In preparation for the implementation of the first phase of the Consumer Data Right on 1 July 2019 the ACCC has released draft CDR Rules for consultation The draft rules detail how the CDR will function across all designated sectors in practice including how data is to be shared the criteria for ...

On 15 August the Federal Government released exposure draft legislation that if passed will establish an economy-wide consumer-directed data transfer system The latest sprint in a marathon of reviews reports and recommendations over the past few years that have called for the adoption of some form ...

The release of the exposure draft of the CDR legislation marks the start of a tight turnaround in order for the legislation to be passed in March 2019 particularly as the details and associated instruments have yet to be released The CDR regime has been advertised as producing a wide range of ...

On 24 September Treasury released for public consultation its revised version of the exposure draft legislation that will give effect to the new Consumer Data Right CDR in Australia Reflecting feedback from public consultation on the first tranche of draft legislation that was released on 15 August ...

Uncertainty as to what information constitutes personal information under the Privacy Act will be clarified following the release of guidance from the Office of the Australian Information Commissioner The guide provides insight into how a complaint may be determined and offers key questions for ...

With an upward trend in large-scale ransomware attacks and the number of data breaches reported globally mandatory data breach notification will become law in Australia in February 2018 This will place privacy compliance and cyber security in sharp focus Partner Michael Park Lawyer Samantha Naylor ...

The OAIC has published its first quarterly report setting out statistical information about notifications received under the Notifiable Data Breaches scheme NDB scheme since the NBD scheme took effect on 22 February 2018 ...

Where multiple entities jointly hold personal information compromised in a data breach only one of those entities will need to comply with the assessment and notification requirements under the Notifiable Data Breaches Scheme NDB Scheme That is compliance by one entity will be taken to constitute ...

Five things you didnt know about the NDB Scheme ...

What do the Australian Department of Defence Target Verizon and the Australian Red Cross Blood Service have in common They all suffered massive data breaches linked to a failure in their supply chain These breaches are a good reminder that with so much attention directed at securing your ...