World News | Australia imposes new penalties for companies violating privacy rights

CANBERRA, Oct. 22 (AP) Australia on Saturday proposed tougher penalties for companies that fail to protect customers’ personal data after two major cybersecurity breaches left millions vulnerable to criminals .

Justice Minister Mark Dreyfus said penalties for serious breaches of the Privacy Act would be increased from A$2.2 million ($1.4 million) to A$50 million ($32 million) under amendments to be tabled in Parliament next week. Dollar).

Also read | UK Prime Minister Race: Rishi Sunak becomes the first Conservative Party leadership contender to reach the 100 nomination mark after he has passed the minimum nomination threshold.

If the amount exceeds A$50 million (US$32 million), the company may also be fined 30% of the amount earned for the specified period.

Under the new law, “large companies could face fines of up to hundreds of millions of dollars,” Dreyfus said.

Also read | Russo-Ukraine War: FATF condemns Russian invasion of Kyiv, imposing additional restrictions on Moscow.

“It’s a very, very substantial increase in penalties,” Dreyfus told reporters.

“It’s designed to make companies think. It’s designed to act as a deterrent so that companies can protect Australians’ data,” he added.

Parliament resumed sitting on Tuesday for the first time since mid-September.

Unknown hackers have stolen the personal data of 9.8 million customers of Optus, Australia’s second-largest wireless telecommunications operator, since Parliament last met.

Theft puts more than a third of Australia’s population at risk of identity theft and fraud.

This week, unknown cybercriminals demanded a ransom from Medibank, Australia’s largest health insurer, after they claimed to have stolen 200 GB of customer data including medical diagnoses and treatments.

Medibank has 3.7 million customers. The company said the hackers had proven they held at least 100 personal records.

Thieves reportedly threatened to disclose the medical conditions of prominent Medibank clients.

Dreyfus said both breaches showed “the inadequacy of existing safeguards.”

In addition to failing to protect personal information, the government is concerned that companies hold too much customer data for unnecessarily long periods of time in hopes of monetizing that information.

“We need to make sure that when a data breach happens, the penalty is big enough that it’s a very serious penalty for the company to ignore or ignore, or just pay as part of the cost of doing business,” Dreyfus said.

Dreyfus hopes the proposed amendments will become law within the last four weeks of parliament sitting this year.

Any new penalties will not be retroactive and will not affect Optus or Medibank. (Associated Press)

(This is an unedited and auto-generated story from the Syndicated News feed, the body of the content may not have been modified or edited by LatestLY staff)