Feeds

Australia mulls data breach notification laws

Law enforcement agencies may be exempt

Intelligent flash storage arrays

The Attorney-General’s department has released a discussion paper seeking public input on whether Australia should have mandatory data breach notification laws.

The discussion paper emerges while debate about the department’s proposed data retention regime – under which carriers and ISPs would be required to hold data about their customers’ communication for two years – rages on.

It comes in response to recommendations by the Australian Law Reform Commission that the Privacy Act be amended to require companies to notify the public when a breach takes place. Australia’s Privacy Commissioner, Tim Pilgrim, yesterday told the Australian Financial Review he was concerned at the rising number of un-notified breaches in Australia.

Not yet posted on the AG’s Website, the paper is available from Crikey, here (PDF).

The discussion paper canvasses whether a notification law is required; what the triggers should be for a notification (for example, what likely harm from a data breach is required to demand public notification); who should decide whether notification is needed (for example, whether the notification decision should be delegated to the Privacy Commissioner); the contents and time-frame of notifications; possible penalties; and which organizations should be covered.

It will probably come as no surprise to readers that the paper also asks whether law enforcement should get exemptions.

Submissions are open until 30 November, 2012, and should be sent to Privacy.Consultation@ag.gov.au. ®

Internet Security Threat Report 2014

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Managing SSL certificates with ease
The lack of operational efficiencies and compliance pitfalls associated with poor SSL certificate management, and how the right SSL certificate management tool can help.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.