Contradictions and inconsistencies in Australia's mandatory data breach notification laws

Journal article

Gibson, Dennis and Harfield, Clive. (2021). Contradictions and inconsistencies in Australia's mandatory data breach notification laws. Computer Law and Security Review. 42, p. Article 105600. https://doi.org/10.1016/j.clsr.2021.105600

Publication dates
Authors	Gibson, Dennis and Harfield, Clive
Abstract	This article critically examines the objectives and practical operation of Australia's mandatory data breach notification [MDBN] law. We find that the scope and application of Australia's law do not reflect the legislative objectives underpinning the law. The wording of the law is ambiguous, and it is beset by conceptual inconsistencies. The law also fails to adequately consider the needs of individuals whose personal information has been compromised in a data breach. As a result, Australia's MDBN law is unlikely to meet the needs of organisations that have experienced a data breach, or of individuals who are notified. We conclude by identifying options for reform to better reflect the law's rationale and to better achieve its objectives. Comparisons are made with similar laws in force in the United States and with the General Data Protection Regulation.
Keywords	data breach notification; personal information; identity theft; notification threshold
Year	2021
Journal	Computer Law and Security Review
Journal citation	42, p. Article 105600
Publisher	Elsevier Ltd
ISSN	0267-3649
Digital Object Identifier (DOI)	https://doi.org/10.1016/j.clsr.2021.105600
Scopus EID	2-s2.0-85113846645
Research or scholarly	Research
Page range	1-11
Publisher's version	License All rights reserved File Access Level Controlled
Output status	Published
Online	29 Aug 2021
Publication process dates
Deposited	02 Aug 2022

Permalink -

https://acuresearchbank.acu.edu.au/item/8y0vz/contradictions-and-inconsistencies-in-australia-s-mandatory-data-breach-notification-laws

Restricted files

Publisher's version

(1 files)

75
total views
0
total downloads
0
views this month
0
downloads this month

These values are for the period from 19th October 2020, when this repository was created.

Export as

Related outputs

Risk and Resilience : Mitigating Corruption Vulnerability When Managing Informers

Harfield, Clive Geoffrey. (2024). Risk and Resilience : Mitigating Corruption Vulnerability When Managing Informers. Journal of Criminology and Criminal Justice Studies. 2(2), pp. 199-217. https://doi.org/10.47509/JCCJS.2024.v02i02.05

Covert investigation

Harfield, Clive and Harfield, Karen. (2023). Covert investigation Oxford University Press.

Criminal law for common law states

Harfield, Clive, Hamilton, Mark and Teshome, Aderajew. (2023). Criminal law for common law states LexisNexis.

Deterring drivers : An initiative to reduce car theft and joyriding by young people in Townsville

Dodd, Shannon, Morgan, Morgan, Dillon, Anthony, Lawton, Luke and Harfield, Clive. (2023). Deterring drivers : An initiative to reduce car theft and joyriding by young people in Townsville Brisbane, Australia: Australian Catholic University. https://doi.org/10.26199/acu.8z9v6

Constructing a village memory : significance and story in the Buriton Roll of Honour

Harfield, Clive. (2022). Constructing a village memory : significance and story in the Buriton Roll of Honour. Hampshire Studies (2022). 77, pp. 194-216. https://doi.org/10.24202/hs2022011

Amplifying victim vulnerability : Unanticipated harm and consequence in data breach notification policy

Gibson, Dennis and Harfield, Clive. (2022). Amplifying victim vulnerability : Unanticipated harm and consequence in data breach notification policy. International Review of Victimology. 29(3), pp. 341-365. https://doi.org/10.1177/02697580221107683

Was Snowden virtuous?

Harfield, Clive. (2021). Was Snowden virtuous? Ethics and Information Technology. 23(3), pp. 373-383. https://doi.org/10.1007/s10676-021-09580-4

(Im)material culture : Towards an archaeology of cybercrime

Harfield, Clive Geoffrey and Schofield, John. (2020). (Im)material culture : Towards an archaeology of cybercrime. World Archaeology. 52(4), pp. 607-618. https://doi.org/10.1080/00438243.2021.1882333

Covert investigation

Harfield, Clive and Harfield, Karen. (2018). Covert investigation Oxford University Press.

Undercover policing-a legal-comparative perspective

Harfield, Clive. (2018). Undercover policing-a legal-comparative perspective. In In den Boer, Monica (Ed.). Comparative policing from a legal perspective pp. 153-168 Edward Elgar Publishing Limited. https://doi.org/10.4337/9781785369117.00015

Covert investigation

Harfield, Clive and Harfield, Karen. (2016). Covert investigation Oxford University Press.

Body-worn POV technology : Moral harm

Harfield, Clive Geoffrey. (2014). Body-worn POV technology : Moral harm. IEEE Technology and Society Magazine. 33(2), pp. 64-72. https://doi.org/10.1109/MTS.2014.2319976

Law, morality and the authorisation of covert police surveillance

Harfield, Clive. (2014). Law, morality and the authorisation of covert police surveillance. Australian Journal of Human Rights. 20(2), pp. 133-164. https://doi.org/10.1080/1323-238X.2014.11882153

Police informers and professional ethics

Harfield, Clive. (2012). Police informers and professional ethics. Criminal Justice Ethics. 31(2), pp. 73-95. https://doi.org/10.1080/0731129X.2012.696960