By -

Key developments

  • Privacy amendments and a new mandatory notification of data breach scheme
  • Proposed condition for the disbursal of donated funds following disaster appeals
  • ALRC Consultation Paper on Judicial Impartiality
  • Inquiry into the coronial jurisdiction in NSW
  • Disability Discrimination Act 1992 (Cth): reform of reasonable adjustment provisions following Sklavos v Australasian College of Dermatologists
  • Australian National Contact Point Peer Review 2021
  • A new decision-making framework for property matters in Family Law

Privacy amendments and a new mandatory notification of data breach scheme

The Privacy and Data Law Committee contributed to a letter to the Department of Customer Service on the draft Privacy and Personal Information Protection Amendment Bill 2021, which would establish a mandatory notification of data breach (‘MNDB’) scheme in NSW.

The letter noted that we strongly support the introduction of a mandatory reporting scheme for data breaches in NSW by public sector agencies, and that, so far as possible, such a scheme should mirror the Commonwealth MNDB scheme.

The letter noted a number of issues, however, including:

  1. The Government should consider additional mechanisms to enhance data protection by encouraging a focus on a ‘just culture’ (shared accountability) approach to managing
    security of personal information;
  2. Such a scheme should avoid duplication with the Commonwealth scheme so far as reasonably practical by limiting its application to agencies / breaches not covered under the Commonwealth scheme;
  3. We queried the difference in language between the Draft Bill and corresponding provisions under the Commonwealth scheme which enliven a public sector agency’s obligation to assess whether a data breach is an ‘eligible data breach’. On our reading, there is a higher threshold for engagement of the assessment requirements under the proposed NSW scheme, which may have been unintended and may result in underreporting of eligible data breaches in NSW; and
  4. While we retain concerns with the ‘serious harm’ threshold, in the interests of consistency, we do not oppose its introduction, but suggest that at the least, it should be better articulated (whether in the legislation or elsewhere) that ‘serious’ means sufficiently substantial (including distress) to not be trivial, and that the standard be applied to any of the affected cohort.

You've reached the end of this article preview

There's more to read! Subscribe to LSJ today to access the rest of our updates, articles and multimedia content.

Subscribe to LSJ

Already an LSJ subscriber or Law Society member? Sign in to read the rest of the article.

Sign in to read more