[Dataloss] AU: COMMENTARY: Get ready for dataloss reporting laws

[lyger]

http://searchsecurity.techtarget.com.au/topics/article.asp?DocID=6101268

It's naive in the extreme to assume there have been no major dataloss 
incidents involving Australian companies over the last few years.

Recently the folks at flowingdata.com generated a chart based on the 
Attrition.org dataloss archive showing the 10 largest dataloss incidents 
since 2000. The frequency of reported incidents appears to dramatically 
increase over timeline, suggesting the problem is getting much, much 
worse.

On the surface of things the apparent acceleration of serious incidents 
involving consumer data does appear alarming. However, it's more likely 
things have always been this bad. The only reason serious dataloss 
incidents are now being reported in the United States (the flowingdata.com 
chart includes one UK incident) is almost certainly the result of the 
introduction of mandatory dataloss disclosure laws there.

Since the state legislature in California passed its pioneering laws 
forcing companies to inform their customers when their data has leaked, 38 
US States have followed suit, with many more in the process of updating 
their legislation to fall in line.

As the reporting laws have been introduced, more companies have been 
forced to disclose incidents, so the stats are looking grim.

Truth is, it's probably always been this bad.

[...]