1-10 of 162 results
Meta's $50M settlement with the OAIC fails to clarify the Privacy Act civil penalty regime
Important aspects of Australian privacy law remain unresolved. These proceedings commenced in March 2020, and were the Office of the Australian Information Commissioner's first attempt to exercise its civil penalty powers ...
First tranche of privacy reforms bring progress but no long-term clarity
The first tranche of reforms to the Privacy Act 1988 (Cth) — the Privacy and Other Legislation Amendment Bill 2024 (the Bill )—will be law after it passed the Senate on 29 November 2024. The Bill ( ...
New cyber incident response obligations for Australian organisations
The Australian Government implemented a suite of reforms to strengthen cyber security laws in Australia through the following Bills: the Cyber Security Bill 2024 (the Cyber Security Bill ); the ...
Defending from within: a guide to insider threat management
More than 35% of all cyber events globally originate inside an organisation—either as a result of error or misuse. This number is growing. ...
Preparing for voluntary standards and mandatory legislation: a deep dive into Australia's evolving AI regulatory landscape
Over the past few weeks, the Australian Government has published a series of standards, proposals and policies which foreshadow the principles likely to be adopted in mandatory AI legislation once introduced. ...
Optus class action privilege claims rejected
The Full Federal Court has refused Optus' appeal from a Federal Court decision rejecting its legal privilege claim over a factual investigation report commissioned in response to a data breach, on the basis that Optus had not established that the report was prepared for the dominant purpose of legal ...
Takeaways from recent guidance on cyber incident disclosure obligations for listed companies
In this Insight, we examine the guidance note and related developments and offer our view as to when disclosure (for the purposes of the ASX listing rule requirements) of cyber incidents should generally only occur. ...
Guide to AI Procurement
As generative artificial intelligence moves from pilot to production, organisations are grappling with the push to rapidly procure AI tools while appropriately managing the risks. ...
Why organisations must embed mental health and wellbeing support into cyber incident response planning
Mental health and wellbeing support for cyber professionals, incident response teams and staff targeted in cyber incidents, is now essential to cyber risk management and incident response planning. ...
AICD's guide for directors on governing through a cyber crisis
The Australian Institute of Company Directors (AICD) published 'Governing through a cyber crisis: cyber incident response and recovery for Australian directors'. We provide our observations, commentary and suggested next steps. ...