Data breaches: new Article 29 Working Party guidance

In anticipation of the GDPR, various guidance has been published by the Article 29 Working Party, the body of national EU data regulators. Of most relevance in the cyber context is the guidance on personal data breach notifications; the Article… Read more

Compliant or not: the GDPR is here

The GDPR came into force on 25 May 2018 and brought with it additional rights for individuals and additional obligations for organisations. It also extends its reach beyond European borders and applies not just to companies within the EEA but… Read more

One step closer to Australian data breach class actions

The Privacy Amendment (Notifiable Data Breaches) Act 2016 (Cth), which received assent on 22 February 2017, proposes a number of amendments to the Privacy Act 1988 (Cth) that could act as a trigger for Australian class actions in the data… Read more

New mandatory data breach reporting law passed

The Federal Government has today passed the Privacy Amendment (Notifiable Data Breaches) Act 2016 to amend the Privacy Act 1988 to include mandatory notification of eligible data breaches. This was the government’s third attempt at legislating data breach notification as a… Read more