Labor to reconsider mandatory data retention laws for companies in light of major hacks
Melbourne, Australia – 12 December 2023
Following several high-profile data breaches in the past year, the federal government will review laws requiring companies to retain data as part of its new cyber security strategy.
Released on Wednesday, the 2023-30 strategy notes that data is increasingly used for ransom attacks and as a tool for coersion.
“Mishandling of sensitive and critical datasets can cause grave damage to Australia’s national interests,” it says. “Technological advancements have enabled malicious actors to develop vast data profiles on businesses, individuals and officials for intelligence gathering and commercial purposes.”
Alastair MacGibbon, Chief Strategy Officer at CyberCX, told Guardian Australia a good rule of thumb was that businesses cannot lose or misuse data they do not keep in the first place.