Australia will submit laws to parliament to increase penalties for companies subject to major data breaches, Attorney General Mark Dreyfus said, after millions of Australians were hit by high-profile cyberattacks in recent weeks.
Australia’s telecom, financial and government sectors have been on high alert since Singtel-owned Optus, the country’s second-largest telecom provider, announced a hack on September 22 that saw the theft of personal data from up to 10 million accounts.
That attack was followed this month by a data breach at health insurance company Medibank Private, which covers a sixth of Australians, in which personal information from 100 customers was stolen, including medical diagnoses and procedures, as part of a theft of 200 gigabytes of data.
Dreyfus said in an official statement on Saturday that the government would “significantly increase penalties for repeated or serious privacy breaches” next week with changes to privacy laws.
The proposed changes would lift the maximum penalties for serious or repeated invasions of privacy from the current A$2.22 million ($1.4 million) to A$50 million, three times the value of the benefit derived from the misuse of information, or 30% of sales in the relevant period, he said.
When Australians were asked to hand over personal data to companies, they had a right to expect it to be protected, the attorney general said.
“Significant privacy breaches in recent weeks have shown that existing safeguards are inadequate. It is not enough to see a fine for a major data breach as the cost of doing business,” Dreyfus said.
“We need better laws to regulate how companies handle the massive amount of data they collect, and tougher penalties to encourage better behavior.”
The announcement comes after the government announced plans earlier this month to review consumer privacy rules that would help facilitate targeted data sharing between telecommunications companies and banks following the Optus breach.
In the wake of the Optus attack, two Australian regulators opened an investigation into the company, which has come under heavy fire for failing to prevent the hack, one of the largest ever in Australia.
(Except for the headline, this story has not been edited by NewsMadura staff and has been published from a syndicated feed.)