OAIC compels Ashley Madison to improve privacy
The owners of notorious dating site Ashley Madison have agreed to legally binding undertakings following an investigation by the Office of the Australian Information Commissioner.
Avid Life Media has pledged to conduct a thorough review of the protections it has in place to protect personal information to avoid a repeat of the major data leak involving its customer database last year.
By May next year, Avid Life Media has also agreed to augment its information security framework and adequately document this framework and its information security processes.
The enforceable undertakings also involve staff and contractor training and the production of an independent report documenting the measures taken to fulfil the promises.
Australian Privacy Commissioner Timothy Pilgrim said the incident shows how important it is for businesses to protect customers’ personal information, and the reputational damage that can result from failing to do so.
“The enforceable undertakings ... are a positive approach to improving privacy practices. But the impact of this incident reinforces what my office has stressed for some time — that privacy is not a bolt on accessory; it needs to be integrated into businesses and products by design,” he said.
As the Ashley Madison case demonstrates, companies not in compliance with Australian privacy regulations need to enhance privacy safeguards, amend information retention practices, improve information accuracy and increase transparency.
Secure-by-design software development for digital innovation
The rise of DevSecOps methodologies and developments in AI offers every business the opportunity...
Bolstering AI-powered cybersecurity in the face of increasing threats
The escalation of complex cyber risks is becoming a pressing issue for those in business...
How attackers are weaponising GenAI through data poisoning and manipulation
The possibility for shared large language models to be manipulated through data poisoning...