MLex Summary: American Express Australia failed to take reasonable steps to protect a customer’s personal information from unauthorized access by an employee, Australia’s privacy regulator has found. In a statement on Monday, the Office of the Australian Information Commissioner said that American Express breached the 1988 Privacy Act and ordered the company to compensate the complainant for economic and non-economic loss and expenses, issue a written apology and implement additional access-control and logging measures. The regulator said it has only published a summary report of the determination rather than the full decision due to confidentiality and cybersecurity concerns.Read More
