Mandatory data breach reporting Bill enacted in Australia

Current site :    AU   |   EN
China Hong Kong SAR
United Kingdom
United States

This article was written by Charles Davies. 

The Privacy Amendment (Notifiable Data Breaches) Bill 2016 was passed by the Australian Parliament on 13 February 2017. The Bill is the third attempt by the Australian Parliament to introduce mandatory data breach notification laws into Australia. Our previous commentary on the content of this Bill is available here.

The Bill was supported by both major political parties in the form in which it was introduced to the House of Representatives on 19 October 2016. Senator Scott Ludlam of the Australian Greens proposed a number of amendments to the Bill, but those amendments were not adopted. The substantive provisions of the Bill will come into force on the earlier of a date to be fixed by proclamation or 12 months from the day it receives Royal Assent.

Amongst the political posturing by the major parties was a comment of interest on a different area of Australian privacy law reform. Senator Penny Wong indicated that the Australian Labor Party would not be supporting the Privacy Amendment (Re-identification Offence) Bill 2016. That Bill was announced by the Attorney-General on 28 September 2016, with the intention that, if enacted, it would apply to conduct that occurred on or after the announcement (rather than from the subsequent date on which the legislation is enacted). The re-identification Bill was introduced to the Senate on 12 October 2016.

Given the potential retroactive effect of the re-identification Bill, it would be prudent for organisations regulated by the Privacy Act 1988 (Cth) to act as if that Bill was in force, at least until its political fate in the Senate is clearer. We intend to provide insights into the detail of the re-identification Bill in a forthcoming publication.

On 2 August 2022, the Aged Care and Other Legislation Amendment (Royal Commission Response) Bill 2022 was passed (Aged Care Bill), introducing important regulatory changes to Australia’s aged care sector. The Bill makes numerous legislative amendments, including to the Aged Care Act 1997 (Cth) (Aged Care Act) and the Aged Care (Transitional Provisions) Act 1997 (Cth) (Transitional Provisions Act), and responds to various recommendations made by the Royal Commission into Aged Care Quality and Safety (Royal Commission) Final Report (Report). The Report identified the provision of substandard aged care services and perceived systemic failures in the aged care sector.[1]

08 August 2022

The Federal Court has refused an application to stay proceedings to quantify compensation for patent infringement (quantum proceedings) pending the outcome of separate parallel proceedings challenging the validity of the infringed patent on new grounds. The case is significant as intellectual property cases are regularly bifurcated with liability determined separately damages or an account of profits. A patentee may also bring consecutive infringement cases and therefore have two separate cases considering invalidity issues for the same patent running in parallel.

03 August 2022

Since the introduction of a nationwide Marketing Authorization Holder (MAH) system in 2019, licenses have linked directly to therapeutic products rather than manufacturers.

03 August 2022