The Australian Bankers' Association has hit out at government proposals floating the introduction of mandatory data breach notification laws, claiming that they would cause "unnecessary alarm".
Attorney-General Nicola Roxon has published a discussion paper on how to bolster privacy protections for Australians' personal information in digital databases.
Roxon is seeking public input on the issue, asking whether mandatory data breach notification laws should be introduced; what sort of breaches and organisations they should cover; and what should be reported and how quickly.
Says Roxon: "More personal information about Australians than ever before is held online, and several high profile data breaches have shown that this information can be susceptible to hackers. The question we are asking today is should organisations be required by law to make data breach notifications when they occur?"
Similar schemes are in place, or being considered in the US, UK and Ireland. In January the EU set out new rules to make financial services firms and credit card processors report incidents of lost or stolen data within 24 hours of a breach.
But ABA acting chief Tony Burke has voiced opposition to any new laws, telling the Australian newspaper: "Attempting to notify individuals potentially affected could lead to significant levels of community concern, disproportionate to the actual level of risk, which could well be zero."
Submissions can be made until 23 November on the discussion paper, which you can read here:
Download the document now 824.4 kb (PDF File)