Does the Notifiable Data Breaches Scheme create legal opportunism? While this amendment has been a step forward in privacy protection, are there unwelcome consequences in compliance? Opportunities abound to assist and protect organisations, but what about those that were breached, assessed the compromise, and have correctly reported it? With our privacy at risk, and in addition to loss of trust, reputational damage, and the recovery costs, will businesses now face the inevitable backlash of lawsuits? With news a Sydney law firm is considering a class action against PageUp, does this set a precedent of future litigation for every reported breach?