In education IT we have a phrase — ‘technical solution to a people problem’ — to describe the use of technology to solve a behavioural problem that would be better solved simply by having people behave more sensibly or by following existing rules… rather than trying to implement increasingly baroque limits with technology, which are invariably bypassed because the problem is that the user isn’t respecting the rules in the first place. When it comes to COVID-19 contact tracing, it has become clear that Bluetooth-based contact tracing is a technical solution to a public health problem. This applies to both the COVIDSafe app, which is technically deficient in multiple ways, as well the Google/Apple Exposure Notification, which is conceptually deficient.
Imagine a world where both nation-states and criminals are able to compromise e-commerce traffic, steal banking details and access your private information at will, and yet at the same time that the criminals themselves and their activities are completely protected because, well, they’re criminals, and they don’t follow the same laws that compromise the privacy of law-abiding citizens. This is the utopia that many governments, law enforcement agencies and now even Interpol want us to live in.
It seems every week we’re learning of a new online privacy breach. The latest (as I write this) is the ‘accidental’ release of Myki user travel data. The Victorian Department of Transport released over 18 billion records relating to travel by more than 15 million users on public transport in Victoria over a three-year period, believing that they had anonymised the data sufficiently to protect people’s privacy.
A few weeks ago, former Senator Scott Ludlam highlighted an article about a new CCTV and Wi-Fi system being installed by the City of Darwin council. It made several claims including that there would be virtual fences, facial recognition and, most outlandishly, a social credit system like that found in China. The council was forced to refute these claims, denying that the facial recognition feature would be used, and of course that there would be no social credit system.
There are two issues that I’d like to provide a quick update on today — the nbn, and the Assistance and Access Bill (2018). As you’re aware, ITPA has spoken strongly on the nbn in the past. We absolutely support the notion that a national broadband network built to deliver access for the nation is a positive concept. It not only allows us to compete on an international stage, but also to deliver critical services and capabilities domestically in an equitable fashion between city and country areas that never would have occurred had the job been left to the private sector. Indeed, some of the arguments against the nbn have been that no private sector company would build such a network due to the risk and lengthy ROI projections attached to it — which is precisely why it needed to …
Hi all, and welcome to 2019! For many of us a new year is an opportunity to start afresh — to set goals, and set ourselves on a plan to achieving them. For others, it’s a continuation of the year before — following up on items that weren’t able, for whatever reason, to be finalised in the previous year. For ITPA this year, it’s a bit of both.
There have been some new and interesting developments on the Assistance and Access Bill (2018), which I think are important to communicate. Despite a growing list of concerns with the bill as it stands, Prime Minister Morrison and Minister Dutton continue to call for the bill to be passed, with pressure being put on the PJCIS to recommend that it be passed before the end of parliamentary sitting time in 2018. ITPA has joined with a number of other technology industry groups to insist that the PJCIS does not rush to recommend the bill.
Thursday 15 November was meant to be the last day that Australians had to opt out of My Health Record, a national online database of patient health information with serious flaws. (Check our previous article for what was wrong with it.) The flaws within My Health Record were so bad that last week it emerged that the Privacy Commissioner for the Australian Digital Health Agency (which is responsible for My Health Record) quit last month, apparently leaving the organisation out of frustration that privacy and security concerns she had raised were being ignored by senior management.
Barely a week after the Department of Home Affairs consultation period closed, Minister Dutton has pushed into parliament a version of the Assistance and Access Bill 2018 with only minor changes. This was then referred to the Parliamentary Joint Committee on Intelligence and Security (PJCIS), which is now running its own consultation period, closing on 12 October 2018. You can see the details here. It seems odd to us (and many other groups with expertise in this area) that all of the submissions to the original consultation could have been appropriately considered within the incredibly short time frame between the consultation closing and the bill being introduced to Parliament. Certainly, the level of changes (removing protecting government revenue as a reason for action under the bill) indicate that the vast majority of the feedback (our submission is here; a list …
A few weeks ago, the federal government’s Department of Home Affairs requested comments from the public on a draft of ‘The Assistance and Access Bill 2018’ — a bill designed to allow law enforcement agencies to gain access to communications and information previously not available to them due to encryption technology. As we noted, we intended to make a submission to the government on this bill. You can read the details of our submission below. In summary though, the bill, in its current form, will have a dire impact on internet privacy and potentially even e-commerce, all without actually achieving its stated goals — because criminals will simply move to using software not subject to this law.