OAIC compels Ashley Madison to improve privacy
The owners of notorious dating site Ashley Madison have agreed to legally binding undertakings following an investigation by the Office of the Australian Information Commissioner.
Avid Life Media has pledged to conduct a thorough review of the protections it has in place to protect personal information to avoid a repeat of the major data leak involving its customer database last year.
By May next year, Avid Life Media has also agreed to augment its information security framework and adequately document this framework and its information security processes.
The enforceable undertakings also involve staff and contractor training and the production of an independent report documenting the measures taken to fulfil the promises.
Australian Privacy Commissioner Timothy Pilgrim said the incident shows how important it is for businesses to protect customers’ personal information, and the reputational damage that can result from failing to do so.
“The enforceable undertakings ... are a positive approach to improving privacy practices. But the impact of this incident reinforces what my office has stressed for some time — that privacy is not a bolt on accessory; it needs to be integrated into businesses and products by design,” he said.
As the Ashley Madison case demonstrates, companies not in compliance with Australian privacy regulations need to enhance privacy safeguards, amend information retention practices, improve information accuracy and increase transparency.
Cyber lessons from 2025: why human risk will define 2026
Success in 2026 will come from building security into the rhythm of business, where technology,...
2026 will be the year identity defines cyber defence
2025 gave us an initial look at what happens when AI scales faster than identity controls.
How to harness AI to advance cybersecurity
Organisations that prioritise AI-enabled security and a culture of continuous learning...
