Was your data exposed in the recent Medibank or Optus hacks? Well, under a new proposal, you could seek a payout from a company if it failed to protect your data.
It’s one of the 116 proposals made by the Privacy Act review, which was released by the attorney-general today.
Under the proposals, Aussies would be entitled to a “direct right of action” and could apply to the courts for relief if their privacy was breached. They could also sue for “serious invasions of privacy”.
Other proposals include the ability for Aussies to opt out of targeted ads and the right to request companies erase their personal information.
The recommendations follow the attacks on Medibank and Optus last year, which exposed the personal information of millions of Aussies. In response, the government beefed up penalties for serious or repeated privacy breaches.
“The Privacy Act has not kept pace with the changes in the digital world. The large-scale data breaches of 2022 were distressing for millions of Australians, with sensitive personal information being exposed to the risk of identity fraud and scams,” Attorney-General Mark Dreyfus said.
“The Australian people rightly expect greater protections, transparency and control over their personal information and the release of this report begins the process of delivering on those expectations.”
Medibank and Optus class actions
Medibank is currently facing a class action brought by Omni Bridgeway and Baker McKenzie. Last month, law firms Maurice Blackburn, Bannister Law Class Actions and Centennial Lawyers also joined forces to run a data breach complaint against the health insurer.
Meanwhile, Maurice Blackburn and Slater and Gordon have announced they are investigating possible class actions against Optus to seek compensation for impacted Aussies by the telco’s data breach.
Impacted Aussies can register their interest in the investigations via the law firms’ websites.