This Act makes provision to protect the privacy of individuals (Commonwealth of Australia, 2014) and controls the use, storage, collection and disclosure of personal information (OAIC, 2014). Recently, new privacy laws have come into operation and the amendments to the Privacy Act 1988 will introduce a new set of privacy principles that particularly address the collection of personal information and data online. In 2005 there was an attempt to bring in an anti-phishing act however it was not passed. Therefore there is no clear legislation that directly targets the issue of phishing. This proves Australia needs stricter and clearer legislation for offending phishing companies, persons and websites. Relevant cases that are of similar issue of that in Australia include in January 2007, Jeffrey Brett Goodin of California was convicted under the provisions of the CAN-SPAM Act of 2003. Goodin was found guilty of sending thousands of emails to America online users whilst posing as AOL’s billing department, which prompted customers to send personal and credit card information. The offender was sentenced for 6 years, just a fraction of the 101 years he could have been given for the CAN-SPAM violation and other counts including wire fraud, unauthorized use of credit cards and misusing AOL’s trademark. …show more content…
Credit card details and security pins are the most commonly stolen personal details via phishing. This poses issues for both banks and the victims as stakeholders. Banks are faced with ongoing problems with complaining customers of unidentifiable transactions coming out of their bank. Recovering the funds can be out of the banks hands which can lead to unhappy customers creating a bad reputation in society. The lack of concise legislation in place prevents phishers from being caught making this legal issue and reoccurring problem for all stakeholders. Additionally, the most common way of phishing is through fraudulent emails sent with scamming websites posing as major banks or websites such as Westpac, Nab, eBay and iTunes. It is a large threat to organisations as such as it defames their reputation and reliability, driving away potential customers. Email service providers are also major stakeholders in the legal issue of phishing. The fraudulent emails are sent through their servers therefore they could be liable if the emails aren’t filtered correctly into junk and spam folders making users aware of the risk of the emails from phishing websites posing as large organisations. The authentic looking messages are purposefully designed to trick everyday people into submitting personal data and it works as it looks like they’ve been sent from