**Cyber-Security Expert Urges Parliament to Strengthen Penalties for Privacy Breaches**

In the wake of the recent Manage My Health data breach, a leading cyber-security consultant is calling on Parliament to revisit the current penalties for privacy breaches in New Zealand. Katja Feldtmann, from Whanganui, has launched a petition urging lawmakers to introduce harsher fines that reflect the severity of these incidents.

The Office of the Privacy Commissioner can currently issue fines of up to $10,000 for select offences, but Feldtmann argues that this is not enough. "The current penalties are woefully inadequate," she said. "If an organisation makes millions of dollars in revenue, a $10,000 fine is essentially just a cost of doing business."

Feldtmann pointed to the example of Australia, where significant increases were made to penalty levels in late 2022. Under Australian law, serious breaches can attract fines of up to A$50 million, or three times the benefit derived from the breach, or 30 percent of a company's annual turnover.

In contrast, New Zealand has no express penalty for privacy breaches, leaving it vulnerable to cyber-attacks and data leaks. Feldtmann believes that more robust penalties are necessary to hold organisations accountable and encourage better security practices. "The current fines are too low to be effective," she said. "They're essentially a cost of doing business, rather than a deterrent."

The petition, which is available on Parliament's website, aims to build momentum for change. Feldtmann hopes that by demonstrating public support, lawmakers will take notice and introduce more stringent penalties for privacy breaches.

"I think the current system is failing us," said Feldtmann. "We need to be doing better than the rest of the world when it comes to cyber-security and data protection."

**A Global Comparison**

Feldtmann highlighted the example of the European Union, which she considers to be a gold standard for data protection. "The EU has some of the toughest laws in the world," she said. "We're part of the Five Eyes group, but when it comes to cyber-security and data protection, we seem to be lagging behind."

The Manage My Health data breach, which exposed sensitive health information for thousands of New Zealanders, has raised concerns about the country's preparedness for cyber-attacks. Feldtmann believes that stronger penalties would encourage organisations to take greater responsibility for their security practices.

**The Petition**

The petition is open to anyone who wants to sign up and demonstrate support for harsher penalties for privacy breaches. You can find the petition on Parliament's website and join thousands of others in calling for change.