14 December 2017
visit www.solutions.lexisnexis.com

Oz banks baulk at data breach notification laws

19 October 2012  |  5139 views  |  1 Sydney Opera House

The Australian Bankers' Association has hit out at government proposals floating the introduction of mandatory data breach notification laws, claiming that they would cause "unnecessary alarm".

Attorney-General Nicola Roxon has published a discussion paper on how to bolster privacy protections for Australians' personal information in digital databases.

Roxon is seeking public input on the issue, asking whether mandatory data breach notification laws should be introduced; what sort of breaches and organisations they should cover; and what should be reported and how quickly.

Says Roxon: "More personal information about Australians than ever before is held online, and several high profile data breaches have shown that this information can be susceptible to hackers. The question we are asking today is should organisations be required by law to make data breach notifications when they occur?"

Similar schemes are in place, or being considered in the US, UK and Ireland. In January the EU set out new rules to make financial services firms and credit card processors report incidents of lost or stolen data within 24 hours of a breach.

But ABA acting chief Tony Burke has voiced opposition to any new laws, telling the Australian newspaper: "Attempting to notify individuals potentially affected could lead to significant levels of community concern, disproportionate to the actual level of risk, which could well be zero."

Submissions can be made until 23 November on the discussion paper, which you can read here:

» Download the document now 824.4 kb (PDF File)

Comments: (1)

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 23 October, 2012, 16:38

I'm surprised that such a regulation doesn't already exist in Australia. There is more than one law in the USA - they have been around for at least 5 years that I know of - which make it mandatory for banks and FIs to disclose any breach of unencrypted data.  TD Bank's recent announcement of data breach was likely in response to the requirements under these laws. The only way customers will accept the Australian Banking Association's claim that the actual level of risk of data breach "could well be zero" is if banks can prove that the compromised data did not lead to any misuse, instead of fervently hoping that it didn't as TD Bank seems to be doing.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

EU data protection overhaul to impose new burdens on banks

EU data protection overhaul to impose new burdens on banks

24 January 2012  |  9321 views  |  1 comments
UK banks breaching data protection rules - Which?

UK banks breaching data protection rules - Which?

26 May 2011  |  10098 views  |  1 comments | 1 tweets

Related company news


Related blogs

Create a blog about this story (membership required)
visit www.thomsonreuters.infovisit www.niceactimize.comvisit www.aciworldwide.com

Top topics

Most viewed Most shared
Deutsche Bank paper hails 'huge' blockchain potentialDeutsche Bank paper hails 'huge' blockchai...
10031 views comments | 16 tweets | 25 linkedin
PSD2: Laying the regulatory foundation for a new age in paymentsPSD2: Laying the regulatory foundation for...
8734 views comments | 17 tweets | 36 linkedin
satelliteRipple completes XRP Lockup
8530 views comments | 3 tweets | 2 linkedin
Alior Bank to use Open API platform and accelerator to create fintech marketplaceAlior Bank to use Open API platform and ac...
7523 views comments | 20 tweets | 11 linkedin
Brits flock to digital-only banksBrits flock to digital-only banks
7148 views 11 comments | 11 tweets | 15 linkedin

Featured job

New York, NY - USA (some flexibility on location)

Find your next job