ACCAN calls for data breach notification laws

June 21, 2013

Legislation needs to be brought into force to protect consumers when data breaches occur in relation to their personal information, one major body has said.

The Australian Communications Consumer Action Network (ACCAN) emphasised that this would lead to better security for private and financial information.

At present, a senate committee is receiving submissions on the Privacy Amendment (Privacy Alerts) Bill 2013, which would have far-reaching implications for data security if implemented.

Should the laws come into force, businesses and government agencies will have a legal requirement to inform their consumers whenever their information has been compromised.

Chief executive officer of ACCAN Teresa Corbin explained that these notifications would not be difficult to provide, but could make a real difference.

She noted: "Reducing transparency means consumers can't take steps to protect themselves.

"And if their data has been hacked, not having notifications only helps cyber criminals cover their tracks and disappear before consumers realise they've been ripped off."

Although there are already some measures in place to safeguard consumers when they carry out transactions – such as the payment card industry data security standard – there is still room for further protection to be offered.

ACCAN believes that new legislation will have two major benefits – it will help customers realise which companies are most at risk of data breaches, while encouraging businesses to improve their data handling practices.

Ms Corbin pointed out that the first time the majority of people find out that their data has been compromised is through the media, rather than via the company responsible.

This can lead to anxiety among consumers, whereas a legal requirement for firms to pass on data breach information would help to keep some of this panic at bay.

She stressed that people are unaware of how many data breaches are occurring and, more to the point, who they are affecting.

As a result, people are generally unsure of what is happening to their information and what steps are being taken to protect it, which is something they have the right to know.

This is not the first time that the issue has arisen – back in 2008, the Australian Law Reform Commission recommended that data breach notifications should be made mandatory across the country.

However, this step has yet to be taken despite growing pressure from groups such as ACANN. A decision on the legislation has not yet been decided.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *