Tuesday, December 29, 2020

Commentators and Journalists Weigh In On Digital Health And Related Privacy, Safety And Security Matters. Lots Of Interesting Perspectives - December 29, 2020.

 -----

This weekly blog is to explore the news around the larger issues around Digital Health, data security, data privacy, AI / ML. technology, social media and related matters.

I will also try to highlight ADHA Propaganda when I come upon it.

Just so we keep count, the latest Notes from the ADHA Board were dated 6 December, 2018 and we have seen none since!

It is worth pointing out that it was only in last little while ( beginning end July 2020 ) the ADHA took down the notification regarding the most recent minutes notification. Embarrassed I guess – as they should be! I wonder will the new CEO make a difference?

The new CEO has been in place 12+ weeks – no new minutes obvious yet, or any other major improvements!

Note: Appearance here is not to suggest I see any credibility or value in what follows. I will leave it to the reader to decide what is worthwhile and what is not! The point is to let people know what is being said / published that I have come upon.

-----

https://www.theaustralian.com.au/business/technology/facebook-targets-quotations-in-posts/news-story/9854f091c97230b0fbb03fb8f768a855

Facebook targets quotations in posts

Chris Griffith

A Facebook group supporting academic Kylie Moore-Gilbert has fallen foul of the tech giant over a quotation.

Administrator of the “Free Kylie Moore-Gilbert” group Susanne Kay published the quote “You are never too old to set another goal or to dream a new dream” and attributed it to British writer and theologian C.S. Lewis.

Facebook branded the quotation as “false information” and greyed it out, saying it was made by another person.

Ms Kay has questioned how far should Facebook go monitoring this sort of content. For example, should Facebook focus on expeditiously removing horrific video like that posted live of the Christchurch mass shootings rather than quotations?

-----

https://evolveandamplify.com/work/redesigning-the-australian-digital-health-agencys-operating-model/

Redesigning the Australian Digital Health Agency’s Operating Model

The Challenge

The Australian Digital Health Agency (ADHA) delivers digital healthcare systems and the national digital health strategy for Australia. To operate as effectively as possible, it sought to eliminate capability duplication, uplift its corporate capabilities and facilitate new ways of working.

ADHA engaged the E&A team to ensure all business areas were aligned, working together and operating efficiently.

Designing the Business

To model how ADHA produces value for its stakeholders and identify the capabilities required to realise this value, we leveraged existing materials, such as ADHA’s strategic plan and related documents, and engaged with business areas.

We used business motivation models and business operations models to produce a holistic and integrated view of ADHA’s business capability requirements.

We also produced a view of the target state needed to achieve them.

-----

https://www.theaustralian.com.au/nation/cyber-spy-agency-on-high-alert-over-hack/news-story/a4879aac7be8536b662af8b29f2d3d20

Cyber spy agency on high alert over hack

Ben Packham

The nation’s top cyber spy agency is working with potential victims of the SolarWinds Russian hacking offensive, including some of the most sensitive government departments and agencies, to assess whether their networks have been breached.

The Australian can reveal the departments of Defence, Finance and Home Affairs, and the Australian Securities and Investments Commission are users of the ­network-management software infiltrated by the hackers.

Government tender records show the Australian Radiation Protection and Nuclear Safety Agency, the Bureau of Meteorology, trade promotion agency Austrade and the Department of Education, Skills and Employment are also SolarWinds clients.

It’s understood the Australian Signals Directorate, which also uses SolarWinds software, was unaffected by the attack.

-----

https://www.smh.com.au/technology/microsoft-customer-data-hacked-through-reseller-compromise-20201225-p56q4z.html

Microsoft customer data hacked through reseller compromise

By Ellen Nakashima

December 25, 2020 — 12.04pm

Russian government hackers have compromised Microsoft cloud customers and stolen emails from at least one private-sector company, according to people familiar with the matter, a worrying development in Moscow's ongoing cyberespionage campaign targeting numerous US agencies and corporate computer networks.

The intrusions appear to have occurred via a Microsoft corporate partner that handles cloud-access services, those familiar with the matter said. They did not identify the partner or the company known to have had emails stolen. Like others, these people spoke on the condition of anonymity to discuss what remains a highly sensitive subject.

Microsoft hasn't publicly commented on the intrusions. On Thursday, an executive with the tech giant sought to downplay the issue's significance.

"Our investigation of recent attacks has found incidents involving abuse of credentials to gain access, which can come in several forms," Jeff Jones, Microsoft's senior director for communications, said. "We have still not identified any vulnerabilities or compromise of Microsoft product or cloud services."

The troubling revelation comes several days after Microsoft's president, Brad Smith, said the Fortune 500 company had not seen any customers breached through its services, including the vaunted Azure cloud platform used by governments, major corporations and universities worldwide.

-----

https://audioboom.com/posts/7758227-jennie-mcdonald-director-of-security-and-compliance-outreach-at-the-australian-digital-health-ag

Jennie McDonald, Director of Security and Compliance Outreach at the Australian Digital Health Agency

Dec 24, 10:44 AM

Aaron Stevens speaks with Jennie McDonald, Director of Security and Compliance Outreach at the Australian Digital Health Agency.

(Quite a sensible set of tips if you are posting on social media)

-----

https://www.lexology.com/library/detail.aspx?g=d1b578d4-c1fb-4da1-a112-7a73168ae7ce

So you want a new approach to regulating digital platforms: Too easy (not)

Gilbert + Tobin

The emergence of powerful digital platform companies has presented challenges to regulators around the world. In response, many are reaching for their traditional tools by filing antitrust suits against Facebook and Google, including here in Australia.

By contrast, the UK Government has been attempting to construct a new regulatory model for digital platforms that focuses on ex ante rules. This shift started in 2019 with the Furman Review which concluded that solely relying on merger and antitrust enforcement can create delays and uncertainty for all companies, big and small, and ex ante regimes are clearer and more effective in the dynamic digital economy.

Easier said than done. While the would-be administrator of this new approach, the Competition Markets Authority (CMA) has been assiduously building its ‘wish list’ of new powers, the UK Government, in whose gift those powers would be, has been much more cautious.

The CMA has recently released two key reports about how the digital economy should be regulated:

  1. The first CMA report, released in November, was a study into the digital advertising market which had four key recommendations (CMA study).
  2. On 8 December 2020, the CMA released their advice on the design and implementation of the new regime (CMA advice). The Government has not responded to the CMA Advice.

On 27 November 2020, the UK Government responded to the CMA Study (UK Government response). While the UK Government’s response goes some way to showing what the new regime will look like, there is still a lot to be determined.

-----

https://www.theaustralian.com.au/business/the-wall-street-journal/google-facebook-agreed-to-team-up-against-possible-antitrust-action-draft-lawsuit-says/news-story/b00ce9b451fd4a7431abfad85844d12f

Google, Facebook agreed to team up against possible antitrust action, draft lawsuit says

Facebook and Alphabet’s Google agreed to “co-operate and assist one another” if they ever faced an investigation into their pact to work together in online advertising, according to an unredacted version of a lawsuit filed by 10 states against Google last week.

The suit, as filed, cites internal company documents that were heavily redacted. The Wall Street Journal reviewed part of a recent draft version of the suit without redactions, which elaborated on findings and allegations in the court documents.

Ten Republican attorneys general, led by Texas, are alleging that the two companies cut a deal in September 2018 in which Facebook agreed not to compete with Google’s online advertising tools in return for special treatment when it used them.

Google used language from “Star Wars” as a code name for the deal, according to the lawsuit, which redacted the actual name. The draft version of the suit says it was known as “Jedi Blue.”

-----

https://www.lexology.com/library/detail.aspx?g=00ec3b92-fbc4-4328-b6b1-57793ebdce59

Australia approves sweeping changes to breach reporting regime

Herbert Smith Freehills LLP

Australia December 21 2020

In a move with significant implications for Australian financial services and credit licensees (AFS Licensees and Credit Licensees respectively), the Federal Parliament has passed legislation endorsing several reforms recommended by the Financial Services Royal Commission, including to the regime for reporting significant breaches to ASIC.1

This briefing summarises the key changes to that regime, and issues to look out for in preparing for the new regime to commence on 1 October 2021.

The highly anticipated changes to the regime include:

  1. The requirement to report significant breaches will extend to Credit Licensees for the first time.
  2. The significance test has been expanded to require reports in a broader range of circumstances.
  3. The reporting obligation will apply not only when the licensee ‘knows’ there has been or will be a significant breach, but also where the licensee:

·         knows there are reasonable grounds to believe that is the case; or

·         is reckless as to whether there are reasonable grounds to believe that is the case.

-----

https://www.smh.com.au/technology/accc-could-sink-google-fitbit-deal-over-lingering-competition-fears-20201222-p56pj4.html

Google's $3b deal to buy Fitbit given workout by ACCC

By Cara Waters

December 22, 2020 — 4.18pm

Google's $3 billion deal to buy fitness tracking pioneer Fitbit could be scuppered by the Australian Competition and Consumer Commission after the watchdog rejected an undertaking that sought to address its concerns about the deal.

The ACCC will continue its investigation alongside the United States Department of Justice (DoJ) which is also reviewing Google's plans to acquire Fitbit for around $US2.1 billion ($3 billion) and pave the way for Google to challenge Apple in the health-focused wearable sector.

ACCC chair Rod Sims said if the watchdog opposes the deal it could lead to the entire transaction being blocked or the imposition of penalties on Google for going ahead.

Last year, Google offered $US2.1 billion for Fitbit, the activity tracking wearable technology company.

"We have to decide whether or not we oppose the transaction and we have to take into account that this is an international transaction," he said. "This is a very dynamic environment. So we really need to see where the DoJ get to, but we also need to think through what are our options in this complex, but really, really important market."

-----

https://www.itwire.com/technology-regulation/accc-extends-consumer-data-right.html

Wednesday, 23 December 2020 11:08

ACCC extends Consumer Data Right

By Stephen Withers

Changes to the Consumer Data Right (CDR) rules will allow more businesses to share their banking data with accredited recipients.

Following consultations with stakeholders and government departments and agencies, the ACCC has amended the CDR rules to include more business customers, including partnerships.

CDR allows customers to share their banking data (there are plans to extend CDR to other areas such as energy) with authorised recipients to make it easier to shop around for services.

This helps provide a more level playing field, as it reduces the advantage that incumbent providers have from being able to access detailed data about the customer.

-----

https://www.itwire.com/open-sauce/nbn-fully-built-though-35,000-premises-still-unconnected-don-t-they-count.html

Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Wednesday, 23 December 2020 11:07

NBN 'fully built' though 35,000 premises still unconnected. Don't they count?

By Sam Varghese

Thirty-five thousand Australian premises are yet to be connected to the national broadband network, but Communications Minister Paul Fletcher has declared that the network is "built and fully operational".

This declaration was made in a media release which was leaked to the Nine Entertainment newspapers a day early. That's the best way to get "exclusives" these days.

Given that, the use or reporting staples — the five Ws and the H — have been omitted by the Nine Entertainment newspapers technology editor Supratim Adhikari. Else the next release will not be leaked ahead of time.

The words are quite silly but, given that Fletcher is uttering them, are of sufficient import for others to muse on them as well.

-----

https://www.itnews.com.au/news/google-undertaking-for-fitbit-buy-fails-to-gain-accc-support-559298

Google undertaking for Fitbit buy fails to gain ACCC support

By Ry Crozier on Dec 22, 2020 10:07AM

Final decision pushed back to the end of March 2021.

Google is yet to convince Australian regulators that its proposed acquisition of Fitbit won’t cause competition or privacy issues, with a draft court-enforceable undertaking it submitted last month knocked back.

The company, which hopes to buy Fitbit for US$2.1 billion (A$2.77 billion), won EU antitrust approval last week, but is yet to have the transaction cleared by authorities in the US and Australia, among other jurisdictions.

It had submitted a “long-term behavioural undertaking” at the end of November to address concerns raised by the Australian Competition and Consumer Commission (ACCC).

-----

https://www.theaustralian.com.au/business/the-wall-street-journal/amazons-chief-technology-officer-shares-his-predictions-for-2021/news-story/28a1dc4baea603c8b11d17a4caaeae39

Amazon’s chief technology officer shares his predictions for 2021

Werner Vogels, Amazon.com Inc.’s chief technology officer, predicts 2021 will see a much broader distribution of the technologies that have been powering big corporations.

The shift, which includes connecting more devices to the cloud, and better access to machine learning, builds on recent advances in software and silicon as well as the acceleration of digital initiatives by companies over the past year.

“I tried to stay with some of the things that I know will be happening because we have some control of them,” said Mr. Vogels. On Wednesday, he shared eight predictions based on customer-behavior patterns and technology investments by the company. Some highlights below.

The cloud will be everywhere. Next year will see more devices and more organizations powered by the cloud.

-----

https://www.theaustralian.com.au/business/pressure-on-worksafe-victoria-to-turn-blind-eye-on-hotel-quarantine/news-story/d6a1209b6c4a81e266f22d37e736b509

Pressure on WorkSafe Victoria to turn blind eye on hotel quarantine

Robert Gottliebsen

Jennifer Coate and others have assembled a clear-cut case that 800 people died as a result of blatant breaches of Victoria’s Occupational Health and Safety Act.

And Victoria’s hotel quarantine death toll makes it rank with the world’s 10 worst industrial accidents during the last century. The world will be watching us.

The group entrusted to enforce the OH&S act, WorkSafe Victoria, is under incredible political pressure to turn a blind eye. And there are now clear signs that it will crumble under that pressure and set precedents that weaken the OH&S rules for all Australians.

After nine months investigation, WorkeSafe last week sent a letter to Self Employed Australia stating: ”At this point, WorkSafe is not in a position to say whether or when prosecution action will be brought as a result of its investigation.

-----

https://www.itwire.com/open-sauce/news-media-code-ball-firmly-in-federal-govt-s-court.html

Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

 

Monday, 21 December 2020 08:20

News media code: ball firmly in Federal Govt's court

By Sam Varghese

The next move in the battle over the news media code lies with the government, after Google essentially said on Friday that nothing in the law that was introduced in Parliament on 9 December was workable.

The pressure on Prime Minister Scott Morrison and Treasurer Josh Frydenberg is all the more because of the tough talk they indulged in before the law was brought into Parliament.

What adds to the problems faced by the government is the fact that Google's denunciation of the proposed law came after three major concessions were made to the digital platforms before the News Media and Digital Platforms Mandatory Bargaining Code was presented to Parliament.

Among the concessions was the time interval for informing publishers about algorithm changes; allowing digital platforms to factor in the value of the service they provide to a news organisation in monetary terms before the quantum of payment is decided; and applying the law only to Google Search and Facebook's NewsFeed. Instagram, Twitter and YouTube have been left out.

-----

https://www.itnews.com.au/news/bidens-options-for-russian-hacking-punishment-sanctions-cyber-retaliation-559278

Biden's options for Russian hacking punishment: sanctions, cyber retaliation

After hacks on US government agencies.

President-elect Joe Biden's team will consider several options to punish Russia for its suspected role in the unprecedented hacking of US government agencies and companies once he takes office, from new financial sanctions to cyberattacks on Russian infrastructure, people familiar with the matter say.

The response will need to be strong enough to impose a high economic, financial or technological cost on the perpetrators, but avoid an escalating conflict between two nuclear-armed Cold War adversaries, said one of the people familiar with Biden's deliberations, speaking on condition of anonymity.

The overarching goal of any action, which could also include stepped-up counter cyber espionage efforts, would be to create an effective deterrence and diminish the potency of future Russian cyber spying, the person said.

The unfolding crisis - and the lack of visibility over the extent of the infiltration into the computer networks of federal agencies including the Treasury, Energy and Commerce Departments - will push to the front of Biden's agenda when he takes office on January 20.

-----

https://www.itnews.com.au/news/cyber-security-left-out-of-cabinet-reshuffle-559239

Cyber security left out of cabinet reshuffle

By Tess Bennett on Dec 18, 2020 5:38PM

No dedicated cyber portfolio.

Prime Minister Scott Morrison has not appointed a dedicated minister for cyber security in Friday’s cabinet reshuffle.

Last month, The Australian reported that Morrison planned to create a cyber security role in his cabinet that would be added to the Home Affairs­ portfolio.

There were no changes made to the Home Affairs portfolio in today’s announcement, meaning Home Affairs minister Peter Dutton will retain responsibility for Australia’s cyber security policy and coordination. 

The opposition have described the omission of as a “missed opportunity” in a joint statement released by Shadow Minister for Home Affairs Senator Kristina Keneally and Tim Watts, Shadow Assistant Minister for Cyber Security.

“Despite media reports touting that Scott Morrison would create a cyber security cabinet position, responsibility for cyber security remains buried at the bottom of Peter Dutton’s over-flowing in tray,” they write.

-----

https://www.afr.com/technology/the-great-hack-attack-solarwinds-breach-exposes-security-black-hole-20201220-p56p1m

The great hack attack: SolarWinds breach exposes security black hole

Hannah Murphy, Helen Warrell and Demetri Sevastopulo

Dec 20, 2020 – 12.16pm

San Francisco/London/Washington | Until last week, SolarWinds was a little-known IT software group from Texas. Its deserted lobby has a framed magazine article from a few years ago when it was on a list of America’s “best small companies”.

Now the Austin-based company is at the heart of one of the biggest and most startling cyber hacks in recent history, with ramifications that extend into the fields of geopolitics, espionage and national security.

For nine months, sophisticated state-backed hackers have exploited a ubiquitous SolarWinds software product to spy on government and business networks around the world, including in the US, UK, Israel and Canada. Wielding innovative tools and tradecraft, the cyber spies lurked in email services and posed as legitimate staffers to tap confidential information stored in the cloud.

The bombshell revelations have sent 18,000 exposed SolarWinds customers scrambling to assess whether outsiders did indeed enter their systems, what the damage was and how to fix it.

-----

Comments more than welcome!

David.

No comments:

Post a Comment