Last week the Australian government vowed to revise privacy rules so consumers would be better protected in the wake of the enormous breach of personal data by Optus, the country’s second largest telco, reports Reuters. The goal is to give banks the information they will need to identify customers who have been put at risk because their personal data has been compromised. The Australian Prudential Regulation Authority (ARPA), the country’s banking regulator, confirmed they would be working with government and other regulators on the proposed change.
The new rules will allow telcos to share details about government-issued identity documents with banks. These banks will be required to destroy the information they receive when it is no longer required to mitigate the threat of further crime. Data protection has become a hot topic in Australia after it was revealed that Optus had breached personal data relating to 10 million Australians, approximately 40 percent of the country’s population.
Optus is under intense pressure to make amends for its failings and is being forced to pay for thousands of replacement driver’s licenses issued to victims of the breach. The Labor government has so far resisted pressure to offer replacement passports free of charge, with the justification that criminals would need the actual document and not just the information in order to travel under somebody else’s identity. However, the Liberal opposition has slammed the government’s decision, arguing that victims of the breach should have all fees for replacement passports waived and that Optus should reimburse the additional costs borne by government.
The Australian government is now considering whether to centralize the country’s management of identity documents as a way to reduce the amount of personal data maintained by businesses. Meanwhile, they have tried to shore up their support with voters by being forthright in their criticism of Optus. This leads some to question whether Optus CEO Kelly Bayer Rosmarin can retain her job following the conclusion of Optus’ initial damage-limitation operations. If Rosmarin steps down, the Optus stakeholders, the Australian government and the Australian public could unwittingly be setting a precedent for other telcos around the world. I will be writing more about that story later this week.