Telcos and security agencies exempted from data breach rules in draft bill

Legislation proposes telecommunications companies, federal police and other agencies not be made to tell people their data has been stolen

Australian law enforcement agencies and telcos that suffer certain types of data breaches are likely to be exempt from rules requiring them to notify the people affected, under a draft bill.

The federal government published on Thursday an exposure draft of mandatory data breach laws that would compel Australian companies - and in some circumstances overseas companies they pass data on to - to notify customers in the event their personal data has been exposed.