The Privacy Commissioners Office has been calling for proper fines for data breaches for YEARS.
Not a single muppet in the beehive has even given it a thought, from what i can tell.
The current maximum penalty is $10000.
Australia has their maximum penalty set to $50 million.
That is certainly a take, but an app is just one attack surface for interacting with a service, and is not inherently secure or insecure; who you trust with your data is the far more relevant part here.
And that also doesn’t matter when you are forced to interact with a government service or essential utilities provider who then subsequently puts your data into the hands of the same high profit, low value shitware companies that have these agencies/organisations locked-in. What are you going to do then? Move to the woods?
No, it won’t stop until there is real accountability with teeth. Punish these fuckers for their incompetence with actual jail time for directors, otherwise fines are just the cost of doing business.
In the majority of cases the Apps are built or mainained by third parties who now additionally have access to your personal information, such was the case with a recent Railway travel app in Europe that revealed customers info and even Passport copies.
That is, among other things, why it is inherently a vulnerability.
In my area government services, medical processing, and utility companies can be managed either via website, phone, or in person. There has been a push lately for apps but I never sign off on any such disclosures and never use such apps. I would sue long before I considered it.
You comment reeks of nihilistic defeatism.