The Australian government has passed a bill that markedly increases the penalty for companies suffering from serious or repeated data breaches.
To that end, the maximum fines have been bumped up from the current AU$2.22 million to AU$50 million, 30% of an entity’s adjusted turnover in the relevant period, or three times the value of any benefit obtained through the misuse of information, whichever is greater.
The turnover period is the time duration from when the contravention occurred to the end of the month when the incident is officially addressed.
“Significant privacy breaches in recent months have shown existing safeguards are outdated and inadequate,” Attorney-General Mark Dreyfus said in a statement. “These reforms make clear to companies that the penalty for a major data breach can no longer be regarded as the cost of doing business.”
images from Hacker News