Out of a lot of nonsense about cyber attacks by foreign governments there comes a good article dealing with the key issue… poor privacy practices by individuals

February 20, 2019

There has been no shortage of breathless and generally meaningless articles about the Government’s statement that political parties and the Australian Parliament have been the subject of state sponsored cyber attacks.  The Government boffins have come out with statements both  highlighting the risk and claiming everything is under control.  It has given rise to ponderous commentary about attacks on democracy and then spins out to truly odd dystopian pieces as Peter Hartcher did with Farewell tech utopia: how governments are readying the web for war which swallows the  twaddle about the internet being balkanised and ruined. 

The reality is that cyber attacks by state players, mainly Russia, China and North Korea have been a regular occurrence for a decade.  Then there are the plethora of non state hackers in India, the various Stans and Africa who sometimes are engaged by instruments of state to create mischief.  It is a feature of life in the age of the internet. 

Rather than reading the Henny Penny the sky is falling reportage and the end of innocence blather the best article to get an understanding of what is going on and why is the ABC piece Cyber attacks by foreign governments, malicious companies and enterprising hackers are on the rise. And the biggest problem is you. It sets out in plain undramatic terms that most cyber attacks succeed because someone in an organisation or government agency is fooled by an email containing malware.  And, as the article makes clear, that problem is one of Read the rest of this entry »

Nearly one in ten adults admit to taking nude images without consent

February 19, 2019

The Guardian with Revenge porn: nearly one in 10 adults admit to taking nude images without consent and the Canberra Times in One in 10 Australians have perpetrated ‘image-based abuse’ have reported on research by RMIT and Monash University in Image-based sexual abuse: The extent, nature, and predictors of perpetration in a community sample of Australian residents which found that 10% of adults have engaged in this problematical (and in many jurisdictions is criminal) conduct.  

The stories are not a product of detailed analysis but a pick up of the media release by the RMIT on Monday, 18 February 2019 which Read the rest of this entry »

Yet another reheated article about the Privacy Act exemptions for political parties being wrong… correct but nothing new in any of that

David Crowe, one of the more energetic commentators at the Fairfax Press has put together a piece about the ridiculous exemption that political parties have from regulation of the Privacy Act 1988 in Political parties should be stripped of Privacy Act exemptions after hack: experts.  It is one of those topics that columnists dust off from time to time. Peter Van Onselen has repeatedly drawn from that well though pretty much saying the same thing again and again and again in an Australian article in Political parties violate our rights to privacy  on 23 July 2011, raising the issue Read the rest of this entry »

ACCC Chairman Sims gives speech on Digital Platforms Inquiry, raising privacy issues to be addressed

February 12, 2019

Yesterday, Rod Sims in a speech to the IIC Australian Chapter highlighted the issues that the ACCC raised in its Preliminary report on the Digital Platforms Inquiry.  The final submissions close on 15 February 2019.

As with the Preliminary Report Sims highlights the privacy issues that are associated with the current regime of data collection, the matching and lack of consent.  These are matters that should of primary concern to Read the rest of this entry »

Australian Information Commissioner publishes data breach statistics for 1 October – 31 December 2018 with 262 notified data breaches. Likely it is a understatement of the number of breaches in that quarter

The Information has published its Notifiable Data Breaches Quarterly Statistics Report for the last quarter of 2018.

The media release provides:

The latest quarterly report from the Office of the Australian Information Commissioner (OAIC) shows 262 data breaches involving personal information were notified between October and December 2018.

Read the rest of this entry »

Google’s tangles with the regulators continue with French regulator fining it 80 million for breach of GDPR

January 23, 2019

Facebook had a worse 2018 than Google but to a large extent that is merely a matter of degree. Facebook’s travails with its association with Cambridge Analytica and not doing much with the proliferation of false news stories planted by Russia and other actors made 2018 an annus horribilis. Google has had to deal with the phenonama of false news issues as well as years of litigation in the European Union, the UK and Australia.
It might be that Google will have a hotter time of it in 2019 with the French Regulators, the National Data Protection Commission, fining it 50 million euros for not getting valid user consent to gather data for targeted advertising. The regulators claim that Google breached the GDPR, the General Data Protection Regulation.

Read the rest of this entry »

Singapore’s worst data breach which resulted in access to personal data of 1.5million results in a fine of $1 million Singaporean dollars

January 21, 2019

In July 2018 the Singaporean Government announced that there was a cyber attack which compromised the personal data of 1,495,364 people and led to outpatient prescription information for nearly 160,000 people being “exfiltrated”.

Read the rest of this entry »

Police databases and breaches of privacy

January 15, 2019

Police databases are a critically important investigative tool. They enable police to locate suspects, confirm addresses, check car ownership and registration and generally access information about individuals, often provided to the many governmental agencies through compulsion. It is then concerning when police abuse their powers to access data bases. There have been reports of such breaches in Queensland and Victoria.

Read the rest of this entry »

Massive data breach exposes personal information of German politicians.

January 5, 2019

Data breaches of any personal information is a serious matter. The misuse of personal information can financially affect a person whose information is used for identity theft and it can have a massive impact on an organisation that suffers a data breach.  A sub set of data breaches is where the target is a public figure.  There the motivations are generally not financial.  The aimed impact is reputational and  humiliation. It can also be used to cause disruption, as was the case recently in Germany where there has been a massive hacking attack which has resulted in personal data of hundreds of German politicians have been accessed and then leaked over Twitter.  This has been reported by Wired in  A Major Hacking Spree Gets Personal for German Politicians, Reuters in German politicians’ data published online in massive breach and the Australian in Angela Merkel hit in massive data hack attack.  The focus of these breaches are to humiliate and embarrass.  The breach is a particularly pernicious form of politics.  It is curious that Read the rest of this entry »

My Health Records suffered 42 data breaches in 2018 and problems with data entry

December 31, 2018

My Health Records can be seen as a legislative process, the enactment of legislation, the implementation of a public policy initiative, placing people’s digital records on line, and a salient lesson in how not to legislate and implement an initiative.  The implementation of the My Health Records scheme has been fraught and is a complete mess as far as privacy and cyber security is concerned.  The legislation had to be amended to assuage privacy concerns, which were at best quick fixes, and the opt out period was extended.

And the problems keep on coming.  The Fairfax Press reports that there have been 42 data breaches in 2018.  Meanwhile the Herald Sun reports that wrong data has been entered into the My Health Record system.

The Herald Sun report Read the rest of this entry »