Tag archives: law

A Trend Has Emerged – Third Quarter Report on Data Breaches by the OAIC

The Office of the Australian Information Commissioner (OAIC) recently released its third quarterly report in relation to data breaches notified under the Notifiable Data Breach (NDB) Scheme between 1 July and 30 September 2018. For this quarter, the OAIC received 245 data breach notifications which is on par with the previous quarter. With this being … Continue reading

Cloud cover: 5 tips to mitigate the risks of cloud computing services

In mid-2017, the Australian Bureau of Statistics revealed that almost a third of sampled businesses are using commercial cloud computing services.  This year, Gartner reported Australian businesses will spend $4.6 billion on cloud services (an 18.5% increase from last year). Below we highlight some of the risks for businesses associated with the use of cloud … Continue reading

Cyber Risk for D&O – Steps to Mitigate

Think of one of the greatest nightmares of your professional life. For the management team of a corporation and their in-house counsel, there are few more nightmarish days than when they receive a call from the IT department reporting unauthorised activity in the company’s databases. Over the next few days, the fog lifts and it … Continue reading

Skills Down, Claims Up: What the Infrastructure Boom Means for Insurers

The recent collapse of a 50 year-old suspension bridge in Genoa Italy is a stark reminder of the devastating impact that failed infrastructure projects can have. Roads and rail, hospitals and schools, airports and stadiums: there’s no doubt Australia is going through a turbulent infrastructure boom, perhaps its biggest yet. The Federal government has announced … Continue reading

Data breaches notifications are on the rise

As many readers know, the Notifiable Data Breach Scheme (NDB Scheme) came into force on 22 February 2018.  It has resulted in changes to Australia’s privacy law in relation to notification obligations on individuals and organisations that experience an eligible data breach. The Office of the Australian Information Commissioner (OAIC) recently released its second quarterly … Continue reading

Privacy Class Actions Arrive in Australia

Global litigation funder IMF Bentham Ltd (IMF) has launched a representative complaint with the Office of the Australian Information Commissioner (OAIC) seeking, amongst other things, financial compensation for alleged breaches of the Privacy Act 1988 (Cth) by Facebook Inc (Facebook). The action relates to unauthorised access to over 87 million Facebook users’ data by political … Continue reading

 Cyber aggregation risk – the elephant in the cyber room

  Although cyber insurance is seen as one of the biggest opportunities in insurance and reinsurance right now, the risks to insurers and insureds could be equally large. One significant threat is ‘cyber risk aggregation’. What is ‘cyber risk aggregation’? Risk aggregation in the insurance industry refers to multiple claims being generated by the same … Continue reading

The results are in: weekly data breach notifications have increased fivefold!

The Notifiable Data Breach Scheme (NDB Scheme) came into force on 22 February 2018.  It has resulted in changes to Australia’s privacy law in relation to notification obligations on individuals and organisations that experience a data breach.  In this post, we look at the first quarterly report issued by the Office of the Australian Information … Continue reading

Cyber Risk, Data Breaches and the NDB Scheme – What are the Australian Privacy Commissioner’s range of powers?

The Notifiable Data Breach Scheme (NDB Scheme) came into force on 22 February 2018, resulting in various changes to Australia’s privacy law. In previous posts, we have considered: the nature and contents of notification statements; how to identify which data breaches need to be notified; the steps to be taken when an organisation suspects a … Continue reading

Data breach of jointly held information: who is responsible?

The Notifiable Data Breach Scheme (NDB Scheme) came into force on 22 February 2018, resulting in various changes to Australia’s privacy law.  In previous posts, we have considered the nature and contents of notification statements, how to identify which data breaches need to be notified, and the steps to be taken when an organisation suspects … Continue reading

Suspicious of a data breach? You’ve got 30 days to finish your assessment

The Notifiable Data Breach Scheme (NDB Scheme) came into force on 22 February 2018, resulting in various changes to Australia’s privacy law. In previous posts, we have considered the nature and contents of notification statements, and how to identify which data breaches need to be notified. Those posts set out the notification requirements where an … Continue reading

I’ve been breached! Do I need to notify?

The Notifiable Data Breach Scheme (NDB Scheme) came into force on 22 February 2018, resulting in various changes to Australia’s privacy law.  In this post, we look at how to identify which data breaches are “eligible data breaches” and need to be notified to the OAIC and affected individuals under the NDB Scheme. Which data … Continue reading

Data Breach Notification is now the law – Preparing a Notification Statement

The day has arrived. 22 February 2018. After years of debate and plentiful discussion, Australia now has a notifiable data breach scheme (NDB Scheme). As a result there are various changes to privacy law in Australia and it is important for all organisations to know whether the new laws impact their business and how to … Continue reading

Mandatory Data Breach Notification – OAIC provides additional information

The Notifiable Data Breaches scheme (NDB scheme) takes effect in Australia in less than a month – organisations must comply with the scheme from 22 February 2018. In preparation for the introduction of the NDB scheme, the Office of the Australian Information Commissioner (OAIC) has provided an update and published its fact sheets in final … Continue reading

What Australia’s new data breach notification law means for privacy and serious harm

Despite unprecedented levels of privacy breaches and ongoing debate, there is still no statutory regime or binding common law in Australia that establishes a cause of action for breach of privacy.  However, the upcoming introduction of the mandatory data breach notification law, the Privacy Amendment (Notifiable Data Breaches) Act 2017 – which takes effect on … Continue reading

“Personalities in the Law: The Lawyers”

With no medical or psychological training other that my 35 years on this earth, I strongly believe that the litigation process for any single claim is largely dependent on the personalities of those involved. This does not just include the clients (who are obviously emotionally involved in a dispute) but also the solicitors and even … Continue reading
LexBlog