Australia: Privacy and Other Legislation Amendment Act 2024 including cybersecurity regulation was introduced to the House of Representatives

On 12 September 2024, the Privacy and Other Legislation Amendment Act 2024 was introduced to the House of Representatives. The Act would introduce a number of changes to the existing privacy regime, including rules for managing data breaches, such as the creation of an "Eligible Data Breach Declaration" by the Minister in cases of significant privacy risks. This declaration would specify the personal information affected, the entities permitted to access or share it, and the permitted purposes, primarily to prevent harm such as identity theft, fraud, or cybersecurity threats. Entities that reasonably believe an individual may be at risk due to a data breach would be authorised to collect, use, or disclose relevant personal information under strict conditions. The Act would also introduce penalties for improper disclosure of personal data obtained through a breach, including fines and potential criminal liability.