Have govt requirements for telcos to hold PII caused unnecessary risk? Should companies & govt agencies that fail to secure PII suffer actual consequences? What actually is the point of ASD and ACSC if they can't help secure something like this?
ASD/ACSC demanded all sorts of intrusive powers to direct companies as to how to do security. They denied it was about them wanting data, insisted it was about making everything more secure. How's that working out? Mmmm mm mmmmm mmmmmmmm mmm mmmmmmmmmm