An Australian watchdog on Wednesday ordered the government to pay damages to over a thousand asylum seekers whose personal data was wrongly made public seven years ago.
Lawyers believe this is the first time in Australian history that compensation has been ordered for a mass privacy breach.
More than 9,000 migrants had their personal information - including their name, date of birth, citizenship, reason for detention and location they were being held - mistakenly published online in 2014.
Around 1,300 could now each receive sums of up to US$15,500 within 12 months, after they formed a class action lawsuit to claim damages.
“This breach meant that any person searching the internet could access the personal information surrounding thousands of people applying for protection in Australia,” said lawyer Sarah Dale of the Refugee Advice and Casework Service.
“This includes authorities and indeed even the perpetrators of the persecution, in the countries from which they fled.”
Australia’s information commissioner said the Department of Home Affairs had “interfered with the privacy of 9,251 detainees in immigration detention by mistakenly releasing their personal information.”
The published report “contained embedded personal information that could identify all persons in immigration detention on 31 January 2014”.
Prime Minister Scott Morrison, who was immigration minister when the incident happened, called the breach “unacceptable” at the time.