The Australian Government has been ordered to pay compensation to asylum-seekers whose details were exposed in a massive data breach seven years ago. Source: SBS News.
The Information Commissioner has determined the Department of Home Affairs interfered with the privacy of 9,251 detainees in immigration detention by mistakenly releasing their personal information.
The privacy breach relates to the unauthorised release of a detention report on the department’s website in 2014.
Then Immigration Minister Scott Morrison called the incident “unacceptable”, saying the information was “never intended” to be in the public domain.
Australia’s privacy regulator found the report contained embedded personal details that could identify all asylum-seekers held in mainland detention and on Christmas Island. This included information such as names, gender, why they were being detained, and where they were being detained.
Commissioner Angelene Falk said the compensation for economic loss would be paid on a case-by-case basis.
The Information Commissioner investigated the breach after a joint complaint was made by 1,297 affected asylum-seekers.
The commissioner said compensation for those who could demonstrate loss or damage as a result of the data breach would range from $500 to more than $20,000.
The regulator has created five categories for loss or damage, to be assessed depending on the severity of the impact. This will include assessing anxiety, fear, pain, suffering, distress, humiliation or exacerbation of a mental health condition caused by the data breach.
In a statement, a spokesperson for the Department of Home Affairs said it “regrets that the unauthorised publication of personal information occurred.”
Home Affairs ordered to pay compensation after breaching the privacy of almost 10,000 asylum seekers (By Tom Stayner, SBS News)