The Office of the Australian Information Commissioner released a report on its investigation of Uber's 2016 data breach that affected 57 million individuals, BankInfoSecurity reports. The OAIC found Uber violated the Privacy Act of 1988, alleging noncompliance on required data protection measures, data retention practices and more. The OAIC will not issue a fine because the 1.2 million Australians affected did not file complaints. However, Uber will be required to create and maintain an information security program and appoint a coordinator to lead the initiative.
27 July 2021
OAIC alleges privacy law violations from Uber's 2016 breach
Related stories
Notes from the IAPP Canada: Keeping watch on federal, provincial developments
Italy updates National Cybersecurity and Data Protection Framework
Vietnam's data protection laws: The basics and beyond
Notes from the Asia-Pacific region: NZ OPC calls for 'doing privacy well'
GDPR matchup: Australia's Privacy Act 1988
