Note: I have excluded (or marked out) any commentary taking significant funding from the Agency or the Department of Health on all this to avoid what amounts to paid propaganda. (e.g. CHF, RACGP, AMA, National Rural Health Alliance etc. where they were simply putting the ADHA line – viz. that the myHR is a wonderfully useful clinical development that will save huge numbers of lives at no risk to anyone – which is plainly untrue) (This signifies probable ADHA Propaganda)
-----
Note: I have also broadened this section to try to cover all the privacy and security compromising and impacting announcements in the week – along with the myHR. It never seems to stop! Sadly social media platforms get a large run this week and most weeks. Sadly there is also the need to recognize pollie based risks to privacy!
-----
Chinese media accuses Australia of becoming a ‘surveillance state’
- April 26, 2019
A Chinese academic has accused Australia of becoming a “surveillance state” with the passage of telecommunications legislation last year giving security agencies more power over phone and internet companies to intercept communications.
The strongly worded article in Friday’s China Daily by Xu Ke, the executive director of the Centre for the Digital Economy at the University of International Business and Economics in Beijing, says Australia is in danger of “sliding into the abyss of a surveillance state” with the passage of the legislation.
Headed “Australia opens Pandora’s box with surveillance bill,” it accuses the federal government of taking advantage of the fact that Australia does not have a Bill of Rights to pass the law and to use “Australia as a breakthrough to force large global technology companies to yield.”
-----
It's time political parties started taking data protection seriously
By David Wroe
April 25, 2019 — 11.45pm
When the major political parties were spared the tedium of complying with the Privacy Act in 2000, the then-Howard government argued their exemption would enhance political communication and free up the democratic process.
It was a controversial enough view at the time, but it has become almost ludicrously counterproductive in the years since.
None of the parties wanted to talk about what they'd done to improve security since the cyber attack on Parliament's computer network earlier this year.Credit:
Technology in 2019 means malign actors can steal data and then use it to manipulate elections. That includes data on individual voters.
-----
'Democracy at stake': Parties warned Australia at risk of US-style cyber manipulation
By David Wroe
April 25, 2019 — 11.45pm
Former privacy tsars and technology experts have warned the major political parties they must dramatically strengthen their cybersecurity to protect the growing mountains of private data gathered on voters that could be used by foreign adversaries to manipulate elections.
More than two months since the Morrison government revealed that the three major parties had all been victims of a cyber attack early in the year, the Liberal, Labor and National parties have provided scant detail on how they were affected, nor what they have done to improve their defences.
The Liberal, Labor and National parties were hit by a sophisticated cyber attack.
Labor and the Nationals told The Sydney Morning Herald and The Age this week they did not believe confidential data had been accessed or stolen in their cases.
------
Facebook CEO Mark Zuckerberg makes fresh call for global internet rules
- April 25, 2019
Facebook boss Mark Zuckerberg has called for global guidelines on harmful content and privacy, admitting the tech giants cannot be trusted to write their own rules.
The executive, whose company is still dogged by controversies over privacy and is facing fines of up to $US5 billion ($7bn) from the US Federal Trade commission, has conceded on an earnings call that governments should bear the responsibility for regulating the tech giants, who have failed at self-regulating.
“If the rules for the internet were being written from scratch today, I don’t think people would want private companies to be making so many decisions around speech, elections and data privacy without a more robust democratic process,” Mr Zuckerberg said.
-----
23 reasons not to reveal your DNA
April 2019
DNA testing is a booming global business enabled by the internet. Millions of people have sent samples of their saliva to commercial labs in hopes of learning something new about their personal health or heritage, primarily in the United States and Europe. In some places, commercial tests are banned. In France, you could face a fine of around $4,000 USD for taking one.
Industry giants Ancestry.com, 23andMe, MyHeritage and FamilyTreeDNA market their services online, share test results on websites, and even offer tutorials on how to search for relatives in phone directories, or share results in social media. They often also claim rights to your genetic data and sell access to their databases to big pharmaceutical and medtech companies.
In terms of internet health, it’s part of a worrying trend of corporations to acquire personal data about people and act in their own best interests, not yours. OK, so test results can also lead to important discoveries about your personal health, and can also be shared for non-profit biomedical research in the public interest. But before you give in to your curiosity, here are 23 reasons not to reveal your DNA – one for each pair of the chromosomes in a human cell.
-----
Facebook beats profit estimates, sets aside $US3b for privacy penalty
Akanksha Rana
Apr 25, 2019 — 7.58am
New York | Facebook blew away Wall Street profit estimates in the first quarter as it kept a lid on the costs of making its social networks safer, and set aside $US3 billion ($4.3 billion) to cover a settlement with US regulators, calming investors who had worried about the outcome of a months-long federal probe.
Shares of the world's biggest online social network jumped more than 10 per cent after hours on Wednesday (Thursday AEST).
The US Federal Trade Commission has been investigating revelations that Facebook inappropriately shared information belonging to 87 million of its users with the now-defunct British political consulting firm Cambridge Analytica.
-----
Facebook Under Fire Over Fake News About Upcoming Federal Election
The Australian Electoral Commission (AEC) is reported to have asked Facebook to remove four items of unauthorised election content from the social media platform in the lead up to the 18 May federal election.
The AEC, in partnership with ASIO and the Australian Signals Directorate, is said to be ramping up efforts to prevent the publication and circulation disinformation.
A special electoral integrity taskforce is receiving daily briefings over content that’s being circulated on social media, with the AEC saying a proactive approach will help ensure that the democratic process is not tainted as a result of false information.
The taskforce was trialled during last year’s Super Saturday by-elections and the recent NSW election, and operates 24 hours a day.
-----
CCPA vs. GDPR: 10 Things to Do Now to Prepare for the Strictest US Privacy Law
In this privacy briefing, Fenwick & West’s team of privacy lawyers and industry veterans compare the requirements of the California Consumer Privacy Act (CCPA) with those of the European Union’s General Data Protection Regulation (GDPR). The good news: If you’ve already been working on GDPR compliance, you can leverage that work to comply with the CCPA. Instead of starting from scratch, read on for the 10 practical steps toward CCPA compliance.
CCPA Enforcement Deadlines – A Moving Target
Even though the California Department of Justice is continuing its rulemaking process for the California Consumer Privacy Act (CCPA) and the California legislature is considering further amendments (e.g. expanding the private right of action and removing the cure period; excluding employee data), businesses must comply with the CCPA on January 1, 2020. The good news is that enforcement actions by the AG will be barred until six months after the publication of the final regulations or July 1, 2020, whichever is earlier. If your company has gone through the process of preparing for the GDPR, you know that preparing for compliance requires substantial investments of time and resources. As we wrote last July, there are steps companies can take now (See “California’s New Landmark Data Privacy Regulation and What Companies Need to Do to Comply”).
-----
Companies track staff emails to monitor dissent and predict unrest
Apr 23, 2019 — 11.25am
An Australian professional services firm has said businesses can do away with ineffective staff surveys by using a potentially controversial software tool, developed by an MIT professor, to analyse the emails of staff and assess how they are feeling.
Boutique consulting firm Blackhall & Pearl Talent Services said it has been using the software, called Condor, to analyse emails for its clients to provide a real-time view of staff sentiment and predict how they might act.
Managing partner Alec Bashinsky said the software could find "honest digital signals" in staff communications, such as emails and instant messages, and identify "misconduct red flags", while tracking productivity, team cohesion and the effectiveness of change programs.
-----
Australian business cyber failings at 'crisis' levels: IBM
Apr 23, 2019 — 12.00am
Australian businesses are struggling to find qualified people to fill increasingly important cyber security roles, leaving them vulnerable to the growing threat from cyber criminals, a new global study by IBM has found.
This failure to take sufficient measures to protect against cyber attacks has already seen Australian businesses report one of the fastest increases in cyber incidents in the world.
The study, commissioned by IBM Resilient and conducted by the Ponemon Institute, found just 22 per cent of Australian businesses reported that staffing for cyber security was sufficient. That backed up a report released late last year that estimated Australia needed to train an additional 18,000 people by 2026 to fight cyber crime.
Of the 11 countries and regions surveyed in the IBM report, Australia saw the biggest increase in cyber security incidents over the past 12 months, with 70 per cent of respondents reporting an increase. The global average was 55 per cent.
-----
AEC puts heat on Facebook over election threat
- 12:00AM April 19, 2019
The Australian Electoral Commission has asked Facebook to remove four items of unauthorised election content from the social media service as the agency ramps up efforts to prevent disinformation during the election campaign in partnership with the nation’s top security agencies.
Australian Electoral Commissioner Tom Rogers said yesterday he was receiving daily briefings from a special electoral integrity taskforce, which includes the Australian Signals Directorate and ASIO, on threats potential threats to the democratic process.
“The major task in my view for the cyber taskforce is to make sure all of our electoral systems are safe and secure, and that is occurring constantly. But at the same time we are also very alert to this idea of disinformation,” Mr Rogers said.
-----
‘Extremely risky’ $1.2 million voter data project abandoned by Liberals
By Max Koslowski
April 21, 2019 — 11.45pm
Talking points
- i360 is a world-leading campaign tool that uses personal voter information to help parties zero in on swing voters
- The Liberal Party hoped i360 would take the place of Feedback, a decades-old tool party insiders believe is outdated
- Feedback is run by Parakeelia, a Liberal Party-owned company that has paid the party over $2 million this decade
The Liberal Party has abandoned a $1.2 million data harvesting system amid a botched rollout and fears sensitive voter information was at risk, as the government deals with an internal rift over software once touted as its electoral "silver bullet".
Liberal sources who have worked with the party on its digital campaign strategy over the past three years say a rift between the federal organisation and state branches underpinned the ditching of i360, a controversial American voter data machine the party used in recent state elections in Victoria and South Australia.
-----
Secure messaging’s existential crisis
April 16, 2019
If the various key stakeholders in secure messaging really walked the talk on this vital part of healthcare interoperability in Australia, why do we have virtually no progress in the last decade? Something fundamental is still wrong.
Best Practice (BP), our largest primary care patient management system vendor, and Medical Objects (MO) , one of our top three secure messaging system vendors, have a few important things in common. Both were founded by doctors with a technical bent, and a desire to make things easier, safer and more efficient for their colleagues. Both founders retain firm control of their company’s destiny after more than two decades, despite many offers to sell out to major corporates (BP is owned 30% by Sonic). And both have (or have had) head offices in very strange locations – BP in Bundaberg (their HQ is now Brisbane, but they maintain their Bundaberg office), and MO is atop a Chemist Warehouse in a suburban shopping mall in Maroochydore.
What comes with that, apart from the travel time you have to put in to get a face to face interview, is a certain coal-face practicality, and honesty, about what they are doing and hope to achieve.
I hired a car and travelled the one hour and 28 minutes from Brisbane’s CBD to sunny Maroochydore, with the hope of getting a coal face and frank view of what might be happening in Australia’s secure messaging ecosystem. After months of talking to and researching the work of various stakeholders, I wasn’t getting close to an understanding why we still find ourselves with so little progress, over something which most stakeholders will tell you is one of the key pieces of our digital health future. And which, even as it stands today, is a major fulcrum in the system for patient safety, and system efficiency.
-----
Comments welcome!
David.