Publication
Undertaking to maintain status quo pending “determination”
Interlocutory injunctions routinely raise a similar issue – how are the parties to conduct themselves in the period prior to the injunction hearing?
Author:
Publication | April 2017
A new age for data privacy in Australia will begin on 22 February 2018. Recent legislation regarding mandatory data breach notification has two direct consequences on all Australian companies with an annual turnover exceeding $3 million:
There are many implications for the main guardians and users of consumer data: chief marketers, branding and CRM executives alike will need to keep in mind the possibility of class actions in relation to breaches, a million dollar-plus price tag for non-compliance, and a more stringent vendor selection and management process.
FoodiesUnited* is a fast-growing, mid-sized business managing gourmet tasting events across Victoria and New South Wales. It’s an ambitious organisation with annual revenues averaging $30 million. Their relationships are their greatest asset: to foodie customers, to vendors and to social media champions who have fuelled their success.
FoodiesUnited is currently using a cloud-service provider to manage and store its customer information. But what if this third party suffered a data breach, and 20 percent of FoodiesUnited’s customer data was stolen?
in 2017 FoodiesUnited... | in 2018 FoodiesUnited... |
---|---|
May not have had to notify impacted individuals. | Might pay between $350,000 and $1.8 million in fines AND notification costs to all impacted customers in addition to other breach-related costs (crisis management, breach recovery and reputational damage). |
No notice given, therefore no personal complaints, and no legal action. | Might face a class action suit with a hefty price tag over several years. |
Would not have been held liable for the data breach within its supply chain. | Would be held liable for the breach, and face an enquiry over data privacy compliance across its supply chain. Also the cloud-service provider would be obliged to notify impacted individuals. |
*this is a hypothetical example.
There are practical steps that a business of any size can take to ensure compliance with the new laws, assess its supply chain, and prepare for the eventuality of a breach.
Our privacy practice has put together affordable and comprehensive compliance packages that can help. Click here to find out more.
Our Asia-Pacific head of technology and innovation, Nick Abrahams, discussed the cost of data breaches in CMO. Click here to read the article.
Publication
Interlocutory injunctions routinely raise a similar issue – how are the parties to conduct themselves in the period prior to the injunction hearing?
Subscribe and stay up to date with the latest legal news, information and events . . .
© Norton Rose Fulbright LLP 2023