Journal article
Contradictions and inconsistencies in Australia's mandatory data breach notification laws
Computer Law & Security Review, Vol.42, pp.1-11
2021
Abstract
This article critically examines the objectives and practical operation of Australia's mandatory data breach notification [MDBN] law. We find that the scope and application of Aus-tralia's law do not reflect the legislative objectives underpinning the law. The wording of the law is ambiguous, and it is beset by conceptual inconsistencies. The law also fails to adequately consider the needs of individuals whose personal information has been compromised in a data breach. As a result, Australia's MDBN law is unlikely to meet the needs of organisations that have experienced a data breach, or of individuals who are notified. We conclude by identifying options for reform to better reflect the law's rationale and to better achieve its objectives. Comparisons are made with similar laws in force in the United States and with the General Data Protection Regulation.
Details
- Title
- Contradictions and inconsistencies in Australia's mandatory data breach notification laws
- Authors
- Dennis Gibson (Author) - University of the Sunshine Coast, Queensland, School of Science, Technology and EngineeringClive Harfield (Author) - University of the Sunshine Coast, Queensland, School of Science, Technology and Engineering
- Publication details
- Computer Law & Security Review, Vol.42, pp.1-11
- Publisher
- Elsevier Advanced Technology
- Date published
- 2021
- DOI
- 10.1016/j.clsr.2021.105600
- ISSN
- 2212-4748; 2212-473X
- Organisation Unit
- School of Science, Technology and Engineering
- Language
- English
- Record Identifier
- 99566008902621
- Output Type
- Journal article
Metrics
38 Record Views
InCites Highlights
These are selected metrics from InCites Benchmarking & Analytics tool, related to this output
- Web Of Science research areas
- Law