Get all your news in one place.
100’s of premium titles.
One app.
Start reading
AAP
AAP
Politics
Tess Ikonomou

Tough fines for serious data breaches

Companies failing to protect sensitive data would face huge fines under proposed new laws. (Ellen Smith/AAP PHOTOS) (AAP)

Companies failing to protect sensitive data will face huge fines under laws to be introduced by the Albanese government.

The legislation massively increases the current penalty for serious or repeated breaches from $2.22 million to whichever is the greater of $50 million, 30 per cent of the company's turnover in the relevant period, or three times the value of any benefit gained from the stolen data.

The bill, to be introduced to parliament next week, comes during the fallout of the massive Optus data hack, and a cyber attack on private health insurance provider Medibank.

Attorney-General Mark Dreyfus said the government was committed to strengthening privacy laws.

"I look forward to support from across the parliament for this bill, which is an essential part of the government's agenda to ensure Australia's privacy framework is able to respond to new challenges in the digital era," he said.

The legislation will beef up the powers of the Australian Information Commissioner to resolve privacy breaches, and bolster information sharing with the Australian Communications and Media Authority.

The notifiable data breaches scheme will be boosted to ensure the commissioner has a complete picture of the information compromised, to be able to provided a risk assessment of harm for people.

A review of the privacy act will be completed by the end of this year, with recommendations to be handed down for further reforms.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.