Peter A Clarke

Categories

  • Blogs

  • Civil Liberties & rights

  • Current Affairs

  • Data security

  • Legal blogs

  • Newspapers

  • Overseas legal sites

  • Oz Legal

  • Politics

  • Privacy sites

  • Technology

    • Yes Virginia there is a Santa Claus

    December 25, 2023

    As per a long standing tradition I with all a very happy and holy Christmas with a one of the most wonderful odes to Christmas, Yes Virginia there is a Santa Claus. As a piece of prose it is superlative writing.  An economy of words which captures  the message of hope and optimism.  There is a wonderful story behind it with an 8 year old seeking advice and Virginia going on to live a wonderfully productive life.

    I wish you all a wonderful Christmas and hope you approach 2024 with all the hope and optimism of the Yes Virginia editorial from all those years ago.

    The letter provides:

    Dear Editor,

    I am 8 years old. Some of my little friends say that there is no Santa Claus. Papa says “If you see it in the Sun, it is so.” Please tell me the truth, is there a Santa Claus?

    Virginia,

    Your little friends are wrong. They have been affected by the skepticism of a skeptical age. They do not believe except what they see. They think that nothing can be which is not comprehensible by their little minds.

    All minds, Virginia, whether they be men’s or children’s, are little. In this great universe of ours, man is a mere insect, an ant, in his intellect, as compared with the boundless world about him, as measured by the intelligence capable of grasping the whole of truth and knowledge.

    Yes, Virginia, there is a Santa Claus. He exists as certainly as love and generosity and devotion exist, and you know that they abound and give to our life its highest beauty and joy.

    Alas! How dreary would be the world if there were no Santa Claus! It would be as dreary as if there were no Virginias. There would be no childlike faith then, no poetry, no romance to make tolerable this existence. We should have no enjoyment, except in sense and sight. The eternal light with which childhood fills the world would be extinguished.

    Not believe in Santa Claus? You might as well not believe in fairies! You might get your Papa to hire men to watch all the chimneys on Christmas Eve to catch Santa Claus, but even if they did not see Santa Claus coming down, what would that prove?

    Nobody sees Santa Claus, but that is no sign that there is no Santa Claus The most real things in the world are those that neither children nor men can see.

    Did you ever see fairies dancing on the lawn? Of course not, but that’s no proof that they are not there. Nobody can conceive or imagine all the wonders that are unseen and unseeable in the world.

    You tear apart the baby’s rattle and see what makes the noise inside, but there is a veil covering the unseen world which not the strongest man, or even the united strength of all the strongest men that ever lived, could tear apart. Only faith, fancy, poetry, love, romance, can push aside that curtain and view and picture the supernatural beauty and glory beyond.

    Is it all real? Ah, Virginia, in all this world there is nothing else as real and abiding.

    No Santa Claus? Thank God he lives and he lives forever. A thousand years from now, maybe 10 times 10,000 years from now, he will continue to make glad the hearts of children.

    Written by Francis P. Church in 1897

    .

    Posted in General | Post a comment »

    An estimated 5,951, 612,884 records breached in cyber incidents in 2023 with the biggest involving DarkBeam

    December 15, 2023

    Itgovernance has provided its annual report of annual data breaches this year.  Some of the grim statistics this year are:

    Number of incidents in 2023: 1,404

    Number of breached records in 2023: 5,951,612,884

    Biggest data breach of 2023 so far: DarkBeam (3.8 billion breached records)

    Biggest data breach in the UK: DarkBeam (3.8 billion breached records)

    Integrity 360 has listed the Top Reported Cyber Security Incidents of 2023 covering much the same ground but delving into particular data breaches such as DarkBeam and UK Electoral Commission which involved personal information of 40 million people.

    Webber Insurance Services provides a list of reported data breaches in Australia.  The data breaches identified in 2023 highlight the increasing number of attacks and growing magnitude.  In November alone there was a data breach at 

     

     

    Posted in Privacy | Post a comment »

    The US Federal Trade Commission gives warning about QR Codes being used to steal information

    December 13, 2023

    The challenge in privacy and cyber security is identifying and dealing with the constantly evolving threats.  Hackers are versatile while organisations and people are less so.  The difference is successful cyber attacks with the damage they cause.  Hackers are very good readers of psychology.  They are good are taking advantage of peoples’ habits.  They have moved into using QR codes to get access.  That is clever.  Many are now accustomed to using QR codes to sign in, order or obtain goods or services. The Federal Trade Commission has issued a warning about QR Codes to steal personal information.

    The media release provides:

    QR codes seem to be everywhere. You may have scanned one to see the menu at a restaurant or pay for public parking. And you may have used one on your phone to get into a concert or sporting event, or to board a flight. There are countless other ways to use them, which explains their popularity. Unfortunately, scammers hide harmful links in QR codes to steal personal information. Here’s what to know. Read the rest of this entry »

    Posted in Privacy | Post a comment »

    Apple releases report revealing 2.6 billion records compromised by data breaches and says the answer is encryption

    December 8, 2023

    It never ceases to amaze me how few businesses, and government agencies, encrypt their data. Given it is feasible the refusal to do so, particularly by organisations that collect and store masses of data is a major failure of cyber security. Apple released a report, titled The Continued Threat to Personal Data: Key Factors Behind the 2023 Increase, in support of its push for end to end encryption.  The release provides:

    Today Apple published an independent study conducted by Massachusetts Institute of Technology professor Dr Stuart Madnick that found clear and compelling proof that data breaches have become an epidemic, threatening sensitive and personal consumer data the world over. The total number of data breaches more than tripled between 2013 and 2022 — exposing 2.6 billion personal records in the past two years alone — and has continued to get worse in 2023. The findings underscore that strong protections against data breaches in the cloud, like end-to-end encryption, have only grown more essential since last year’s report and the launch of Advanced Data Protection for iCloud.
    This year’s study, “The Continued Threat to Personal Data: Key Factors Behind the 2023 Increase”, demonstrates threats that had already reached historic levels — as shown in last year’s report, “The Rising Threat to Consumer Data in the Cloud” — continue to rise. Increasingly, companies across the technology industry are addressing these threats by implementing end-to-end encryption, as Apple did with last year’s launch of Advanced Data Protection for iCloud.
    With Advanced Data Protection for iCloud, which uses end-to-end encryption to provides Apple’s highest level of cloud data security, users have the choice to further protect important iCloud data even in the case of a data breach. iCloud already protects 14 sensitive data categories using end-to-end encryption by default, including passwords in iCloud Keychain and Health data. For users who enable Advanced Data Protection for iCloud, the total number of data categories protected using end-to-end encryption rises to 23, including iCloud Backup, Notes and Photos.
    “Bad actors continue to pour enormous amounts of time and resources into finding more creative and effective ways to steal consumer data, and we won’t rest in our efforts to stop them,” said Craig Federighi, Apple’s senior vice president of Software Engineering. “As threats to consumer data grow, we’ll keep finding ways to fight back on behalf of our users by adding even more powerful protections.”As shown in this year’s report, the increasing digitalisation of users’ personal and professional lives has fuelled a dramatic rise in data breaches. Each year, thousands of data breaches expose the personal information of hundreds of millions of consumers. Hackers are evolving their methods and finding more ways to defeat security practices that once held them back. Consequently, even organisations with the strongest possible security practices are vulnerable to threats in a way that wasn’t true just a few years ago.The report also shows that even when consumers take all the right steps to secure their sensitive data, it’s still at risk of being compromised by hackers if it’s stored in a readable form by organisations they entrust it with. For instance, when attempting to infiltrate companies with robust security practices, hackers often start by targeting a different organisation with relatively weak security that has a technical business relationship with the ultimate target. They then steal credentials or information that helps them target employees or systems at the organisation that is their primary objective.As threats to user data continue to grow more frequent and sophisticated, Apple’s long track record of engineering powerful and innovative features make its products the most secure on the market. With Lockdown Mode, Apple developed a protection for those who may be targeted by extreme threats like mercenary spyware because of who they are or what they do. Apple’s Advanced Data Protection for iCloud is another feature the company has developed to protect users against growing threats to their data, keeping most user data in iCloud protected even in the case of a data breach in the cloud.The report illustrates that the historic threats to user data that saw the number of data breaches nearly triple between 2013 and 2022, compromising 2.6 billion records over the course of two years, are only getting worse in 2023. In the US alone, there were nearly 20 per cent more breaches in just the first nine months of 2023 than in any prior year. The target for cybercriminals was very clear, with a 2023 survey finding that over 80 per cent of breaches involved data stored in the cloud. This is after attacks targeting cloud infrastructure nearly doubled from 2021 to 2022.This is due in part to the increased targeting of consumer data by ransomware gangs and coordinated campaigns that compromised vendors or their products to target customers. The threat of ransomware has only grown in 2023, as shown by the fact that there were nearly 70 per cent more attacks reported through to September 2023 than in the first three quarters of 2022. In fact, experts found that there were more ransomware attacks through to September 2023 than in all of 2022 combined. This has led to alarming trends in the US and abroad, with more than double the accounts getting breached in the first half of 2023 compared to the first half of 2022 in the UK, Australia and Canada combined.

    The report itself makes Read the rest of this entry »

    Posted in Privacy | Post a comment »

    ACMA fines Telstra $300,000 for privacy failures and customer safety breaches

    December 4, 2023

    Optus may have had an annus horribilis as far as data breaches go but Telstra has had anything but a good record in terms of protecting privacy. The latest iteration is Telstra being fined by ACMA for privacy and safety breaches. It has also issued an infringement notice and entered into an enforceable undertaking.  This fine is on top of a $2.5 million fine in 2021 for breach of IPND rules.

    Telstra’s media release provides:

    Telstra has paid a $306,360 infringement notice issued by the Australian Communications and Media Authority (ACMA) for failing to provide accurate details of thousands of customers to the Integrated Public Number Database (IPND).

    The IPND is used by Triple Zero to help locate people in an emergency, for the Emergency Alert Service to warn Australians of emergencies like flood or bushfire, and to assist law enforcement activities. Read the rest of this entry »

    Posted in Privacy | Post a comment »

    Queensland Parliament passes mandatory data breach notification legislation for Government agencies. To come into effect on 1 July 2026

    December 3, 2023

    On November 29, 2023, the Attorney General, the Minister for Justice, and the Minister for the Prevention of Domestic and Family Violence announced that the Information Privacy and Other Legislation Amendment Act 2023 was passed by the Queensland Parliament, creating, among other things, a mandatory data breach notification scheme (MDBN Scheme).

    The press release, found here,provides:

    Queensland government agencies will be subject to new requirements for managing personal information, and a mandatory data breach scheme will be established, after the Information Privacy and Other Legislation Amendment Act 2023 was passed by parliament today. 

    The information privacy reforms are currently expected to begin on 1 July 2025, with the commencement of the mandatory data breach notification scheme as it applies to local governments not commencing until 1 July 2026.

    The legislation improves privacy protections available to individuals while the mandatory data breach notification scheme will strengthen and regulate the response to data breaches by government agencies.

    It will require agencies to notify affected individuals and the Office of the Information Commissioner of eligible data breaches that could result in serious harm. Read the rest of this entry »

    Posted in Privacy | Post a comment »