-----
This weekly blog is to explore the news around the larger issues
around Digital Health, data security, data privacy, AI / ML. technology, social
media and related matters.
I will also try to highlight ADHA
Propaganda when I come upon it.
Just so we keep count, the latest Notes from the ADHA Board were dated
6 December, 2018 and we have seen none since!
It is worth pointing out that it was only in last little while (
beginning end July 2020 ) the ADHA took down the notification regarding the most
recent minutes notification. Embarrassed I guess – as they should be! I wonder
will the new CEO make a difference?
The new CEO has been in place 12+ weeks – no new minutes obvious
yet, or any other major improvements!
Note: Appearance here is not to suggest I see any credibility or
value in what follows. I will leave it to the reader to decide what is
worthwhile and what is not! The point is to let people know what is being said
/ published that I have come upon.
-----
https://www.theaustralian.com.au/business/technology/facebook-targets-quotations-in-posts/news-story/9854f091c97230b0fbb03fb8f768a855
Facebook targets quotations in posts
Chris Griffith
·
7:00AM December 24, 2020
A Facebook group supporting academic Kylie Moore-Gilbert has
fallen foul of the tech giant over a quotation.
Administrator of the “Free Kylie Moore-Gilbert” group Susanne Kay
published the quote “You are never too old to set another goal or to dream a
new dream” and attributed it to British writer and theologian C.S. Lewis.
Facebook branded the quotation as “false information” and greyed
it out, saying it was made by another person.
Ms Kay has questioned how far should Facebook go monitoring this
sort of content. For example, should Facebook focus on expeditiously removing
horrific video like that posted live of the Christchurch mass shootings rather
than quotations?
-----
https://evolveandamplify.com/work/redesigning-the-australian-digital-health-agencys-operating-model/
Redesigning the Australian Digital Health Agency’s
Operating Model
The Challenge
The
Australian Digital Health Agency (ADHA) delivers digital healthcare systems and
the national digital health strategy for Australia. To operate as effectively
as possible, it sought to eliminate capability duplication, uplift its
corporate capabilities and facilitate new ways of working.
ADHA
engaged the E&A team to ensure all business areas were aligned, working
together and operating efficiently.
Designing the Business
To
model how ADHA produces value for its stakeholders and identify the
capabilities required to realise this value, we leveraged existing materials,
such as ADHA’s strategic plan and related documents, and engaged with business
areas.
We
used business motivation models and business operations models to produce a
holistic and integrated view of ADHA’s business capability requirements.
We
also produced a view of the target state needed to achieve them.
-----
https://www.theaustralian.com.au/nation/cyber-spy-agency-on-high-alert-over-hack/news-story/a4879aac7be8536b662af8b29f2d3d20
Cyber spy agency on high alert over hack
Ben Packham
·
5:20AM December 24, 2020
The nation’s top cyber spy agency is working with potential
victims of the SolarWinds Russian hacking offensive, including some of the most
sensitive government departments and agencies, to assess whether their networks
have been breached.
The Australian can reveal the departments of Defence, Finance and
Home Affairs, and the Australian Securities and Investments Commission are
users of the network-management software infiltrated by the hackers.
Government tender records show the Australian Radiation Protection
and Nuclear Safety Agency, the Bureau of Meteorology, trade promotion agency
Austrade and the Department of Education, Skills and Employment are also
SolarWinds clients.
It’s understood the Australian Signals Directorate, which also
uses SolarWinds software, was unaffected by the attack.
-----
https://www.smh.com.au/technology/microsoft-customer-data-hacked-through-reseller-compromise-20201225-p56q4z.html
Microsoft customer data hacked through reseller
compromise
By Ellen Nakashima
December 25, 2020 — 12.04pm
Russian
government hackers have compromised Microsoft cloud customers and stolen emails
from at least one private-sector company, according to people familiar with the
matter, a worrying development in Moscow's ongoing cyberespionage campaign
targeting numerous US agencies and corporate computer networks.
The
intrusions appear to have occurred via a Microsoft corporate partner that
handles cloud-access services, those familiar with the matter said. They did
not identify the partner or the company known to have had emails stolen. Like
others, these people spoke on the condition of anonymity to discuss what
remains a highly sensitive subject.
Microsoft
hasn't publicly commented on the intrusions. On Thursday, an executive with the
tech giant sought to downplay the issue's significance.
"Our
investigation of recent attacks has found incidents involving abuse of
credentials to gain access, which can come in several forms," Jeff Jones,
Microsoft's senior director for communications, said. "We have still not
identified any vulnerabilities or compromise of Microsoft product or cloud
services."
The
troubling revelation comes several days after Microsoft's president, Brad
Smith, said the Fortune 500 company had not seen any customers breached through
its services, including the vaunted Azure cloud platform used by governments,
major corporations and universities worldwide.
-----
https://audioboom.com/posts/7758227-jennie-mcdonald-director-of-security-and-compliance-outreach-at-the-australian-digital-health-ag
Jennie McDonald, Director of Security and Compliance
Outreach at the Australian Digital Health Agency
Dec 24, 10:44 AM
Aaron Stevens
speaks with Jennie McDonald, Director of Security and Compliance Outreach at
the Australian Digital Health Agency.
(Quite a sensible set of tips if you are posting on social media)
-----
https://www.lexology.com/library/detail.aspx?g=d1b578d4-c1fb-4da1-a112-7a73168ae7ce
So you want a new approach to regulating digital
platforms: Too easy (not)
Gilbert + Tobin
The
emergence of powerful digital platform companies has presented challenges to
regulators around the world. In response, many are reaching for their
traditional tools by filing antitrust suits against Facebook and Google,
including here in Australia.
By
contrast, the UK Government has been attempting to construct a new regulatory
model for digital platforms that focuses on ex ante rules. This shift started
in 2019 with the Furman Review which concluded that solely relying on merger
and antitrust enforcement can create delays and uncertainty for all companies,
big and small, and ex ante regimes are clearer and more effective in the
dynamic digital economy.
Easier
said than done. While the would-be administrator of this new approach, the
Competition Markets Authority (CMA) has been assiduously building its ‘wish
list’ of new powers, the UK Government, in whose gift those powers would be,
has been much more cautious.
The
CMA has recently released two key reports about how the digital economy should
be regulated:
- The first CMA report, released in
November, was a study into the digital advertising market which had four
key recommendations (CMA
study).
- On 8 December 2020, the CMA released
their advice on the design and implementation of the new regime (CMA advice). The Government has not responded to the
CMA Advice.
On
27 November 2020, the UK Government responded to the CMA Study (UK Government response). While
the UK Government’s response goes some way to showing what the new regime will
look like, there is still a lot to be determined.
-----
https://www.theaustralian.com.au/business/the-wall-street-journal/google-facebook-agreed-to-team-up-against-possible-antitrust-action-draft-lawsuit-says/news-story/b00ce9b451fd4a7431abfad85844d12f
Google, Facebook agreed to team up against possible
antitrust action, draft lawsuit says
·
By Ryan Tracy
·
The Wall Street Journal
·
7:43AM December 23, 2020
Facebook and Alphabet’s Google agreed to “co-operate and assist
one another” if they ever faced an investigation into their pact to work
together in online advertising, according to an unredacted version of a lawsuit
filed by 10 states against Google last week.
The suit, as filed, cites internal company documents that were
heavily redacted. The Wall Street Journal reviewed part of a recent draft
version of the suit without redactions, which elaborated on findings and
allegations in the court documents.
Ten Republican attorneys general, led by Texas, are alleging that
the two companies cut a deal in September 2018 in which Facebook agreed not to
compete with Google’s online advertising tools in return for special treatment
when it used them.
Google used language from “Star Wars” as a code name for the deal,
according to the lawsuit, which redacted the actual name. The draft version of
the suit says it was known as “Jedi Blue.”
-----
https://www.lexology.com/library/detail.aspx?g=00ec3b92-fbc4-4328-b6b1-57793ebdce59
Australia approves sweeping changes to breach reporting
regime
Herbert
Smith Freehills LLP
Australia December 21 2020
In
a move with significant implications for Australian financial services and
credit licensees (AFS Licensees and Credit
Licensees respectively), the Federal Parliament has passed
legislation endorsing several reforms recommended by the Financial Services
Royal Commission, including to the regime for reporting significant breaches to
ASIC.1
This
briefing summarises the key changes to that regime, and issues to look out for
in preparing for the new regime to commence on 1 October 2021.
The
highly anticipated changes to the regime include:
- The requirement to report
significant breaches will extend to Credit Licensees for the first time.
- The significance test has been
expanded to require reports in a broader range of circumstances.
- The reporting obligation will apply
not only when the licensee ‘knows’ there has been or will be a significant
breach, but also where the licensee:
·
knows there are reasonable grounds to believe
that is the case; or
·
is reckless as to whether there are reasonable
grounds to believe that is the case.
-----
https://www.smh.com.au/technology/accc-could-sink-google-fitbit-deal-over-lingering-competition-fears-20201222-p56pj4.html
Google's $3b deal to buy Fitbit given workout by ACCC
December
22, 2020 — 4.18pm
Google's $3 billion deal to buy fitness tracking pioneer Fitbit
could be scuppered by the Australian Competition and Consumer Commission after
the watchdog rejected an undertaking that sought to address its concerns about
the deal.
The ACCC will continue its investigation alongside the United
States Department of Justice (DoJ) which is also reviewing Google's plans to acquire Fitbit for around $US2.1 billion ($3 billion) and pave the way for Google to challenge Apple in
the health-focused wearable sector.
ACCC chair Rod Sims said if the watchdog opposes the deal it could
lead to the entire transaction being blocked or the imposition of penalties on
Google for going ahead.
Last year, Google offered $US2.1 billion for
Fitbit, the activity tracking wearable technology company.
"We have to decide whether or not we oppose the transaction
and we have to take into account that this is an international
transaction," he said. "This is a very dynamic environment. So we
really need to see where the DoJ get to, but we also need to think through what
are our options in this complex, but really, really important market."
-----
https://www.itwire.com/technology-regulation/accc-extends-consumer-data-right.html
Wednesday, 23 December 2020 11:08
ACCC extends Consumer Data Right
By Stephen Withers
Changes
to the Consumer Data Right (CDR) rules will allow more businesses to share
their banking data with accredited recipients.
Following
consultations with stakeholders and government departments and agencies, the ACCC has
amended the CDR rules to include more business customers, including
partnerships.
CDR allows
customers to share their banking data (there are plans to extend CDR to other
areas such as energy) with authorised recipients to make it easier to shop
around for services.
This
helps provide a more level playing field, as it reduces the advantage that
incumbent providers have from being able to access detailed data about the
customer.
-----
https://www.itwire.com/open-sauce/nbn-fully-built-though-35,000-premises-still-unconnected-don-t-they-count.html
Author's Opinion
The
views in this column are those of the author and do not necessarily reflect the
views of iTWire.
Wednesday, 23 December 2020 11:07
NBN 'fully built' though 35,000 premises still
unconnected. Don't they count?
By Sam Varghese
Thirty-five
thousand Australian premises are yet to be connected to the national broadband
network, but Communications Minister Paul Fletcher has declared that the
network is "built and fully operational".
This
declaration was made in a media release which was
leaked to the Nine Entertainment newspapers a day early. That's the best way to
get "exclusives" these days.
Given
that, the use or reporting staples — the five Ws and the H — have been omitted
by the Nine Entertainment newspapers technology editor Supratim Adhikari. Else
the next release will not be leaked ahead of time.
The
words are quite silly but, given that Fletcher is uttering them, are of
sufficient import for others to muse on them as well.
-----
https://www.itnews.com.au/news/google-undertaking-for-fitbit-buy-fails-to-gain-accc-support-559298
Google undertaking for Fitbit buy fails to gain ACCC
support
By Ry Crozier on Dec
22, 2020 10:07AM
Final decision pushed back to the end of March 2021.
Google
is yet to convince Australian regulators that its proposed acquisition of
Fitbit won’t cause competition or privacy issues, with a draft
court-enforceable undertaking it submitted last month knocked back.
The
company, which hopes to buy Fitbit for US$2.1 billion (A$2.77 billion), won EU antitrust approval last week,
but is yet to have the transaction cleared by authorities in the US and
Australia, among other jurisdictions.
It
had submitted a “long-term behavioural undertaking” at the end of November to
address concerns raised by the Australian Competition and Consumer Commission
(ACCC).
-----
https://www.theaustralian.com.au/business/the-wall-street-journal/amazons-chief-technology-officer-shares-his-predictions-for-2021/news-story/28a1dc4baea603c8b11d17a4caaeae39
Amazon’s chief technology officer shares his
predictions for 2021
·
By Tom Loftus
·
Dow Jones
·
3:28PM December 18, 2020
Werner Vogels, Amazon.com Inc.’s chief technology officer,
predicts 2021 will see a much broader distribution of the technologies that
have been powering big corporations.
The shift, which includes connecting more devices to the cloud,
and better access to machine learning, builds on recent advances in software
and silicon as well as the acceleration of digital initiatives by companies
over the past year.
“I tried to stay with some of the things that I know will be
happening because we have some control of them,” said Mr. Vogels. On Wednesday,
he shared eight predictions based on customer-behavior patterns and technology
investments by the company. Some highlights below.
The cloud will be everywhere. Next year will see more devices and
more organizations powered by the cloud.
-----
https://www.theaustralian.com.au/business/pressure-on-worksafe-victoria-to-turn-blind-eye-on-hotel-quarantine/news-story/d6a1209b6c4a81e266f22d37e736b509
Pressure on WorkSafe
Victoria to turn blind eye on hotel quarantine
Robert
Gottliebsen
·
6:44AM December 21, 2020
Jennifer Coate and others have assembled a clear-cut case that 800
people died as a result of blatant breaches of Victoria’s Occupational Health
and Safety Act.
And Victoria’s hotel quarantine death toll makes it rank with the
world’s 10 worst industrial accidents during the last century. The world will
be watching us.
The group entrusted to enforce the OH&S act, WorkSafe
Victoria, is under incredible political pressure to turn a blind eye. And there
are now clear signs that it will crumble under that pressure and set precedents
that weaken the OH&S rules for all Australians.
After nine months investigation, WorkeSafe last week sent a letter
to Self Employed Australia stating: ”At this point, WorkSafe is not in a
position to say whether or when prosecution action will be brought as a result
of its investigation.
-----
https://www.itwire.com/open-sauce/news-media-code-ball-firmly-in-federal-govt-s-court.html
Author's Opinion
The
views in this column are those of the author and do not necessarily reflect the
views of iTWire.
Monday, 21 December 2020 08:20
News media code: ball firmly in Federal Govt's court
By Sam Varghese
The
next move in the battle over the news media code lies with the government,
after Google essentially said on Friday that nothing in
the law that was introduced in Parliament on 9 December was workable.
The
pressure on Prime Minister Scott Morrison and Treasurer Josh Frydenberg is all
the more because of the tough talk they indulged in before the law was brought
into Parliament.
What
adds to the problems faced by the government is the fact that Google's
denunciation of the proposed law came after three major concessions were made to the digital platforms
before the News Media and Digital Platforms Mandatory Bargaining Code was
presented to Parliament.
Among
the concessions was the time interval for informing publishers about algorithm
changes; allowing digital platforms to factor in the value of the service they
provide to a news organisation in monetary terms before the quantum of payment
is decided; and applying the law only to Google Search and Facebook's NewsFeed.
Instagram, Twitter and YouTube have been left out.
-----
https://www.itnews.com.au/news/bidens-options-for-russian-hacking-punishment-sanctions-cyber-retaliation-559278
Biden's options for Russian hacking punishment:
sanctions, cyber retaliation
After hacks on US government agencies.
President-elect
Joe Biden's team will consider several options to punish Russia for its
suspected role in the unprecedented hacking of US government agencies and companies
once he takes office, from new financial sanctions to cyberattacks on Russian
infrastructure, people familiar with the matter say.
The
response will need to be strong enough to impose a high economic, financial or
technological cost on the perpetrators, but avoid an escalating conflict
between two nuclear-armed Cold War adversaries, said one of the people familiar
with Biden's deliberations, speaking on condition of anonymity.
The
overarching goal of any action, which could also include stepped-up counter
cyber espionage efforts, would be to create an effective deterrence and
diminish the potency of future Russian cyber spying, the person said.
The
unfolding crisis - and the lack of visibility over the extent of the
infiltration into the computer networks of federal agencies including the
Treasury, Energy and Commerce Departments - will push to the front of Biden's
agenda when he takes office on January 20.
-----
https://www.itnews.com.au/news/cyber-security-left-out-of-cabinet-reshuffle-559239
Cyber security left out of cabinet reshuffle
By Tess Bennett on
Dec 18, 2020 5:38PM
No dedicated cyber portfolio.
Prime
Minister Scott Morrison has not appointed a dedicated minister for cyber
security in Friday’s cabinet reshuffle.
Last
month, The Australian
reported that Morrison planned to create a cyber security role
in his cabinet that would be added to the Home Affairs portfolio.
There
were no changes made to the Home Affairs portfolio in today’s announcement,
meaning Home Affairs minister Peter Dutton will retain responsibility for
Australia’s cyber security policy and coordination.
The
opposition have described the omission of as a “missed opportunity” in a joint statement
released by Shadow Minister for Home Affairs Senator Kristina Keneally and Tim
Watts, Shadow Assistant Minister for Cyber Security.
“Despite
media reports touting that Scott Morrison would create a cyber security cabinet
position, responsibility for cyber security remains buried at the bottom of
Peter Dutton’s over-flowing in tray,” they write.
-----
https://www.afr.com/technology/the-great-hack-attack-solarwinds-breach-exposes-security-black-hole-20201220-p56p1m
The great hack attack: SolarWinds breach exposes
security black hole
Hannah Murphy, Helen Warrell and Demetri
Sevastopulo
Dec 20, 2020
– 12.16pm
San
Francisco/London/Washington | Until last week, SolarWinds
was a little-known IT software group from Texas. Its deserted lobby
has a framed magazine article from a few years ago when it was on a list of
America’s “best small companies”.
Now
the Austin-based company is at the heart of one of the biggest and most
startling cyber hacks in recent history, with ramifications that
extend into the fields of geopolitics, espionage and national security.
For
nine months, sophisticated state-backed hackers have exploited a ubiquitous
SolarWinds software product to spy on government and business networks around
the world, including in the US, UK, Israel and Canada. Wielding innovative
tools and tradecraft, the cyber spies lurked in email services and posed as
legitimate staffers to tap confidential information stored in the cloud.
The
bombshell revelations have sent 18,000 exposed SolarWinds customers scrambling
to assess whether outsiders did indeed enter their systems, what the damage was
and how to fix it.
-----
Comments more
than welcome!
David.