Cyber Security

Data Breach Penalty: How Serious Are the Proposed Changes?

The Australian government recently passed a bill to increase financial penalties for data privacy violators, pushing maximum fines for serious or repeated breaches to AU$50 million. The parliament has ‘intensified’ the new bill in response to recent cyberattacks against Australian companies. The most noteworthy incidents were the Optus telecommunication provider data breach that impacted 11 million people and the Medibank insurance firm ransomware attack that exposed the data of 9.7 million. In this article at Bleeping Computer, Bill Toulas explains why the Australian government has ramped up the data breach penalty.

Data Breach Penalty for Law Breaches

The amended data breach penalty for cyber incidents is as follows:

For more giant corporations, law breaches can lead to a fine of,

  • AU$ 50 million, or
  • 30% of adjusted turnover (this will reflect turnover during the breach period and will be a minimum of 12 months), or
  • 3x the value of the benefit obtained through the misuse of information

The updated penalties for individuals include,

  • AU$ 2.5 million, and
  • The criminal sanctions of up to 10 years in jail for cartel conduct

These new maximum penalties represent a five-fold increase from the current liabilities. According to the Australian government, the amended penalties will apply to competition and consumer law breaches. Furthermore, this change will impact a more significant number of foreign organizations conducting business in Australia.

Apart from setting higher fines, the new bill also gives greater powers to the Office of the Australian Information Commissioner (OAIC) to get more involved in the privacy breach resolution and scope determination process,” says Toulas.

What Does This Mean for Businesses?

Businesses must now ensure:

  • They have consumer compliance processes.
  • Staff is well-trained to identify security flaws, empowered to seek advice, and escalate any concerns.
  • Directors, C-suite executives, senior management, and all employees know that competition and consumer law breaches will attract personal liability.

To read the original article, click on

Related Articles

Back to top button

We use cookies on our website

We use cookies to give you the best user experience. Please confirm, if you accept our tracking cookies. You can also decline the tracking, so you can continue to visit our website without any data sent to third party services.