OAIC compels Ashley Madison to improve privacy
The owners of notorious dating site Ashley Madison have agreed to legally binding undertakings following an investigation by the Office of the Australian Information Commissioner.
Avid Life Media has pledged to conduct a thorough review of the protections it has in place to protect personal information to avoid a repeat of the major data leak involving its customer database last year.
By May next year, Avid Life Media has also agreed to augment its information security framework and adequately document this framework and its information security processes.
The enforceable undertakings also involve staff and contractor training and the production of an independent report documenting the measures taken to fulfil the promises.
Australian Privacy Commissioner Timothy Pilgrim said the incident shows how important it is for businesses to protect customers’ personal information, and the reputational damage that can result from failing to do so.
“The enforceable undertakings ... are a positive approach to improving privacy practices. But the impact of this incident reinforces what my office has stressed for some time — that privacy is not a bolt on accessory; it needs to be integrated into businesses and products by design,” he said.
As the Ashley Madison case demonstrates, companies not in compliance with Australian privacy regulations need to enhance privacy safeguards, amend information retention practices, improve information accuracy and increase transparency.
How to harness AI to advance cybersecurity
Organisations that prioritise AI-enabled security and a culture of continuous learning...
Solving the IoT attack surface challenge: a practical playbook for IT managers
As IoT environments get more complex, adopting zero-trust architectures to verify every device...
Defending against AI-powered cyberthreats
Improving cyber resilience is no longer about perimeter defence or reactive patching, but...
