On 18 July 2025, China’s Cyberspace Administration (CAC) officially launched its online portal (Portal) for registration of China Data Protection Officers (China DPO). This operationalizes the requirements under Article 52 of the Personal Information Protection Law (PIPL).
Read MoreBy: Dr Thomas Nietsch and Andreas Müller
Under the Regulation (EU) No 524/2013 on online dispute resolution for consumer disputes (ODR Regulation) traders established in the European Union (EU) who sell or offer products or services online to consumers residing in the EU are required to provide an easily accessible and clickable link to the EU’s ODR Platform on their websites to enable consumer to resolve disputes regarding the obligations stemming from the online sales or service contracts out of court. Until now…
Read MoreBy: Corey Bieber and Guillermo Christensen
K&L Gates partners Corey Bieber and Guillermo Christensen have published an article in Volume 2 of the June 2025 edition of CPI Antitrust Chronicle.
Read MoreBy: Cameron Abbott, Rob Pulham, Stephanie Mayhew and Emre Cakmakcioglu
In Australia, last week was the 2025 Privacy Awareness Week (PAW), with this year’s theme ‘Privacy – it’s everyone’s business’. Among other things in PAW, the Office of the Australian Information Commissioner (OAIC) produced a Privacy Foundations self-assessment tool, which provides a privacy maturity score on the basis of tenets such as Accountability, Transparency, Collection and Data breach management. The tool, and PAW more broadly emphasise that privacy is not just about compliance, but good business and building trust. NSW, Vic and QLD state governments have each run parallel PAW events.
Read MoreBy Dr. Thomas Nietsch and Andreas Müller
On July 24, 2024, the OLG Hamm ruled that claims for moral damages under Art. 82 GDPR are generally assignable (case number: 11 U 69/23).
Read MoreBy Cameron Abbott, Rob Pulham, Stephanie Mayhew, Dadar Ahmadi-Pirshahid and Lauren Hrysomallis
A new Cyber Security Act is set to be unveiled in Parliament’s next sitting from 12 August, as reported by the ABC. The proposed Act would require Australian businesses and government bodies to disclose when they make a ransom payment to cybercriminals in the event of a hack, or face penalties of up to AU$15,000 for failing to notify.
Read MoreBy Cameron Abbott and Rob Pulham
In their recent article available here, Katie Staba and Corey Bieber from our Chicago office discuss emerging advertising technology issues, including new applications of the California Invasion of Privacy Act and the Video Privacy Protection Act.
By Cameron Abbott, Rob Pulham, Stephanie Mayhew and Jordan Booth
Cybernews has reported on its researchers’ discovery of what could be the largest leaked password compilation of all time, with a record 9,948,575,739 plaintext passwords in a file called “rockyou2024.txt” (see article).
Read MoreCopyright © 2025, K&L Gates LLP. All Rights Reserved.