New cyber-crime legislation will be introduced by the Federal Government before the end of the year that will make the possession and trading of secure digital information such as account numbers, driver’s licenses and passwords illegal.
But a cyber-crime expert says the new legislation will reduce the burden on businesses in dealing with this information, as more SMEs prepare to store employee information digitally.
The new laws, which are now being debated in the Senate, cover a list of methods of identification including passport, credit and debt card, financial account and Australian business number details.
The legislation also covers biometric data, voice prints, digital signatures, log-in details, personal identification numbers, along with any “series of numbers or letters or both intended for us as a means of personal identification”.
The new laws are being designed to help police, who currently must catch criminals in the act of gathering personal details in an attempt to obtain money or goods and services.
The changes will mean individuals found in possession of identification information with the intention of dealing or trading that information could be sent to jail for up to three years.
Dr Russell Smith, principal criminologist at the Australian Institute of Criminology, says the legislation will remove businesses from liabilities that could have existed under previous legislation.
“If you deal with documents, it won’t be offensive to just have them in your possession, but you have to know they’re going to be used in a criminal activity. That carries a jail term.”
“This really reduces the burden of businesses quite a lot, as the laws are more specific about what makes up trading or dealing with specific detail information, and there needs to be a specific criminal intent.”
But Smith also warns businesses to be careful about how they deal with sensitive digital information about employees, saying the legislation will cover other uses of the information.
“There is a possibility there is a liability here about acting recklessly with this information, which could attract a lesser punishment. So businesses need to be a bit careful even if they aren’t doing something strictly criminal, but acting recklessly with data.”
Comments