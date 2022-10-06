Telco providers will now need to access consumer data via big financial institutions in a bid to protect privacy following the Optus hack.
Treasurer Jim Chalmers and Communications Minister Michelle Rowland on Thursday jointly announced a sweep of new rules which apply across the industry, to enhance the monitoring and protection of consumer data held by providers.
The amendments now mean a telco provider would have to share government issued identification with financial services like banks, which have stronger data protections that are regulated by the prudential watchdog.
Changes to the regulation have been spurred on by the recent Optus hack where nearly 10 million customers had their data breached and included government issued identification such as passports, licences and Medicare numbers.
Minister Rowland outlined the 12 month amendments were specifically in response to cyberthreats.
"The proposed regulations have been carefully designed with strong privacy and security safeguards to ensure that only limited information can be made available for designated purposes," she said.
"This will enable Optus, the financial services sector and relevant agencies to work together more effectively, to implement enhanced monitoring and safeguards to protect customers affected by the breach."
READ MORE:
Minister Rowland outlined Optus flagged with the government it was only covered under one exemption of the telecommunications regime in regards to data, with the changes put in place to better reflect needed safeguards across the sector.
"I think it's important that consumers understand that these regulations have been put in place solely for good protection," she said.
"Our primary concern here is to ensure that we do whatever we can under law to enable them to get those risks to be mitigated in terms of hiding fraud, and other misuse of their data."
The changes outline information can only be used for preventing and responding to cyber security threats. It also spells out information once used for its intended purpose must be destroyed.
Recipients regulated by the Australian Prudential Regulation Authority will need to meet security requirements and protocols for the transfer and storage of information.
Treasurer Jim Chalmers highlighted including the role of regulated financial entities already under tighter rules around consumer data would mean information would be better protected.
"Financial institutions can play an important role in targeting their efforts towards protecting customers at greatest risk of fraudulent activity and scams in the wake of the recent Optus breach," Dr Chalmers said.
"These new measures will assist in protecting customers from scams, and in system-wide fraud detection."
Australia's Council of Financial Regulators are also set to examine via a working group further avenues of strengthening privacy protection and identifying customers at risk of financial crime.
Home Affairs Minister Clare O'Neil has previously stated changes to privacy laws are needed to better strengthen safeguards around information stored online by companies.
Sign up for our newsletter to stay up to date.
We care about the protection of your data. Read our Privacy Policy.