CHOICE has made a submission to the Department of Home Affairs' Discussion Paper on the National Data Security Action Plan.

Businesses must take responsibility for data security, as consumers often have limited oversight, knowledge and control over where their dataflows and rests. Consumers place implicit trust in the business that collects or holds their data, expecting that their information is kept securely. However, this trust can cost the consumer. When a data breach occurs, consumers become susceptible to cybercrime, such as identity theft and scams.

The Discussion Paper highlighted that customer personal information is the most common and most expensive type of record lost or stolen in a data breach, costing on average $252 per record. Consumers often have no recourse after such a breach occurs. Such experiences can alter a consumer's life, impacting their financial, emotional and social wellbeing through fraud, scams and erosion of trust. This is why it is crucial that companies understand the importance and take actions to secure data, no matter where they exist in the supply chain. 

CHOICE urges the Australian Government to introduce a best interest duty for businesses that collect, use or disclose data. This would allow for a cultural change in which businesses consider first and foremost the individual whose data they collect and hold.

Download submission (PDF)

• Submission to Department of Home Affairs on the National Data Security Action Plan

Related content

• Submission to the Attorney-General's Department on the Review of the Privacy Act
• Submission to the ACCC on the Digital Platform Services Inquiry consultation on updating competition and consumer law for digital platform services
• Submission to the Attorney-General's Department on the Online Privacy Bill
• Why cybersecurity is a consumer safety issue 
• Strengthening the ACL to protect consumers online

Stock images: Getty, unless otherwise stated.