[AusNOG] Mandatory data breach notification will become law in Australia
Matt Perkins
matt at spectrum.com.au
Tue Feb 28 10:17:49 EST 2017
The commercial realty is that if you are not complaint with a whole host
of standards and have good insurance and are compiling with the terms
of that insurance your likely already doing everything the law requires
anyway and Medical/Financial people wont deal with you unless you can
prove that.
All this will provide is more reporting and more red tape.
Matt.
On 28/2/17 10:02 am, Matt Smee wrote:
>
> “Why can these things not be decided on profit.”
>
> I agree.
>
> All organisations should have to comply with this law - regardless of
> their profits. If my financial, medical and/or personal data is being
> held big BigCorpX or LittleLocalY it doesn’t matter to me, the
> citizen, what their profits are - the outcome if that data is
> mishandled or stolen is the same either way.
>
> However, we’re a long way from that being a reasonable requirement of
> every business, not until the general public and business folk are
> more educated around IT and perhaps even infosec can this be
> reasonably expected.
>
> “There's a lot of small operators that collect 3 million and then turn
> over the bulk of that AAPT/Telstra/Optus/Vocus . “
>
> Correct me if I’m wrong, but that doesn’t sound but profit but more an
> expense/cost of operations.
>
> **
>
> Cheers,
>
> Matt.
>
> *From: *AusNOG <ausnog-bounces at lists.ausnog.net> on behalf of Matt
> Perkins <matt at spectrum.com.au>
> *Date: *Tuesday, 28 February 2017 at 9:42 am
> *To: *Robert Hudson <hudrob at gmail.com>
> *Cc: *"ausnog at lists.ausnog.net" <ausnog at lists.ausnog.net>
> *Subject: *Re: [AusNOG] Mandatory data breach notification will become
> law in Australia
>
> Im suggesting that more and more government regulation does but one
> thing push small guys out of the market. It wont just be a reporting
> requirement but there will be forms reports. Reporting officers etc
> etc. It's not the reporting requirement I have a problem with it's all
> the red tape that's going to go with it.
>
> The government needs to learn that 3million turnover is not a large
> business. Why can these things not be decided on profit. There's a
> lot of small operators that collect 3 million and then turn over the
> bulk of that AAPT/Telstra/Optus/Vocus .
>
> Yet the government treats them like AAPT/Telstra/Optus/Vocus
>
>
> On 28/2/17 7:22 am, Robert Hudson wrote:
>
> Hi Matt,
>
> Are you suggesting that you believe that this change is just more
> "red tape", rather than a win for the individual with regards to
> knowing if their PII may have, for whatever reason, fallen into
> the wrong hands, and may be used for less-than-satisfactory (from
> the perspective of said individual) purposes?
>
> If you feel that adequately protecting and reporting on loss of
> PII belonging to other individuals is an onerous task that you
> shouldn't need to be part of, you could always not collect/store
> PII. Less red tape that way!
>
> Regards,
>
> Robert
>
> On 27 Feb 2017 10:20 PM, "Matt Perkins" <matt at spectrum.com.au
> <mailto:matt at spectrum.com.au>> wrote:
>
> Didn't they say this was the government that would slash red
> tape ?
>
> Matt
>
>
>
> --
> /* Matt Perkins
> Direct 1300 137 379 Spectrum Networks Ptd. Ltd.
> Office 1300 133 299 matt at spectrum.com.au
> <mailto:matt at spectrum.com.au>
> Fax 1300 133 255 Level 6, 350 George Street
> Sydney 2000
> SIP 1300137379 at sip.spectrum.com.au
> <mailto:1300137379 at sip.spectrum.com.au>
> Google Talk MattAPerkins at gmail.com
> <mailto:MattAPerkins at gmail.com>
> PGP/GNUPG Public Key can be found at http://pgp.mit.edu
> <http://pgp.mit.edu>
> */
>
>
> > On 27 Feb 2017, at 6:23 pm, Chris Legg <cdlegg at iinet.net.au
> <mailto:cdlegg at iinet.net.au>> wrote:
> >
> > Copied from another source:
> >
> >
> > Australia will have a mandatory data breach notification
> scheme in place within the year after several aborted
> attempts, following the passage of legislation through the
> senate on Feb 13th.
> >
> >
> http://www.theaustralian.com.au/business/technology/data-breach-scheme-to-become-law/news-story/8c2765681201c0d1c58ece2ebc3022c5
> >
> > This ruling applies to all government entities and
> organizations with a turnover greater than $3 million a year.
> Entities with turnover of less than $3 million a year fall
> outside the legislation.
> >
> > The newly passed law means organizations that determine they
> have been breached or have lost data will need to report the
> incident to the Privacy Commissioner and notify affected
> customers as soon as they become aware of a breach.
> > _______________________________________________
> > AusNOG mailing list
> > AusNOG at lists.ausnog.net <mailto:AusNOG at lists.ausnog.net>
> > http://lists.ausnog.net/mailman/listinfo/ausnog
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net <mailto:AusNOG at lists.ausnog.net>
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
> --
> /* Matt Perkins
> Direct 1300 137 379 Spectrum Networks Ptd. Ltd.
> Office 1300 133 299matt at spectrum.com.au <mailto:matt at spectrum.com.au>
> Level 6, 350 George Street Sydney 2000
> Spectrum Networks is a member of the Communications Alliance & TIO
> */
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
--
/* Matt Perkins
Direct 1300 137 379 Spectrum Networks Ptd. Ltd.
Office 1300 133 299 matt at spectrum.com.au
Level 6, 350 George Street Sydney 2000
Spectrum Networks is a member of the Communications Alliance & TIO
*/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20170228/e8a889d6/attachment.html>
More information about the AusNOG
mailing list