Senate debates

Monday, 13 February 2017

Bills

Privacy Amendment (Notifiable Data Breaches) Bill 2016; In Committee

12:38 pm

Photo of Scott LudlamScott Ludlam (WA, Australian Greens) Share this | Hansard source

So the status quo remains. I guess that is confirmation. So it is voluntary for everybody at the moment, and we are tightening the net for some entities but not for political parties. Similarly, then, can the minister explain why it is the government's view that there should be an arbitrary $3 million turnover threshold for disclosure rather than relying on whether or not harm is being done to people through the disclosure of their private information? What is with the $3 million?

I think it was the Australian Bankers' Association which made the point that this potentially puts larger entities who will be subject to obligations under the bill at a commercial or a competitive disadvantage. I think this is probably the first time I have ever quoted the Australian Bankers' Association in here, but there you go! They said:

… small businesses often have the least mature privacy and security capabilities; nevertheless, in the information economy and with modern computing tools, a small business may still have a large customer base, or collect personal information about large numbers of individuals.

That is a statement of fact. I hope there is nothing controversial about that. Why are they not included within the Privacy Act let alone within the ambit of this bill?

Comments

No comments