(2012) 28(3) Computer Law and Security Review 296
ABSTRACT: Mandatory data breach notification laws have been a significant legislative reform regarding unauthorized disclosures of personal information by public and private sector organizations. These laws originated in the state-based legislatures of the United States during the last decade and have subsequently garnered worldwide legislative interest. We contend that mandatory data breach notification laws have conceptual and practical concerns that limit the scope of their applicability, particularly in relation to existing information privacy law regimes. We outline these concerns, and in doing so, we examine recent EU and Australian legal developments in this area.
The full article is available at: http://www.researchgate…