The Office of the Australian Information Commissioner released a report on its investigation of Uber's 2016 data breach that affected 57 million individuals, BankInfoSecurity reports. The OAIC found Uber violated the Privacy Act of 1988, alleging noncompliance on required data protection measures, data retention practices and more. The OAIC will not issue a fine because the 1.2 million Australians affected did not file complaints. However, Uber will be required to create and maintain an information security program and appoint a coordinator to lead the initiative.
27 July 2021
OAIC alleges privacy law violations from Uber's 2016 breach
Related stories
How proposed AI enforcement moratorium cuts into US state-level powers
Notes from the IAPP Canada: Building momentum to address youth privacy issues
Navigate 2025: Potential EU AI Act pause opens new questions on approach to global regulation
Notes from the Asia-Pacific region: Chinese regulators strengthen AI, data protection governance
Notes from the IAPP Europe: Data protection and AI in focus