TY - JOUR
T1 - Strengthening data privacy
T2 - the obligation of organisations to notify affected individuals of data breaches
AU - Selvadurai, Niloufer
AU - Kisswani, Nazzal
AU - Khalaileh, Yaser
PY - 2019
Y1 - 2019
N2 - The Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth) introduced a new Part IIIC into the Privacy Act to strengthen the existing information privacy laws by requiring the designated organisations to notify the Information Commissioner and affected individuals of data breaches that are likely to cause serious harm. The objective of this article is to consider the proper public policy basis for data breach notification laws, the likely ambit of operation of the new provisions and the merits of the law in enhancing data security. Whilst the article focuses on the Australian legislative framework, the provisions European Union’s new General Data Protection Regulation 2016/679, 27 April 2016, will also be considered to extend the discussion of appropriate law in this area. The article will conclude by identifying continuing areas of concern and suggesting initiatives to further strengthen the data privacy of individuals.
AB - The Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth) introduced a new Part IIIC into the Privacy Act to strengthen the existing information privacy laws by requiring the designated organisations to notify the Information Commissioner and affected individuals of data breaches that are likely to cause serious harm. The objective of this article is to consider the proper public policy basis for data breach notification laws, the likely ambit of operation of the new provisions and the merits of the law in enhancing data security. Whilst the article focuses on the Australian legislative framework, the provisions European Union’s new General Data Protection Regulation 2016/679, 27 April 2016, will also be considered to extend the discussion of appropriate law in this area. The article will conclude by identifying continuing areas of concern and suggesting initiatives to further strengthen the data privacy of individuals.
KW - notifiable data breaches
KW - personal data
KW - privacy
UR - http://www.scopus.com/inward/record.url?scp=85029906474&partnerID=8YFLogxK
U2 - 10.1080/13600869.2017.1379368
DO - 10.1080/13600869.2017.1379368
M3 - Article
SN - 1360-0869
VL - 33
SP - 271
EP - 284
JO - International Review of Law, Computers and Technology
JF - International Review of Law, Computers and Technology
IS - 3
ER -