Tag:privacy

1
Australian Government contemplates Asimov’s Omnibus
2
Privacy Awareness Week Part V – Return of the Privacy Policy
3
Privacy Awareness Week Part IV – Privacy Priorities
4
Privacy Awareness Week Part III- The importance of being privacy prepared
5
Privacy Awareness Week Part II- Get in the know and get privacy right
6
Privacy Awareness Week Part I- The state of play
7
Proposed cyber ransom bans predicted to cause “catastrophic damage”
8
Optus faces the mother-of-all data breach class actions
9
Facebook’s face-off with the OAIC to proceed says High Court of Australia
10
Breaking Down the Privacy Act Review Report #3: Removal of the Small Business Exemption

Australian Government contemplates Asimov’s Omnibus

Jun 22 2023
Browse archives for June 22, 2023
Posted in

Government Regulation, Legislation & Enforcement, Legal & Regulatory Risk, New Developments, Privacy, Data Protection & Information Management

Tagged with , , , , ,
Share

By Cameron Abbott, Daniel Knight, Rob Pulham, Stephanie Mayhew, and Dadar Ahmadi-Pirshahid

Amid the rapid acceleration of tools like ChatGPT and global calls for tailored regulation of artificial intelligence tools, the Australia Federal Government has released a discussion paper on the safe and responsible use of AI. The Government is consulting on what safeguards are needed to ensure Australia has an appropriate regulatory and governance framework to manage the potential risks, while continuing to encourage uptake of innovative technologies.

Read More

Privacy Awareness Week Part V – Return of the Privacy Policy

May 05 2023
Browse archives for May 05, 2023
Posted in

Government Regulation, Legislation & Enforcement, Legal & Regulatory Risk, Privacy, Data Protection & Information Management

Tagged with , , , ,
Share

By Cameron Abbott, Rob Pulham, Stephanie Mayhew and Dadar Ahmadi-Pirshahid

You’ve reached the end of a long week, riddled with proselytising about the importance of being privacy aware and privacy prepared. You get it! You lay your head to a well-earned rest…and like Kate McCallister wake screaming “Privacy Policy”! In true “back-to-basics” fashion, the privacy policy is getting a reboot!

Read More

Privacy Awareness Week Part IV – Privacy Priorities

May 04 2023
Browse archives for May 04, 2023
Posted in

Breaches, Government Regulation, Legislation & Enforcement, Legal & Regulatory Risk, Privacy, Data Protection & Information Management

Tagged with , , , ,
Share

By Cameron Abbott, Rob Pulham and Stephanie Mayhew

Given the current privacy reform and cyber threat environment, the question we get asked a lot is – what are the privacy risks that should be assessed in our organisation and how do we prioritise these? Unfortunately this isn’t always a ‘one size fits all’ answer but there are some basic matters you can check as to whether your organisation is considering privacy risks proactively.

Read More

Privacy Awareness Week Part III- The importance of being privacy prepared

May 03 2023
Browse archives for May 03, 2023
Posted in

Breaches, Government Regulation, Legislation & Enforcement, Legal & Regulatory Risk, Privacy, Data Protection & Information Management

Tagged with , , , ,
Share

By Cameron Abbott, Rob Pulham, Stephanie Mayhew and Dadar Ahmadi-Pirshahid

The APPs require organisations to “take reasonable steps to implement practices, procedures and systems that ensure compliance with the APPs”. Putting your mind to privacy after a data breach or complaint is very much shutting the stable door after Phar Lap has bolted (good luck getting him back!)

Good privacy management starts with a good privacy culture in your organisation. Recommended steps to develop this include:

Read More

Privacy Awareness Week Part II- Get in the know and get privacy right

May 02 2023
Browse archives for May 02, 2023
Posted in

Breaches, Government Regulation, Legislation & Enforcement, Legal & Regulatory Risk, Litigation of Data Breaches, Privacy, Data Protection & Information Management

Tagged with , , , ,
Share

By Cameron Abbott, Rob Pulham, and Stephanie Mayhew

With the cyber threat landscape significantly evolving, we are seeing companies – large and small – experience attacks. Recent high-profile attacks have shown that these breaches are alarming, targeting a range of sectors. With millions of Australians more concerned about their privacy than ever before, the federal government is making privacy a priority with the Attorney-General’s Department recently releasing 116 recommendations to amend the Privacy Act. The federal government has also made proposals to consider a new Cyber Security Act and strengthen existing laws around this space. 

Read More

Privacy Awareness Week Part I- The state of play

May 01 2023
Browse archives for May 01, 2023
Posted in

Breaches, Government Regulation, Legislation & Enforcement, Legal & Regulatory Risk, Litigation of Data Breaches, Privacy, Data Protection & Information Management

Tagged with , , , ,
Share

By Cameron Abbott, Rob Pulham, and Stephanie Mayhew

The theme of this year’s Privacy Awareness Week (PAW) is “back to basics”. It’s fitting to consider some lessons arising from recent high-profile breaches affecting millions of Australians, and the consistent messages we’ve been hearing from the Australian Information Commissioner in the midst of those incidents.

Data breaches can happen to anyone. We know cyberattacks can be big business, and sophisticated criminal networks make a good living from these. And if your organisation has taken reasonable steps to avoid or mitigate such breaches, the fact you’ve encountered one will not, of itself, be held against you.

Read More

Proposed cyber ransom bans predicted to cause “catastrophic damage”

Apr 27 2023
Browse archives for April 27, 2023
Posted in

Breaches, Government Regulation, Legislation & Enforcement, Legal & Regulatory Risk, Litigation of Data Breaches, Managing Threats & Attacks, Privacy, Data Protection & Information Management

Tagged with , , , , , ,
Share

By Cameron AbbottRob PulhamStephanie Mayhew and Dadar Ahmadi-Pirshahid

We saw last year how low hackers are willing to stoop to shame companies into paying ransoms, including leaking sensitive information aimed at embarrassing individuals affected by data breaches. As a result we also saw prominent calls for ransom payments to be ‘banned’, to reduce the financial incentives for hackers to target Australians’ personal information.

We are now hearing the flipside to that argument, with AGL Energy warning that a government-imposed ban on companies paying cyber ransoms to hackers could cause “catastrophic damage”.

Read More

Optus faces the mother-of-all data breach class actions

Apr 25 2023
Browse archives for April 25, 2023
Posted in

Litigation of Data Breaches

Tagged with , , ,
Share

By Cameron Abbott, Rob Pulham, Stephanie Mayhew and Dadar Ahmadi-Pirshahid

The data breach that affected 9.8 million Australians and resulted in the personal information of 10,000 Optus customers being exposed on the dark web in September last year will be litigated in a class action lawsuit filed last Friday (21 April) in the Federal Court of Australia.

Read More

Facebook’s face-off with the OAIC to proceed says High Court of Australia

Mar 14 2023
Browse archives for March 14, 2023
Posted in

Litigation of Data Breaches, Privacy, Data Protection & Information Management

Tagged with , , ,
Share

By Cameron Abbott, Rob Pulham, Stephanie Mayhew and Dadar Ahmadi-Pirshahid

Proceedings led by the Office of the Australian Information Commissioner (OAIC) against Facebook, Inc. (Facebook) for their role in the Cambridge Analytica scandal will finally proceed in the Federal Court of Australia.

Read More

Breaking Down the Privacy Act Review Report #3: Removal of the Small Business Exemption

Mar 03 2023
Browse archives for March 03, 2023
Posted in

Uncategorized

Tagged with , ,
Share

By Cameron AbbottRob Pulham and Stephanie Mayhew

Currently, most small businesses (with some exceptions) are not covered by the Privacy Act – with the threshold shaping a small business being an annual turnover of $3 million or less. However the Attorney General’s Department recognises that Australians want their privacy protected and that small businesses shouldn’t be excepted from this.

In the long term, proposal 6.1 seeks to remove the small business exemption but only after:

  • an impact analysis has been undertaken
  • appropriate support is developed
  • in consultation with small businesses, the most appropriate way for small business to meet their obligations is determined (propionate to the risk) – e.g. through a code, and
  • small businesses are in a position to comply with these obligations.

Proposal 6.2, in the shorter term, seeks to ensure that small businesses comply with the Privacy Act in relation to the collection of biometric information and remove the exemption from the Privacy Act for small businesses that obtain consent to trade in personal information (trading in personal information will mean the Privacy Act applies).

Read More

Copyright © 2024, K&L Gates LLP. All Rights Reserved.