Australian new privacy penalty bill can fine firms up to 50 million dollars

Australian new privacy penalty bill has been amended by the Australian Parliament to improve the country’s privacy and security posture by increasing the penalties to $50 million AUD if a data controller suffer a data breach.

The Australian new privacy penalty bill comes with the following major announcements,

• Penalty of  $50 million AUD for a large-scale data breach.
• 30% of the company’s turnover in the relevant period.
• Three time value of any benefit obtained via misuse of data.

Australian new privacy penalty bill will improve the security posture

Earlier, the Australian privacy penalty bill had a penalty of $2.2 million AUD. The recent cyberattacks on Australia including network breaches, ransomware attacks and other malicious threats, the Australian Parliament has come up with this updated penalty metrics.

As per the official announcement, “The Albanese Labor government has wasted no time in responding to recent major data breaches. We have announced, introduced, and delivered legislation in just over a month. These new, larger penalties send a clear message to large companies that they must do better to protect the data they collect.”

The major cyberattacks were the Optus telecommunications data breach affecting 11 million people followed by Medibank insurance ransomware attack affecting 9.7 million users data.

Apart from the penalties, the Office of the Australian Information Commissioner (OAIC) will get enhanced powers to involve in privacy breach resolution process. The OAIC have mentioned it will do its best to protect the Australian’s personal data and privacy,

The Commissioner Angelene Falk mentioned “The updated penalties will bring Australian privacy law into closer alignment with competition and consumer remedies and international penalties under Europe’s General Data Protection Regulation”.

Comparing other data bills and the Australian new privacy penalty bill

GDPR fines companies around €10 million or up to 2% of the companies global turnover of the preceding fiscal year. Any severe breaches will be €20 million or 4% of global turnover whichever is higher.

Recently, India released its new Personal Data Protection Bill’s final draft to improve the overall security and privacy posture of Indians, limiting how companies can exploit Indian’s personal data.

You can also read what is common among other data protection laws and how is the world moving towards a privacy centric world, and why data will be an expensive currency in future.

Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, and Twitter.

You can reach out to us via Twitter/ Facebook or mail us at admin@thecybersecuritytimes.com for advertising requests.