Enforcement – Cyber Law Watch

You’ve Got (Junk) Mail: Optus Slammed with $504k Fine For Spam Law Breach

Feb 17 2020

By Cameron Abbott, Max Evans and Florence Fermanis

Optus has been fined $504,000 by the Australian Communications and Media Authority (ACMA) for breaching spam laws, according to articles by the ABC and the SMH. The fine is the second largest in ACMA’s history to be awarded, being just $6,000 shy of the $510,000 fine which was slapped on Telstra in 2014 for missing service standards for urban landline connections.

Despite customers notifying Optus of their wish to opt-out or unsubscribe from such messages, an ACMA investigation found that customers still received the relevant messages, resulting in more than 2 million breaches to the Spam Act 2003 (Cth). Rather than a ‘one-off’ issue, it was found that Optus had systemic deficiencies with their compliance procedures and governance.

Double-Edged Sword: Cambridge Analytica Whistle-Blower exposes the dual nature of Technology

Dec 01 2019

By Cameron Abbott, Max Evans and James Gray

In his cautionary tale, 1984, author George Orwell spoke of a paradigm where the unregulated use of powerful technology, referred to as “telescreens”, manifested a society beholden to the ethics of the controller. This paradigm is perhaps more real than ever, according to an article by Reuters.

By exploring the views of Cambridge Analytica whistle-blower Christopher Wylie, the article advises that the deep, multifaceted involvement of big tech companies in consumers’ lives, the ultimate dependence that arises from such involvement and the overwhelming vulnerability of such consumers renders tech companies “too big to fail”. Wylie argues that the vast imbalance of power and information in favour of these companies over users is resulting in a constant scrambling by regulators to control the rapid adoption of such technology forms.

Insufficiency meets Punishment: Polish DPA issues largest fine for Insufficient Security and Organisational Measures

Oct 29 2019

By Cameron Abbott and Max Evans

Further to the Facebook and Tesco scandals, and the apparent statistic increase of enforcement fines issued, the Polish Data Protection Authority has issued a landmark fine of €645,000 against online retail company morele.net for insufficient security and organisational measures violating data confidentiality and integrity principles prescribed in the EU’s General Data Protection Regulation.

The OAIC engages in more in-depth investigations and stronger exercise of its power

Jun 28 2019

By Cameron Abbott, Rob Pulham and Jacqueline Patishman

Following two key data incidents concerning how the Commonwealth Bank of Australia (CBA) handled data, the OAIC has successfully taken court action binding the banking heavyweight to “substantially improve its privacy practices”.

As a quick summary of the incidents, the first incident involved the loss of magnetic storage tapes (which are used to print account statements). These contained historical customer data including customer statements of up to 20 million bank customers. In 2016, the CBA was unable to confirm that the two magnetic tapes were securely disposed of after the scheduled destruction by a supplier.

PwC’s Enforcement Tracker finds a large increase in fines for privacy breaches in the UK

Jun 03 2019

By Cameron Abbott and Rebecca Gill

PwC’s UK Privacy & Security Enforcement Tracker has found that fines in the UK over data protection law violations totalled £6.5 million in 2018, a £2 million increase from 2017.

The Tracker analysed data protection enforcement actions by the UK Information Commissioner’s Office (ICO), including monetary fines, prosecutions and undertakings. The Tracker shows that the total sum of fines increased from 2017, but the number of ICO enforcements fell to 67 in 2018 from 91 in 2017.

Tag:Enforcement