Contradictions and inconsistencies in Australia's mandatory data breach notification laws

Journal article


Gibson, Dennis and Harfield, Clive. (2021). Contradictions and inconsistencies in Australia's mandatory data breach notification laws. Computer Law and Security Review. 42, p. Article 105600. https://doi.org/10.1016/j.clsr.2021.105600
AuthorsGibson, Dennis and Harfield, Clive
Abstract

This article critically examines the objectives and practical operation of Australia's mandatory data breach notification [MDBN] law. We find that the scope and application of Australia's law do not reflect the legislative objectives underpinning the law. The wording of the law is ambiguous, and it is beset by conceptual inconsistencies. The law also fails to adequately consider the needs of individuals whose personal information has been compromised in a data breach. As a result, Australia's MDBN law is unlikely to meet the needs of organisations that have experienced a data breach, or of individuals who are notified. We conclude by identifying options for reform to better reflect the law's rationale and to better achieve its objectives. Comparisons are made with similar laws in force in the United States and with the General Data Protection Regulation.

Keywordsdata breach notification; personal information; identity theft; notification threshold
Year2021
JournalComputer Law and Security Review
Journal citation42, p. Article 105600
PublisherElsevier Ltd
ISSN0267-3649
Digital Object Identifier (DOI)https://doi.org/10.1016/j.clsr.2021.105600
Scopus EID2-s2.0-85113846645
Research or scholarlyResearch
Page range1-11
Publisher's version
License
All rights reserved
File Access Level
Controlled
Output statusPublished
Publication dates
Online29 Aug 2021
Publication process dates
Deposited02 Aug 2022
Permalink -

https://acuresearchbank.acu.edu.au/item/8y0vz/contradictions-and-inconsistencies-in-australia-s-mandatory-data-breach-notification-laws

Restricted files

Publisher's version

  • 64
    total views
  • 0
    total downloads
  • 5
    views this month
  • 0
    downloads this month
These values are for the period from 19th October 2020, when this repository was created.

Export as

Related outputs

Covert investigation
Harfield, Clive and Harfield, Karen. (2023). Covert investigation Oxford University Press.
Criminal law for common law states
Harfield, Clive, Hamilton, Mark and Teshome, Aderajew. (2023). Criminal law for common law states LexisNexis.
Deterring drivers : An initiative to reduce car theft and joyriding by young people in Townsville
Dodd, Shannon, Morgan, Morgan, Dillon, Anthony, Lawton, Luke and Harfield, Clive. (2023). Deterring drivers : An initiative to reduce car theft and joyriding by young people in Townsville Brisbane, Australia: Australian Catholic University. https://doi.org/10.26199/acu.8z9v6
Amplifying victim vulnerability : Unanticipated harm and consequence in data breach notification policy
Gibson, Dennis and Harfield, Clive. (2022). Amplifying victim vulnerability : Unanticipated harm and consequence in data breach notification policy. International Review of Victimology. 29(3), pp. 341-365. https://doi.org/10.1177/02697580221107683
Was Snowden virtuous?
Harfield, Clive. (2021). Was Snowden virtuous? Ethics and Information Technology. 23(3), pp. 373-383. https://doi.org/10.1007/s10676-021-09580-4
(Im)material culture : Towards an archaeology of cybercrime
Harfield, Clive Geoffrey and Schofield, John. (2020). (Im)material culture : Towards an archaeology of cybercrime. World Archaeology. 52(4), pp. 607-618. https://doi.org/10.1080/00438243.2021.1882333
Covert investigation
Harfield, Clive and Harfield, Karen. (2018). Covert investigation Oxford University Press.
Undercover policing-a legal-comparative perspective
Harfield, Clive. (2018). Undercover policing-a legal-comparative perspective. In In den Boer, Monica (Ed.). Comparative policing from a legal perspective pp. 153-168 Edward Elgar Publishing Limited. https://doi.org/10.4337/9781785369117.00015
Covert investigation
Harfield, Clive and Harfield, Karen. (2016). Covert investigation Oxford University Press.
Body-worn POV technology : Moral harm
Harfield, Clive Geoffrey. (2014). Body-worn POV technology : Moral harm. IEEE Technology and Society Magazine. 33(2), pp. 64-72. https://doi.org/10.1109/MTS.2014.2319976
Law, morality and the authorisation of covert police surveillance
Harfield, Clive. (2014). Law, morality and the authorisation of covert police surveillance. Australian Journal of Human Rights. 20(2), pp. 133-164. https://doi.org/10.1080/1323-238X.2014.11882153
Police informers and professional ethics
Harfield, Clive. (2012). Police informers and professional ethics. Criminal Justice Ethics. 31(2), pp. 73-95. https://doi.org/10.1080/0731129X.2012.696960