Australia is seeking bigger penalties for serious or repeated data privacy breaches. The penalties could be raised as high as $31.57 million from $1.4 million. The announcement comes as Australia has faced a series of cybersecurity incidents that have had serious consequences across the country, such as a recent attack on the insurance group Medibank. The cybersecurity incidents have compromised the customer data of thousands of Australians. The new rules will be detailed in the country’s Privacy Legislation Amendment.
Australia’s Privacy Legislation Amendment Bill was updated in 2022 and can be applied under the Privacy Act 1988 if a company faces serious or repeated privacy breaches that indicate the company is not following best security practices. The Bill will also allow the Information Commissioner to obtain greater power in the resolution of privacy breaches and full insight into a compromised breach so that the risks and harm can be assessed.