Outsourced personal info to get safeguards

The Australian Law reform Commission has recommended that if an organisation in Australia transfers personal information about an individual to a recipient outside Australia, the organisation remains accountable for that personal information. The organisation would be accountable if the overseas recipient uses the data in a way that would be "an interference with the privacy of the individual" if done in Australia. ALRC president David Weisbrot said that during its consultations the commission had detected a "visceral unease" about personal information being sent overseas. Weisbrot said: "This unease appears to reflect a general feeling that people are losing control over something deeply personal with little ability to do anything about it and few remedies if anything goes wrong." The ALRC has recommended that the government introduce a breach notification scheme so that an organisation would have to notify its customer and the Privacy Commissioner of any "serious" breach of privacy. This would include banking details being stolen. The commission has also recommended that the law be amended to include the concept of a nominee and provide that an organisation may establish nominee arrangements.

Source: The Sheet