2021
DOI: 10.1016/j.clsr.2021.105600
|View full text |Cite
|
Sign up to set email alerts
|

Contradictions and inconsistencies in Australia's mandatory data breach notification laws

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

0
5
0

Year Published

2022
2022
2022
2022

Publication Types

Select...
1

Relationship

1
0

Authors

Journals

citations
Cited by 1 publication
(5 citation statements)
references
References 0 publications
0
5
0
Order By: Relevance
“…This further shifts responsibility for managing risks to the affected individual. From the perspective of breached organizations, the immaturity of the data breach response system, 5 and the absence of mechanisms through which organizations are able or required to assist affected individuals, may further entrench the view that data breach notification is simply another regulatory hoop through which they must jump (Gibson and Harfield, 2021). The substantive objectives of notification are lost; instead, notification increasingly becomes a way to address an identified legal risk (non-compliance with mandatory notification requirements) and to shift responsibility to other parties; other parties who may fall subject to serious victimization as a consequence of the data breach.…”
Section: The Policy Response: Mdbnmentioning
confidence: 99%
See 4 more Smart Citations
“…This further shifts responsibility for managing risks to the affected individual. From the perspective of breached organizations, the immaturity of the data breach response system, 5 and the absence of mechanisms through which organizations are able or required to assist affected individuals, may further entrench the view that data breach notification is simply another regulatory hoop through which they must jump (Gibson and Harfield, 2021). The substantive objectives of notification are lost; instead, notification increasingly becomes a way to address an identified legal risk (non-compliance with mandatory notification requirements) and to shift responsibility to other parties; other parties who may fall subject to serious victimization as a consequence of the data breach.…”
Section: The Policy Response: Mdbnmentioning
confidence: 99%
“…This contemplative essay, born from legal analysis of apparent contradictions in MDBN statutory frameworks (Gibson and Harfield, 2021), has considered the nature of victimization related to identity usurpation arising from data breaches, with particular reference to data breaches achieved through ransomware attacks. A complex landscape of victimization and conflicting interests has been observed, which has informed the presentation here of a taxonomy of data breach victimization.…”
Section: Conclusion: Unanticipated Harm Unintended Consequence Amplif...mentioning
confidence: 99%
See 3 more Smart Citations