Eden Winokur

Subscribe to all posts by Eden Winokur

Data breaches notifications are on the rise

As many readers know, the Notifiable Data Breach Scheme (NDB Scheme) came into force on 22 February 2018.  It has resulted in changes to Australia’s privacy law in relation to notification obligations on individuals and organisations that experience an eligible data breach. The Office of the Australian Information Commissioner (OAIC) recently released its second quarterly … Continue reading

Privacy Class Actions Arrive in Australia

Global litigation funder IMF Bentham Ltd (IMF) has launched a representative complaint with the Office of the Australian Information Commissioner (OAIC) seeking, amongst other things, financial compensation for alleged breaches of the Privacy Act 1988 (Cth) by Facebook Inc (Facebook). The action relates to unauthorised access to over 87 million Facebook users’ data by political … Continue reading

GDPR is here! What this means for you.

Does your company or organisation (or any of its subsidiaries) monitor, track or target EU data subjects in the context of offering goods or services to them? If the answer is yes, your organisation needs to ensure it is ready to comply with the requirements of the GDPR. What is the GDPR? The European Union … Continue reading

 Cyber aggregation risk – the elephant in the cyber room

  Although cyber insurance is seen as one of the biggest opportunities in insurance and reinsurance right now, the risks to insurers and insureds could be equally large. One significant threat is ‘cyber risk aggregation’. What is ‘cyber risk aggregation’? Risk aggregation in the insurance industry refers to multiple claims being generated by the same … Continue reading

The results are in: weekly data breach notifications have increased fivefold!

The Notifiable Data Breach Scheme (NDB Scheme) came into force on 22 February 2018.  It has resulted in changes to Australia’s privacy law in relation to notification obligations on individuals and organisations that experience a data breach.  In this post, we look at the first quarterly report issued by the Office of the Australian Information … Continue reading

Cyber Risk, Data Breaches and the NDB Scheme – What are the Australian Privacy Commissioner’s range of powers?

The Notifiable Data Breach Scheme (NDB Scheme) came into force on 22 February 2018, resulting in various changes to Australia’s privacy law. In previous posts, we have considered: the nature and contents of notification statements; how to identify which data breaches need to be notified; the steps to be taken when an organisation suspects a … Continue reading

Data breach of jointly held information: who is responsible?

The Notifiable Data Breach Scheme (NDB Scheme) came into force on 22 February 2018, resulting in various changes to Australia’s privacy law.  In previous posts, we have considered the nature and contents of notification statements, how to identify which data breaches need to be notified, and the steps to be taken when an organisation suspects … Continue reading

Suspicious of a data breach? You’ve got 30 days to finish your assessment

The Notifiable Data Breach Scheme (NDB Scheme) came into force on 22 February 2018, resulting in various changes to Australia’s privacy law. In previous posts, we have considered the nature and contents of notification statements, and how to identify which data breaches need to be notified. Those posts set out the notification requirements where an … Continue reading

I’ve been breached! Do I need to notify?

The Notifiable Data Breach Scheme (NDB Scheme) came into force on 22 February 2018, resulting in various changes to Australia’s privacy law.  In this post, we look at how to identify which data breaches are “eligible data breaches” and need to be notified to the OAIC and affected individuals under the NDB Scheme. Which data … Continue reading

Data Breach Notification is now the law – Preparing a Notification Statement

The day has arrived. 22 February 2018. After years of debate and plentiful discussion, Australia now has a notifiable data breach scheme (NDB Scheme). As a result there are various changes to privacy law in Australia and it is important for all organisations to know whether the new laws impact their business and how to … Continue reading

Mandatory Data Breach Notification – OAIC provides additional information

The Notifiable Data Breaches scheme (NDB scheme) takes effect in Australia in less than a month – organisations must comply with the scheme from 22 February 2018. In preparation for the introduction of the NDB scheme, the Office of the Australian Information Commissioner (OAIC) has provided an update and published its fact sheets in final … Continue reading

What Australia’s new data breach notification law means for privacy and serious harm

Despite unprecedented levels of privacy breaches and ongoing debate, there is still no statutory regime or binding common law in Australia that establishes a cause of action for breach of privacy.  However, the upcoming introduction of the mandatory data breach notification law, the Privacy Amendment (Notifiable Data Breaches) Act 2017 – which takes effect on … Continue reading

How to protect your business from cyber threats

Cyber-attacks pose the second largest risk to the economic prosperity of Australia’s major cities, according to a joint report by Lloyd’s and the University of Cambridge. Sydney is proportionately more exposed than New York, Los Angeles, Paris and London, with 17.51% of its total GDP vulnerable to cyber-attacks. To put it in perspective, the risk … Continue reading
LexBlog