Australia To Toughen Privacy Laws With Huge Hike in Penalties for Breaches

Australia has confirmed an incoming legislative change will significant strengthen its online privacy laws following a spate of data breaches in recent weeks -- such as the Optus telco breach last month. From a report: "Unfortunately, significant privacy breaches in recent weeks have shown existing safeguards are inadequate. It's not enough for a penalty for a major data breach to be seen as the cost of doing business," said its attorney-general, Mark Dreyfus, in a statement at the weekend. "We need better laws to regulate how companies manage the huge amount of data they collect, and bigger penalties to incentivise better behaviour." The changes will be made via an amendment to the country's privacy laws, following a long process of consultation on reforms. Dreyfus said the Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022 will increase the maximum penalties that can be applied under the Privacy Act 1988 for serious or repeated privacy breaches from the current AUS $2.22 million (~$1.4M) penalty to whichever is the greater of: AUS $50 million (~$32M);3x the value of any benefit obtained through the misuse of information; or30% of a company's adjusted turnover in the relevant period.

Read more of this story at Slashdot.