4 in 5 industry experts say cyber security laws are insufficient
An alarming number of professionals in the legal, cyber and data privacy spaces think that the laws designed to govern actions in the digital space need strengthening, according to new research.
The “Decoding Cybersecurity: Clause and Effect” report, published by LexisNexis, examines the issues around cyber security for the legal industry in 2019. It was based on the company’s 2019 Roadshow Cybersecurity Survey of 250 legal practitioners and saw the company host panel discussions with legal, cyber and data privacy industry experts across the country, at which they live polled attendees.
When asked whether Australia’s cyber security laws provide adequate protections, 83 per cent of experts who attended the LexisNexis roadshows said the laws were “insufficient”, and almost half (47 per cent) of survey respondents said “we need better laws”.
On the question of the effectiveness of the Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth) – “the most comprehensive piece of legislation relating to data handling in Australia, and considered Australia’s answer to Europe’s General Data Protection Regulation”, the company espoused – there was agreement from industry experts that the Australian legislation “has some shortcomings”.
These include, LexisNexis outlined, that the NBD scheme does not apply to state- or territory-based authorities, businesses with an annual turnover of less than $3 million or registered political parties.
Moreover, the report continued, the NBD does not contain provisions for the “right to be forgotten” (that is, the right of an individual to have all of their personal data deleted by an organisation on request).
“This was a key right in the GDPR and there are calls for the same protections to be applied in Australia,” LexisNexis wrote.
Elsewhere, the results showed that the Australian legal profession is “heavily of the opinion” (85 per cent of those live polled and 72 per cent of survey respondents) that the recently passed Telecommunications and Other Legislation (Assistance and Access) Act 2018 (Cth) “potentially opens the door to privacy breaches”, focusing mainly on two areas: encryption busting and law enforcement secrecy.
“Without doubt, legislation such as this must tread a thin line between the individual right to privacy and national security, but there are questions as to whether this particular act has got it right,” LexisNexis wrote.
To discover how to operate a leaner legal department, minimise costs and accelerate your revenue-making ability, hear first-hand from a group of industry leaders at the 2020 Lawyers Weekly Corporate Counsel Summit & Awards. Click here for more information.