We can expect to see lots of noise about specific proposals and hope the Albanese government (copied by state/territory counterparts) gives us the legislation we need.

Making sense of the report

At a superficial level, the report gives effect to an election commitment – a promise to do something about federal privacy law, which is centred on public/private data collection and use (often online), rather than state/territory law dealing with activity such as strip searches, public hospital records, hidden cameras in toilets or senior figures distributing nude photos of rivals.

More deeply, it is a recognition that, as part of the global economy where data and investment flow across borders, Australia continues to limp behind law and administration where protecting privacy is concerned. Updating the Privacy Act also reflects recognition of challenges facing business and government in the world of ransomware, big data and artificial intelligence.

Unhappiness with the “she’ll be right, mate” approach of some large organisations and the failure of the key national privacy regulator (under-resourced, under-skilled and slow to act) was evident in the recent Optus and Medibank data breaches.

The proposals are not new. They have been voiced in detailed law reform commission reports, national and state parliamentary committee reports, statements by independent bodies such as the Law Council and academics over the past 20 years. The lack of action to date means Australians might be sceptical about what will happen once the government is lobbied by those whose interests are served by keeping things as they are, and it is again tempted to kick the can down the road.

What do the proposals cover?

It is important to remember that states and territories have significant responsibilities regarding privacy. The proposal to set up a working party involving those governments provokes thought about why that hasn’t been done already.

The initial proposal calls for changing the 1988 Privacy Act to explicitly recognise that privacy is in the public interest, something that shouldn’t be controversial and offsets the absence of a human rights framework in the national constitution. After that, we are into some positive steps forward. However, these are tempered by a lot of “let’s wait and see the administration” before starting to celebrate.

The report retains the overall structure of the 1988 Act but, crucially, extends its coverage, in particular on what is “personal information”. It calls for consultation about criminal penalties and for prohibiting some of the ways organisations have got around restrictions.

It proposes consultation about removing the exemption for small businesses (those under A$3million) and about the handling of employee records. The major exclusion of political parties – a common source of unhappiness – would be modified. Journalists would be expected to behave better.

The report emphasises meaningful consent. In the collection of personal information, consent must be

voluntary, informed, current, specific and unambiguous.

This would bring Australia into line with Europe and indeed with much of our existing law, such as that administered by the Australian Competition and Consumer Commission.

We can expect controversy about a proposed right of “erasure” and about “de-indexing”. This is referred to as the “right to obscurity” in Europe, and means some personal information stays online but is not highlighted in search engine results. Individuals would need to ask for that obscurity, and it would not be granted for serious criminal offences.

There have been recurrent proposals for a “privacy tort”: this means people whose privacy has been seriously invaded could take action in a court to stop the invasion and/or gain compensation.

The report endorses this recommendation by the Australian Law Reform Commission. It also proposes a “direct right of action” under the current act. This implicitly offsets the weakness of the Office of the Australian Information Commissioner (OAIC), one of the two national information privacy watchdogs.

The report grapples with data breaches such as the recent Optus and Medibank incidents. Proposals regarding mandatory reporting of such breaches tweak the current regime.

There is likely to be more push-back from business and public sector organisations regarding a proposed requirement for those bodies to “identify, mitigate and redress actual and reasonably foreseeable loss”. This is a first step towards persuading organisations to meaningfully lift their game and compensate for harms.

It’s too soon to cheer

On the surface, the report is a major step forward, something that business and the community should strongly endorse. In practice, we need to look beyond the headlines and see the details of how the proposals would be written into law, and whether the attorney-general can harness support in the face of the usual strong lobbying.

Proposals that there will be discussion, yet again, don’t provide much comfort. More worryingly, the proposals centre on the development and implementation of guidelines and standards by the OAIC.

In practice, the report proposes to perpetuate existing problems involving a regulator with a timid corporate culture and a commitment to interpreting the legislation through the eyes of the bodies it is meant to regulate. Change is better than good intentions.

This article is republished from The Conversation under a Creative Commons license. Read the original article.

Medicare card numbers are the latest personal details to be exposed as part of the Optus data breach.

Optus has confirmed this affects 14,900 valid Medicare numbers that have not expired, and a further 22,000 expired card numbers.

But this isn’t the first time Australians’ Medicare numbers have been exposed. And some privacy and cybersecurity experts have long been concerned about the security of our health data.

Here’s what you can do if you’re concerned about the latest Medicare breach, and what needs to happen next.

What’s the big deal?

Your Medicare number gives you access to subsidised services across Australia’s health system. Most Australians have a number, whether or not they use these services.

Your Medicare card (as a plastic card or digitally, on your phone) is an official identifier. So alongside a driver’s licence, tax file number, birth certificate and passport, it can also be used as “proof of identity”. You may have supplied your Medicare number when opening a bank account, or signing up for a phone plan.

The idea is to minimise the chance people are using fake identities to wrongfully gain benefits from governments and business, including taking part in criminal activities such as money laundering.

Businesses and agencies are not meant to match your Medicare number with other data (eroding your privacy) other than in exceptional circumstances.

But they commonly accept sight of the physical/digital card bearing the number as proof of who you claim to be and risk data breaches by retaining copies of what they saw. Optus was such a business.

What should happen to protect your Medicare number?

In theory, your Medicare number is protected by a number of different types of legislation – both national and at the state/territory level.

There are privacy laws. These are meant to prevent businesses and government agencies from unauthorised use of Medicare and other official identifiers for profiling people. These laws are also meant to prevent undisclosed sharing with other entities, such as individuals or businesses.

Then there are cybersecurity and other criminal laws. These also aim to prevent unauthorised access, sale and sharing of your Medicare number and other data (known as metadata) stored by telecommunication providers.

Has this happened before?

Medicare numbers have been breached before, in 2017. An official inquiry noted trade in stolen Medicare numbers on the dark web.

The 2017 breach was apparently much larger, but the Optus numbers may grow as the investigation continues.

Experts have also raised concern about the government’s authorised release in 2016 of apparently de-identified health data. In fact, patient details could be identified, using a number of simple steps.

These two earlier examples should have meant both health agencies and businesses have taken extra care about their obligations to safeguard health data.

What if your Medicare number has been exposed?

Unauthorised use of a Medicare number doesn’t necessarily result in large-scale identity crime.

For instance, Minister for Government Services Bill Shorten has said a Medicare number alone cannot unlock access to someone’s myGov account (and therefore access to someone’s welfare or tax details).

However, the Optus data breach – and future data breaches in the public and private sector – does provide Australian and overseas criminals with a set of identifiers (including passport and driver’s licence numbers), that can be used for a range of identity crimes, such as impersonating someone else.

Optus is advising affected customers to replace their Medicare card, at no cost, via their Medicare online account at myGov, the Express Plus Medicare mobile app, or by calling Medicare on 132 011.

Further details are available via Services Australia.

What else needs to happen?

As with many data breaches, details about what happened at Optus, how and who is affected are only slowly trickling out.

The Office of the Australian Information Commission – the national privacy regulator – needs to run a rigorous and detailed investigation and release its findings publicly.

This needs to be accompanied by a hard-hitting independent inquiry of what happened at Optus. This requires IT expertise, which the Office of the Australian Information Commission may not have. Such an inquiry would also demonstrate Optus’ commitment to learn from any failures.

As we have seen before, businesses and government agencies cannot assume a data breach “won’t happen to them”. We need to find out what happened at Optus to ensure the future privacy of some of our most personal data.

This article is republished from The Conversation under a Creative Commons license. Read the original article.

The federal government has announced a plan to increase the sharing of citizen data across the public sector.

This would include data sitting with agencies such as Centrelink, the Australian Tax Office, the Department of Home Affairs, the Bureau of Statistics and potentially other external “accredited” parties such as universities and businesses.

The draft Data Availability and Transparency Bill released today will not fix ongoing problems in public administration. It won’t solve many problems in public health. It is a worrying shift to a post-privacy society.

It’s a matter of arrogance, rather than effectiveness. It highlights deficiencies in Australian law that need fixing.

Making sense of the plan

Australian governments on all levels have built huge silos of information about us all. We supply the data for these silos each time we deal with government.

It’s difficult to exercise your rights and responsibilities without providing data. If you’re a voter, a director, a doctor, a gun owner, on welfare, pay tax, have a driver’s licence or Medicare card – our governments have data about you.

Much of this is supplied on a legally mandatory basis. It allows the federal, state, territory and local governments to provide pensions, elections, parks, courts and hospitals, and to collect rates, fees and taxes.

The proposed Data Availability and Transparency Bill will authorise large-scale sharing of data about citizens and non-citizens across the public sector, between both public and private bodies. Previously called the “Data Sharing and Release” legislation, the word “transparency” has now replaced “release” to allay public fears.

The legislation would allow sharing between Commonwealth government agencies that are currently constrained by a range of acts overseen (weakly) by the under-resourced Australian Information Commissioner (OAIC).

The acts often only apply to specific agencies or data. Overall we have a threadbare patchwork of law that is supposed to respect our privacy but often isn’t effective. It hasn’t kept pace with law in Europe and elsewhere in the world.

The plan also envisages sharing data with trusted third parties. They might be universities or other research institutions. In future, the sharing could extend to include state or territory agencies and the private sector, too.

Any public or private bodies that receive data can then share it forward. Irrespective of whether one has anything to hide, this plan is worrying.

Why will there be sharing?

Sharing isn’t necessarily a bad thing. But it should be done accountably and appropriately.

Consultations over the past two years have highlighted the value of inter-agency sharing for law enforcement and for research into health and welfare. Universities have identified a range of uses regarding urban planning, environment protection, crime, education, employment, investment, disease control and medical treatment.

Many researchers will be delighted by the prospect of accessing data more cheaply than doing onerous small-scale surveys. IT people have also been enthusiastic about money that could be made helping the databases of different agencies talk to each other.

However, the reality is more complicated, as researchers and civil society advocates have pointed out.

Why should you be worried?

The plan for comprehensive data sharing is founded on the premise of accreditation of data recipients (entities deemed trustworthy) and oversight by the Office of the National Data Commissioner, under the proposed act.

The draft bill announced today is open for a short period of public comment before it goes to parliament. It features a consultation paper alongside a disquieting consultants’ report about the bill. In this report, the consultants refer to concerns and “high inherent risk”, but unsurprisingly appear to assume things will work out.

Federal Minister for Government Services Stuart Roberts, who presided over the tragedy known as the RoboDebt scheme, is optimistic about the bill. He dismissed critics’ concerns by stating consent is implied when someone uses a government service. This seems disingenuous, given people typically don’t have a choice.

However, the bill does exclude some data sharing. If you’re a criminologist researching law enforcement, for example, you won’t have an open sesame. Experience with the national Privacy Act and other Commonwealth and state legislation tells us such exclusions weaken over time

Outside the narrow exclusions centred on law enforcement and national security, the bill’s default position is to share widely and often. That’s because the accreditation requirements for agencies aren’t onerous and the bases for sharing are very broad.

This proposal exacerbates ongoing questions about day-to-day privacy protection. Who’s responsible, with what framework and what resources?

Responsibility is crucial, as national and state agencies recurrently experience data breaches. Although as RoboDebt revealed, they often stick to denial. Universities are also often wide open to data breaches.

Proponents of the plan argue privacy can be protected through robust de-identification, in other words removing the ability to identify specific individuals. However, research has recurrently shown “de-identification” is no silver bullet.

Most bodies don’t recognise the scope for re-identification of de-identified personal information and lots of sharing will emphasise data matching.

Be careful what you ask for

Sharing may result in social goods such as better cities, smarter government and healthier people by providing access to data (rather than just money) for service providers and researchers.

That said, our history of aspirational statements about privacy protection without meaningful enforcement by watchdogs should provoke some hard questions. It wasn’t long ago the government failed to prevent hackers from accessing sensitive data on more than 200,000 Australians.

It’s true this bill would ostensibly provide transparency, but it won’t provide genuine accountability. It shouldn’t be taken at face value.

This article is republished from The Conversation under a Creative Commons license. Read the original article.

National security is like sausage-making. We might enjoy the tasty product, but want to look away from the manufacturing.

Recent news that Chinese company Zhenhua Data is profiling more than 35,000 Australians isn’t a surprise to people with an interest in privacy, security and social networks. We need to think critically about this, knowing we can do something to prevent it from happening again.

Reports indicate Zhenhua provides services to the Chinese government. It may also provide services to businesses in China and overseas.

The company operates under Chinese law and doesn’t appear to have a presence in Australia. That means we can’t shut it down or penalise it for a breach of our law. Also, Beijing is unlikely to respond to expressions of outrage from Australia or condemnation by our government – especially amid recent sabre-rattling.

Zhenhua is reported to have data on more than 35,000 Australians – a list saturated by political leaders and prominent figures. Names, birthdays, addresses, marital status, photographs, political associations, relatives and social media account details are among the information extracted.

It seems Zhenhua has data on a wide range of Australians, including public figures such as Victorian supreme court judge Anthony Cavanough, Australia’s former ambassador to China Geoff Raby, former NSW premier and federal foreign affairs minister Bob Carr, tech billionaire Mike Cannon-Brookes and singer Natalie Imbruglia.

It’s not clear how individuals are being targeted. The profiling might be systematic. It might instead be conducted on the basis of a specific industry, academic discipline, public prominence or perceived political influence.

It’s unlikely Zhenhua profiles random members of the public. That means there’s no reason for average citizens without a China connection to be worried.

Still, details around the intelligence gathering elude us, so best practise for the public is to maintain as much online privacy as possible, whenever possible.

Overall, we don’t know much about Zhenhua’s goals. And what we do know came from a leak to a US academic who sensibly fled China in 2018, fearing for his safety.

Pervasive surveillance is the norm

Pervasive surveillance is now a standard feature of all major governments, which often rely on surveillance-for-profit companies. Governments in the West buy services from big data analytic companies such as Palantir.

Australia’s government gathers information outside our borders, too. Take the bugging of the Timor-Leste government, a supposed friend rather than enemy.

How sophisticated is the plot?

Revelations about Zhenhua have referred to the use of artificial intelligence and the “mosaic” method of intelligence gathering. But this is probably less exciting than it sounds.

Reports indicate much of the data was extracted from online open sources. Access to much of this would have simply involved using algorithms to aggregate targets’ names, dates, qualifications and work history data found on publicly available sites.

The algorithms then help put the individual pieces of the “mosaic” together and fill in the holes on the basis of each individual’s relationship with others, such as their as peers, colleagues or partners.

Some of the data for the mosaic may come from hacking or be gathered directly by the profiler. According to the ABC, some data that landed in Zhenhua’s lap was taken from the dark web.

One seller might have spent years copying data from university networks. For example, last year the Australian National University acknowledged major personal data breaches had taken place, potentially extending back 19 years.

This year there was also the unauthorised (and avoidable) access by cybercriminals to NSW government data on 200,000 people.

While it may be confronting to know a foreign state is compiling information on Australian citizens, it should be comforting to learn sharing this information can be avoided – if you’re careful.

What’s going on in the black box?

One big question is what Zhenhua’s customers in China’s political and business spheres might do with the data they’ve compiled on Australian citizens. Frankly, we don’t know. National security is often a black box and we are unlikely ever to get verifiable details.

Apart from distaste at being profiled, we might say being watched is no big deal, especially given many of those on the list are already public figures. Simply having an AI-assisted “Who’s Who” of prominent Australians isn’t necessarily frightening.

However, it is of concern if the information collected is being used for disinformation, such as through any means intended to erode trust in political processes, or subvert elections.

For instance, a report published in June by the Australian Strategic Policy Institute detailed how Chinese-speaking people in Australia were being targeted by a “persistent, large-scale influence campaign linked to Chinese state actors”.

Deep fake videos are another form of subversion of increasing concern to governments and academics, particularly in the US.

Can we fix this?

We can’t make Zhenhua and its competitors disappear. Governments think they are too useful.

Making everything visible to state surveillance is now the ambition of many law enforcement bodies and all intelligence agencies. It’s akin to Google and its competitors wanting to know (and sell) everything about us, without regard for privacy as a human right.

We can, however, build resilience.

One way is to require government agencies and businesses to safeguard their databases. That hasn’t been the case with the NSW government, Commonwealth governments, Facebook, dating services and major hospitals.

In Australia, we need to adopt recommendations by law reform inquiries and establish a national right to privacy. The associated privacy tort would incentivise data custodians and also encourage the public to avoid oversharing online.

In doing so, we might be better placed to condemn both China and other nations participating in unethical intelligence gathering, while properly acknowledging our own wrongdoings in Timor-Leste.

This article is republished from The Conversation under a Creative Commons license. Read the original article.

More specifically, this merger is a test of regulators’ resolve to analyse the effects on competition of a tech giant acquiring a vast amount of highly valuable data through a takeover. Google could exploit Fitbit’s exceptionally valuable health and location datasets, and data collection capabilities, to strengthen its already dominant position in digital markets such as online advertising. Google could also use Fitbit’s data to establish a commanding position in digital and related health markets, depriving competitors of the ability to compete effectively. This would reduce consumer welfare (including degrading data privacy options), limit innovation and raise prices.

Past experience shows that regulators must be very wary of any promises made by merging parties about restricting the use of the acquisition target’s data. Regulators must assume that Google will in practice utilise the entirety of Fitbit’s currently independent unique, highly sensitive data set in combination with its own, particularly as this could increase its profits, or they must impose strict and enforceable limitations on data use.

Wearable devices could replace smartphones as the main gateway to the internet, just as smartphones replaced personal computers. Google’s expansion into this market, edging out other competitors would thus be significant. Wearables like Fitbit’s could in future give companies details of essentially everything consumers do 24/7 and allow them to feed digital services back to consumers. The way wearables are being used to track COVID-19 infections and give access to doctors and health information is a timely illustration of this. Although, perhaps justified, subject to strong safeguards, in a public health emergency, the exploitation of such data in a commercial context is an important concern that demands close scrutiny by regulators both for its anticompetitive effects (where huge bundles make it near-impossible for entrants to compete against incumbents) and anti-consumer effects (creating ever bigger bundles that undermine consumer choice).

The acquisition of Fitbit could expand Google’s immense power in digital markets into the $8.7 trillion global healthcare market1through its strength in data and data analytics. Google has already made significant inroads into healthcare. Regulators must carefully assess the proposed deal’s implications for innovation and its potential to undermine the ability of companies to bring new products to consumers in the area of digital healthcare.

The results of unfortunate merger control decisions in the past have likely contributed to the rise of tech giants. Subsequent concerns now have to be addressed through more costly and lengthy ex-postantitrust enforcement proceedings and other competition interventions. Such harms to consumers are far better prevented than cured. Therefore, before deciding whether this takeover can proceed or not, regulators must carefully analyse its full implications for consumers and consider its potential for far-reaching and dynamic effects on digital and health markets.

Signatory Organisations

• AccessNow, EU
• Australian Privacy Foundation, Australia
• BEUC –The European Consumer Organisation, EU
• Centerfor Digital Democracy, US
• Centre for Responsible Technology, Australia
• Color of Change, US
• Consumer Federation of America, US
• Derechos Digitales, Latin America
• EDRi (European Digital Rights), EU
• Idec – Brazilian Institute of Consumer Defense, Brazil
• New America’s Open Technology Institute, US
• Omidyar Network, US
• Open Markets Institute, US
• Open Society European Policy Institute, EU
• Privacy International (PI), Global
• Public Citizen, US
• Public Interest Advocacy Centre, Canada
• Public Knowledge, US
• Red en Defensa de los Derechos Digitales (R3D), Mexico
• Trans-Atlantic Consumer Dialogue, EU-US

Download the media release:

Consumer and Citizen Groups Have Serious Concerns About Google Fitbit Takeover – Common Statement

Unless you take action to remove yourself from the My Health Record (MHR) system, the federal government will make a digital copy of your medical record, store it centrally, and, as the default, provide numerous people with access to it.

If you don’t opt out during this period and later choose to cancel your record, you will no longer be able to access that record but the government will continue to store it until 30 years after your death. You will need to trust that it will not be breached.

There are three main problems with the MHR scheme.

1. It can’t be relied upon as a clinical record

Contrary to what many Australians may believe, MHR is not a clinically-reliable medical record, and was not designed to be. It is not up-to-date and comprehensive. As the Office of the Australian Information Commissioner (OAIC) points out:

The My Health Record system contains an online summary of a patient’s key health information; not a complete record of their clinical history.

If, for example, a doctor were treating a child in an emergency, the doctor could not rely on an MHR to know what medications the child has been prescribed up to that date. In an emergency, an unreliable record is a distraction, not a help.

Many doctors have in fact objected to the incompleteness and lack of utility of the MHR. A recent poll on the AMA’s doctors portal suggests 76% of respondents think the MHR will not improve patient outcomes while 12% think it will.

Notwithstanding this fundamental deficiency, the government is pushing ahead with an inherently risky scheme.

2. It creates a security risk

If you read the very long (7,800 words) privacy policy for MHR, you’ll see that the Australian Digital Health Agency (ADHA) itself states there are risks from the online transmission and storage of our personal information in this system.

Health data is prized by hackers

We have witnessed a stream of health data breaches in Australia and overseas, and the incentives for these breaches are only increasing.

Storing records digitally with online access greatly increases their accessibility for criminals, hackers and snoopers. Health records are valuable as a means of identity theft due to the wealth of personal information they contain. They are a huge prize for hackers, fetching a high price on the Dark Web.

You won’t know who has seen it

It won’t just be your doctor who has access to this centralised digital record of your personal health information. The default position is that numerous people will have access – doctors, pharmacists, physiotherapists, nurses, and unidentified staff of various organisations.

MHR’s access-logging system does not track which individuals are accessing records, only institutions, which means you won’t be able to tell who has seen it. Even without a technical hack, that will make it almost impossible to keep your information secure in this system.

De-identification is risky

The government is also planning to allow access to your health information for research purposes by “de-identifying” your information. That means the data should not be able to be linked to a particular individual.

But the national government has a bad record for successfully de-identifying health information.

In 2016, the government released a data set that included information on a large number of patients spanning 30 years. It was meant to be de-identified.

IT researchers at Melbourne University quickly demonstrated it could be re-identified and linked to the individuals concerned. Such re-identification risk will only grow, as data sets proliferate and tools get smarter.

Third-party access jeopardises security

MHR also permits external health apps to access your records. According to the legislation, this should only be done with your consent.

Unfortunately, and predictably, health apps are already securing “consent” through obscure, standard form contracts so you might not be aware the app owner could sell your sensitive medical information to others.

Last month, the ABC revealed one such health app (HealthEngine) was selling patient information to law firms, so patients with serious conditions and injuries were contacted repeatedly by strangers pushing them to pursue legal claims. Many didn’t know how their sensitive medical information was revealed.

The ADHA’s website has published a report on the woefully inadequate privacy policies of mental health apps, and yet these apps might be authorised to access your MHR data with your supposed consent.

3. An ‘opt-out’ scheme goes against best practice

Critically, the opt-out consent mechanism for MHR flies in the face of global best practice for informed consent – and our own federal privacy regulator’s guidelines on the sort of consent necessary for use of health information.

Consent for use of personal information should be express, fully informed, easy to understand, and should require action on the part of the individual.

MHR disregards all of those principles.

MHR does not seek your express consent. Instead, if you do not take the necessary steps before 15 October, your health records will automatically be copied, stored and shared.

You will also not be fully informed. There will be no national television, radio or print media campaign to advertise the MHR scheme, which many Australians have misunderstood in the past. The government will not even send you a letter to tell you about this scheme, let alone its very serious risks.

By contrast, the OAIC says organisations seeking individual consent to use personal information should generally:

… ensure that an individual is properly and clearly informed about how their personal information will be handled, so they can decide whether to give consent.

and:

… seek express consent from an individual before handling the individual’s sensitive information, given the greater privacy impact this could have.

Even if implied consent were acceptable (and it is not), the OAIC states further that an organisation:

… should not assume that an individual has consented to a collection, use or disclosure that appears to be advantageous to that person. Nor can an entity establish implied consent by asserting that if the individual knew about the benefits of the collection, use or disclosure, they would probably consent to it.

The time to opt-out is now

MHR is likely to create very limited benefits for many, if not most, Australians. It creates unacceptable security risks for our most sensitive personal information. And the government’s method of obtaining “consent” goes against international best practice.

If the MHR scheme were properly advertised, fully explained and Australians given a choice whether to opt-in, Australians could make an informed choice about whether the limited benefits justify the substantial risks to their sensitive information.

Those concerned about the security of their health information will need to take steps now to remove themselves from the MHR system.

This article has been updated to reflect that the ADHA report on the privacy policies of health apps focused on mental health apps.

This article was originally published on The Conversation. Read the original article.

Australians need better privacy protection. They can get that without a lot of pain, money or fuss. The Australian Privacy Foundation – on behalf of all Australians – calls on the national Government to act without delay. The trainwrecks are going to keep happening until organisations are persuaded that they must be responsible.

You don’t need to leave Facebook (although many are doing so). You don’t need to despair about privacy. You do need to tell your MP and Senators that enough is enough.

A good start for fixing Australian law is to introduce the privacy tort that has been recommended by a succession of law reform bodies. The tort enables people whose privacy has been wrongly disregarded to take the offender to court and gain compensation. There’s nothing like the prospect of being shamed and handing over money to persuade lazy big business and arrogant government.

Another start is to strengthen the national Privacy Commissioner. It’s taken 15 days for the OAIC to move in response to this privacy trainwreck. It’s an under-resourced and timid agency that responds slowly and weakly whenever there’s a problem. In a world where Facebook and other businesses disregard their responsibilities it’s time to put a tiger in the privacy tank. Time for the Commissioner to do what Australians expect it to do: Protect everyone from abuses. Carry a big stick (and use it, quickly, on big cheaters who don’t respond to anything less).

We can look overseas, where the New Zealand Privacy Commissioner has strongly condemned Facebook for disregarding New Zealand privacy law. New Zealand isn’t frightened of the biggest bully on the social media block. Nor should we. Problems are going to keep happening until we do something to prevent them.

Facebook makes money in Australia. Lots of money. It makes money using the friendliness, interest and curiosity of people like you. The Australian Privacy Foundation is happy for Facebook and its competitors to make money. It insists, however, that Facebook takes care with information about Australians.

The scale of Facebook’s breach of the public trust is still not yet fully known. First we were told that 50 million users data had been harvested. NThen we’re told the figure is closer to 87 million, including over 300,000 Australians. What figure will we be told next week, when Zuckerberg testifies before the US Congress? Now we hear it could be thousands of millions who were exposed to the deliberate flaws that allowed capture and exfiltration by third parties, with who knows how many Australians affected.

It’s time for Facebook to recognise that it is a custodian rather than owner of data. That recognition involves a meaningful acknowledgement of wrongdoing when it has failed in its duty as a responsible custodian. It also requires regulators and politicians to say enough is enough.

Contacts:

A commitment to share the biometric data of most Australians – including your driving licence photo – agreed at Thursday’s Council of Australian Governments (COAG) meeting will result in a further erosion of our privacy.

That sharing is not necessary. It will be costly. But will it save us from terrorism? Not all, although it will give people a false sense of comfort.

Importantly, it will allow politicians and officials to show that they are doing something, in a climate where a hunt for headlines demands the appearance of action.

Your biometric data

Biometric data used in fingerprint and facial recognition systems is indelible. It can be used in authoritative identity registers, featured on identity documents such as passports and driver licences.

It can be automatically matched with data collected from devices located in airports, bus and train stations, retail malls, court buildings, prisons, sports facilities and anywhere else we could park a networked camera.

Australia’s state and territory governments have built large biometric databases through registration of people as drivers – every licence has a photograph of the driver. The national government has built large databases through registration for passports, aviation/maritime security and other purposes.

Irrespective of your consent to uses beyond those for which the picture was taken, the governments now have a biometric image of most Australians, and the ability to search the images.

COAG announced that the governments will share that data in the name of security.

Sharing data with who?

Details of the sharing are very unclear. This means we cannot evaluate indications that images will be captured in both public and private places. For example, in retail malls and libraries or art galleries – soft targets for terrorism – rather than in streets and secure buildings such as Parliament House.

Prime Minister Malcolm Turnbull has responded to initial criticism by clarifying that matching will not involve “live” CCTV.

But the history of Australian surveillance law has been a matter of creep, with step-by-step expansion of what might initially have been an innocuous development. When will law enforcement agencies persuade their ministers to include live public or private CCTV for image matching?

We cannot tell which officials will be accessing the data and what safeguards will be established to prevent misuse. Uncertainty about safeguards is worrying, given the history of police and other officials inappropriately accessing law enforcement databases on behalf of criminals or to stalk a former partner.

The sharing occurs in a nation where Commonwealth, state and territory privacy law is inconsistent. That law is weakly enforced, in part because watchdogs such as the Office of the Australian Information Commissioner (OAIC) are under-resourced, threatened with closure or have clashed with senior politicians.

Australia does not have a coherent enforceable right to privacy. Instead we have a threadbare patchwork of law (including an absence of a discrete privacy statute in several jurisdictions).

The new arrangement has been foreshadowed by governments over several years. It can be expected to creep, further eroding privacy and treating all citizens as suspects.

Software and hardware providers will be delighted: there’s money to be made by catering to our fears. But we should be asking some hard questions about the regime and questioning COAG’s statement.

Let’s avoid a privacy car crash

Will sharing and expansion of the biometric network – a camera near every important building, many cameras on every important road – save us from terrorism? The answer is a resounding no. Biometrics, for example, seems unlikely to have saved people from the Las Vegas shooter.

Will sharing be cost effective? None of the governments have a great track record with major systems integration. The landscape is littered with projects that went over budget, didn’t arrive on time or were quietly killed off.

Think the recent Census and Centrelink problems, and the billion dollar bust up known as the Personally Controlled Electronic Health Record.

It won’t be improved by a new national ID card to fix the Medicare problem.

Is the sharing proportionate? One answer is to look at experience in India, where the Supreme Court has comprehensively damned that nation’s ambitious Aadhaar biometric scheme that was meant to solve security, welfare and other problems.

The Court – consistent with decisions in other parts of the world – condemned the scheme as grossly disproportionate: a disregard of privacy and of the dignity of every citizen.

Is sharing likely to result in harms, particularly as the biometric network grows and grows? The answer again is yes. One harm, disregarded by our opportunistic politicians, is that all Australians and all visitors will be regarded as suspects.

Much of the data for matching will be muddy – some street cameras, for example, are fine resting places for pigeons – and of little value.

As with the mandatory metadata retention scheme, the more data (and more cameras) we have the bigger trove of indelible information for hackers. Do not expect the OAIC or weak state privacy watchdogs (which in some jurisdictions do not exist) to come to the rescue.

As a society we should demand meaningful consultation about official schemes that erode our rights. We should engage in critical thinking rather than relying on headlines that reflect political opportunism and institutional self-interest.

The incoherent explanation and clarifications should concern everyone, irrespective of whether they have chosen to be on Facebook – and even if they have nothing to hide and will never be mistaken for someone else.

This article was originally published on The Conversation. Read the original article.

In the future, people are going to be just a little bit cyborg. We’ve accepted hearing aids, nicotine patches and spectacles, but implanted medical devices that are internet-connected present new safety challenges. Are Australian regulators keeping up?

A global recall of pacemakers has sparked new fears and splashy headlines about hacked medical devices. But the next 20 years of medicine will normalise the use of intelligent implants to control pain, provide data for diagnostic purposes and supplement ailing organs, which means we need proper security as well as access in case of emergency.

Pharmaceuticals and medical devices in Australia are regulated by the Therapeutic Goods Administration (TGA), an arm of the national Health Department.

Can we rely on Australia’s medical devices regime? Recurrent criticisms by parliamentary committees and government inquiries suggest the regulator may be struggling.

The job of the TGA

The TGA regulates medical devices such as stents, pacemakers, joint implants, breast implants, and the controversial vaginal mesh that has featured recently in the media (and a Senate inquiry) over claims it seriously injured patients.

The role of the TGA is vital, because defective devices can result in injury or death. They have a major cost for the public health system and affect patient quality of life. They often result in litigation, sometimes with billion-dollar settlements.

In undertaking its mission, the TGA looks to information from manufacturers and distributors, from overseas regulators and its own staff.

Like counterparts such as the US Food and Drug Administration, TGA staff are under pressure to get products into the marketplace and reduce “red tape”.

The TGA and cybersecurity

Wireless medical devices need greater security than, say, an internet-connected fridge. It is axiomatic that they must work.

We need to ensure that information provided by the devices is safeguarded and that control of the devices – implantable or otherwise – is not compromised.

To do that, we can use existing tools such as robust passwords, encryption and systems design. It also requires product vendors and practitioners to avoid negligence. Regulators must proactively foster and enforce standards.

Put simply, bodies like the TGA need to deal with software rather than simply bits of metal and plastic. It is unclear whether the TGA has the expertise or means to do so.

Solutions, not panic

The past decade has seen a succession of inquiries into the TGA, including the 2015 Sansom Review and 2012 Senate PIP Inquiry. Each has demonstrated that the TGA is not always keeping up with its task.

Problems are ongoing: think defective joint implants, breast implants and vaginal mesh. But there are some potential paths towards improvement.

Accountability

One solution is to ensure the TGA is more accountable.

Currently, if someone wishes to bring a claim alleging a device was improperly permitted, the TGA has immunity from civil litigation about regulatory failure.

Removal of immunity will force it to focus on outcomes. That can be reinforced by giving it independence from the Department of Health, making it report direct to Parliament and ensuring the openness emphasised by the Pearce Inquiry.

Regulatory capture

Medical products regulation in Australia has been a matter of penny wise, pound poor. The TGA is funded by fees from the manufacturers and distributors that it regulates, in addition to some government funding.

It needs a discrete budget that recoups costs but is not dependent on companies that complain regulation is expensive. It needs enough resources to do its job well in the emerging age of the internet of things, including access to independent expertise regarding cybersecurity and devices.

A device register

How many devices have been implanted and how many removed? The lack of data about medical devices is a problem.

The government has so far not embraced recommendations for a comprehensive device register, one allowing timely identification of what was implanted and by whom.

Such a register would provide a means for determining problems with devices or medical practice. We need timely, consistent reporting of problems on a mandatory basis, as well as recall and transparent investigation of what went wrong.

Disclosure of interests

The inquiry into vaginal mesh revealed the WA Branch of Australian Medical Association had a financial interest in a device that may have seriously affected numerous women.

There must be full disclosure of such interests, with meaningful sanctions where disclosure has not been made. This requires action by the TGA, professional bodies and the government.

So, what about assassination by wireless pacemaker?

The cybersecurity of medical devices is a matter for everyone.

We need the TGA to work with manufacturers, distributors and health professionals to mandate best practice. Should, for example, manufacturers and practitioners ensure that implants do not rely on default passwords that are easily crackable? What about access by emergency services?

There is a fundamental need to develop and enforce a national safety standard regarding all wireless implants. For that we need thoughtful policy, not just headlines.

This article was originally published on The Conversation. Read the original article.