A new Australian Federal Government super ministry capable of deploying armed soldiers on our streets

“The first question to ask yourself is this: does handing Dutton that power sound like a good idea?” [journalist Katherine Murphy, The Guardian, 18 July 2017]

A new Australian Federal Government super agency capable of deploying armed soldiers on our streets? With a former Queensland police officer of no particular merit as its head?

What could possibly go wrong with a rigid, far-right, professed ‘Christian’ property millionaire having oversight of a super portfolio which would reportedly bring together the Australian Security Intelligence Organisation (ASIO), the Australian Federal Police (AFP) Australian Border Force, Australian Criminal Intelligence Commission and AUSTRAC along with a database on ordinary citizens, ‘intellectuals’ and perfectly legal organisations, going back literally generations?

How long will it take before any industrial action or protest event would be quickly labelled as terrafret and armed soldiers sent to disperse people exercising their democratic right?

Australia’s been down that painful path before during the last 229 years and been the worse for it.

Turnbull at Holsworthy Barracks, Forbes Advocate,17 July 2017

“The measures I am announcing today will ensure that the ADF is more readily available to respond to terrorism incidents, providing state and territory police with the extra support to call on when they need it.”  

[Prime Minster Malcolm Turnbull, media release, Holsworthy NSW,17 July 2017]

The Sydney Morning Herald, 18 July 2017:

Malcolm Turnbull has confirmed a dramatic shake-up of Australia's security, police and intelligence agencies that will put Immigration Minister, Peter Dutton, in charge of a sprawling new Home Affairs security portfolio.

The department of Home Affairs will bring together domestic spy agency ASIO, the Australian Federal Police, the Australian Border Force, the Australian Criminal Intelligence Commission, AUSTRAC and the office of transport security and will be put together over the next year.

And Mr Turnbull has also announced the government would, in response to the 

L'Estrange review of Australia's intelligence agencies, establish an Office of National Intelligence and that the Australian Signals Directorate will also be established as an independent statutory authority. 

The new Office of National Intelligence will co-ordinate intelligence policy and is in line with agencies in Australia's "Five Eyes" intelligence partners in the US, Britain, Canada and New Zealand…..

The changes are to be finalised by June 30, 2018 - subject to approval of the National Security Committee of Cabinet -  with Mr Dutton to work with Senator Brandis in bedding down the changes.

Senator Brandis will lose responsibility for ASIO under the changes but, crucially, retain sign-off power on warrants for intelligence agency. 

Mr Turnbull said the Attorney-General's oversight of Australia's domestic security and law enforcement agencies would be strengthened, with the Inspector-General of Intelligence and Security and the independent national security legislation monitor moving into his portfolio. 

The Prime Minister said Australia needed these reforms "not because the system is broken, but because our security environment is evolving quickly…..

The Sydney Morning Herald, 17 July 2017:

However that L'Estrange review – part of a routine reassessment of national security arrangements – is understood not to specifically recommend such a super-portfolio.

Mr Turnbull has been dropping strong hints lately that he is inclined to make a significant change, rejecting what he's branded a "set and forget" policy on national security and warning that Australia must keep up with an evolving set of threats from terrorism to foreign political influence.

Security and intelligence agencies themselves are also believed to have concerns about such a change, while some former intelligence heads have publicly said they do not see any need for change.

However, a well-placed source in the intelligence community said a Home Affairs office - as opposed to a US-style Department of Homeland Security - was the preferred options for police and intelligence agencies.

That was because a Home Affairs department would potentially be broader, including agencies such as the Computer Emergency Response Team, the Australian Cyber Security Centre, Crimtrac, the Australian Criminal Intelligence Commission and the new Critical Infrastructure Centre, rather than just police and intelligence agencies.

The Guardian, 18 July 2017:

Peter Jennings, the executive director of the Australian Strategic Policy Institute, put it well on Tuesday when he said any “grit” in the Dutton/Brandis relationship could be problematic for intelligence operations, which is obviously problematic for all of us, given we rely on the efficiency of the counter-terrorism framework to keep us safe.

So we’d better hope for the best, to put it mildly.

We’d also better hope it’s a good use of the time of our intelligence services and public servants to nut out how the Big Idea is going to work in practice, which will be a reasonably complex task, at a time when these folks already have a serious day job.

Recapping that specific day job again: trying to disrupt national security threats, in a complex environment. Pretty busy and important day job, that one.

It’s cartoonish to say this is all about the prime minister rewarding old mate Dutton, on the basis you keep your friends close, and your (potential) enemies closer.

Nothing is ever that simple outside a House of Cards storyboard– although it remains an irrefutable fact that Dutton wanted this to happen, and if Dutton really wanted it to happen, it would have been difficult for Turnbull, in his current position, to say no.

The Australian, 19 July 2017:         

The pressure points lie in the risk calculations that link intelligence to response. In a liberal democracy, we rightly demand high certainty of the intention to carry out an act of violence before we are comfortable with our security services pre-emptively taking someone off the streets. Usually when an attack happens, here or in the US or Europe, it’s because the calibration of risk hasn’t worked. It’s not because security services weren’t concerned about an individual’s beliefs and actions or couldn’t find him.

For those of us without access to national security data, the evidence suggests that Australia does these important risk calculations relatively well. Our list of foiled terrorist attacks is quite a bit longer than the list of attacks. The reason for this is the national security structures we have evolved: the combination of separate national security agencies, each with highly developed specialist capabilities and slightly different cultures and perspectives, working in close, 24/7 collaboration.

When calculating risk, separation and diversity are a strength because they build contestation, careful deliberation and stress testing into the system. Britain, the US, France and Belgium have chosen more centralised structures, and the evidence is that their systems do not work as well as ours. Bringing our highly effective agencies into a super-department cannot help but disrupt their inner structures and cultures. Such enterprises inevitably lose sight of the goal — keeping Australians safe — as they become driven by the desire for efficiencies and cultural homogenisation, and the urge for bureaucratic tidiness. Look no further than the creation of the Department of Immigration and Border Protection, a process that has consumed enormous amounts of resources in reconciling two incompatible cultures, with no apparent benefits and a list of embarrassing blunders.

Creating one security super-department places a major imperative on the government to get everything right, first time. Separate but closely collaborating security agencies create a powerful check against underperformance: a struggling agency or a leader who’s not up to it are spotted and called out quickly. But underperformance in a federation-style conglomerate is not so easy to see and to call out. And in the meantime, it’s the safety of Australians that will be the price for underperformance.

If the Turnbull government were serious about national security, it would not engage in evidence-free experimentation with our national security. It should instead be building on what’s working well and making it even stronger. We need better co-ordination and cross agency connectivity, not big-bang organisational redesign.

We should be getting these sorts of issues right in a system that is working, rather than indulging in the risk-riddled gesture politics of a grand restructure.

Michael Wesley is professor of international affairs and dean of the College of Asia and the Pacific at the Australian National University.

Would you trust these men with your personal health information?

The darknet vendor says they are “exploiting a vulnerability which has a much more solid foundation which means not only will it be a lot faster and easier for myself, but it will be here to stay. I hope, lol.” [The Guardian, 4 July 2017]

Left to Right: Minister for Human Services and Liberal MP for Aston, Alan Tudge

& Minister for Health and Liberal MP for Flinders, Greg Hunt

These two federal politicians have portfolio responsibility for some of the largest government databases in Australia.

One has portfolio responsibility for those sensitive e-health records which are due to be rolled out nationally on an opt-out basis by 2020.

This is how secure your personal information is on their watch…….

The Sydney Morning Herald, 4 July 2017:

The Australian Federal Police is investigating reports Australians' personal Medicare details are being accessed and sold on the dark web, an apparent breach that has been labelled an "internet catastrophe".

According to a Guardian Australia report, an online vendor can pull up the full Medicare card details of any Australian on request — and is selling them for around $30 each — indicating a security hole somewhere in the health system.

Human Services Minister Alan Tudge said the government was taking the matter seriously. 

The sales are reportedly listed on an undisclosed dark web marketplace, in which the vendor claims to be "exploiting a vulnerability" in order to run software that pulls the data. The vendor calls it "the Medicare Machine".

"Leave the first and last name, and DOB of any Australian citizen, and you will receive their Medicare patient details in full", the listing says, adding that the nature of the security hole being utilised means the vendor will be "here to stay".

In a statement, Mr Tudge said any authorised access to Medicare card numbers was "of great concern" and his department was also conducting its own investigation. 

Medicare's database was always a honeypot waiting to be exploited once governments embraced data matching, data retention and data sharing with much enthusiasm but little understanding.

Once someone decides they want your Medicare details ID theft is now just 0.0089 bitcoin away - as is your abusive former spouse/partner or that anonymous stalker or Internet troll that has been making your life a misery.

UPDATE

Anthony Baxter, 4 July 2017:

You supply the person with name, date of birth and gender and around $30 of Bitcoin they'll give you the person's Medicare number. This is pretty bad, as it allows idemtity thieves to forge them - a Medicare card is usually worth 25 points on the standard 100 point ID check here. The AU govt had no idea this was happening until the journo from The Guardian let them know.

It turns out there's a portal that any health care provider can use to look up Medicare numbers this way. In case you've lost your card or whatever. Likely it's someone who works for one of them selling access, or someone's popped a PC there (more on that to come).

When asked, the relevant government minister (the same guy who presided over the Census fuckup last year (update: I misremembered, that was a different clown), the accidental publishing of PBS data that was poorly deidentified and the ongoing Centrelink robodebt nightmare) claimed it's OK because you can't get access to someone's medical records through the shiny new online electronic health records system with just a Medicare number. Aside from ignoring the ID theft issue there's a liiiiiittle bit of an issue here.

Guess what information you need along with the Medicare number to pull someone's medical records? Did you guess "name, date of birth and gender"? Collect your prize.

According to https://www.itnews.com.au/news/govt-blames-medicare-card-breach-on-traditional-crims-467502 the folks who did the Privacy Impact Assessment on the electronic health records system were told it would be secure because you needed Medicare number as well as name/DOB/gender and weren't told you could use the latter to look up the former.

It Gets Worse.

In theory you can only look up this stuff from a secure endpoint, with a client side certificate installed. Which in practice means maybe 20K PCs scattered across every doctors office in the country. Worse still, many of these client certs were originally sent out via unencrypted email, and a nontrivial number were "lost". And you reckon all or even a significant fraction of these 20K boxes are running modern Windows with up to date patches? Me neither. I can't count the number of times I've been left alone in a room with an unlocked doctor's PC while he went to check something.

It (Incredibly) Gets Even Worse.

They have a Two Factor Auth system which doctors are supposed to use. One of the ways to get the 2FA key is, and I wish I was joking here, email.

So get access to a box running some XP/Win7 version that's ludicrously unpatched that's also logged into the doctors email, collect health care records. Australian government cannot computer.

At the moment the electronic health records thing is opt-in, at some point next year they'll be moving to an opt-out scheme with a window to opt-out. There's an email form here https://myhealthrecord.gov.au/internet/mhr/publishing.nsf/content/home where you can sign up to be notified when the window to opt the hell out is opened and I urge everyone to do so ASAP.

UPDATE

The Sydney Morning Herald, 5 July 2017:

The federal government was warned more than three years ago of security deficiencies surrounding personal Medicare data, with the Department of Human Services told it was not fully complying with spy agency rules.

Questioning the department's ability to keep the data safe from "security threats from external and internal sources", the government auditor made a series of recommendations in April 2014 but it is unclear if they were fully implemented.

The American Resistance has many faces and here are just seventeen of them (8)

According to the American Civil Liberties Union (ACLU):

In April 2017…. President Trump signed a law overturning strong, commonsense privacy rules that gave consumers control over what internet service providers (ISPs) could do with their data. The rules that were overturned would have prevented ISPs from sharing our browsing history with advertisers, forced ISPs to be clear about what information they’re collecting, and required ISPs to take reasonable steps to protect our data from hackers.

The response from many states was almost instantaneous. State legislators around the nation are now considering laws to restore the privacy protections that Congress and President Trump eviscerated……..

ALASKA

States where legislation has been introduced

Alaska’s HB 232, and the similar HB 230, prevents ISPs that do business within the state from collecting the personal information from customers without express, written consent. It also prevents ISPs from conditioning service on a customer giving them consent to collect personal information.

HAWAII

States where legislation has been introduced

A proposed version of Hawaii’s SB 1201 prevents ISPs that do business within the state from collecting the personal information from customers without express, written consent. It also prevents ISPs from conditioning service on a customer given them consent to collect personal information. However, the current version of the legislation does not include any privacy language.

KANSAS

States where legislation has been introduced

Kansas’s HB 2423 prevents ISPs that do business within the state from collecting or otherwise storing the personal information from a resident of Kansas without express, written consent. It also prevents ISPs from refusing to provide their service to a resident of Kansas who has not given approval for the collection, storage or sale of their personal information.

MAINE

States where legislation has been introduced

Maine’s LD 1610 prohibits an ISP from using, disclosing, selling, or permitting access to a customer’s personal information without express, affirmative consent (absent certain emergency and other exceptions). The bill defines personal information as including web browsing history, app usage, and precise geolocation information, among other sensitive types of data. It prohibits conditioning the sale of a service, or changing a penalty for that service, if a customer does not provide consent. The bill also requires ISPs to take reasonable measures to protect customer’s personal information against unauthorized use, disclosure or access.

MARYLAND

States where legislation has been introduced

A bill was introduced just six days before the end of the legislative session and failed to pass through Maryland’s state legislature, SB 1200, due to the lack of time to consider the issue. It would have prohibited ISPs from selling or transferring a customer’s personally identifying information—which includes browsing history and IP address—for marketing purposes without affirmative consent from the customer (absent certain legal exceptions). It would have prevented ISPs from showing ads to customers from the ISP based on the customer’s browsing history, without affirmative permission. The bill would have prevented ISPs from conditioning service on a customer giving them consent to collect personal information. And the bill would have required the state’s Joint Committee on Cybersecurity, Information Technology, and Biotechnology to monitor enforcement of the act and provide recommendations on future changes needed to the law.

MASSACHUSETTS

States where legislation has been introduced

There are several internet privacy bills pending in Massachusetts. HB 3698 prohibits an ISP from collecting, using, disclosing, or permitting access to a customer’s sensitive propriety information without opt-in consent (absent certain emergency and other circumstances). Sensitive proprietary information includes financial and health information, information about children, precise geolocation, browsing history, and app usage, among others. The bill also requires that ISPs disclose, at the point of sale or during significant changes to their practices, the types of information the ISP wishes to collect, the purposes for which it would use the information, and the types of third-parties who would receive the information when asking the customer for opt-in consent.

S 2062 would prohibit ISPs from collecting, using, disclosing or permitting third-party access to a customer’s proprietary information, which includes web browsing history and app usage, without affirmative consent (absent certain emergency and other exceptions). It also requires the ISP to ask for opt-in approval when material changes are made to the company’s privacy policy, and it requires that customers be given a conspicuous notice of what information is collected, the purpose for which it would be disclosed, and the type of third-party it would be disclosed to. It also prohibits conditioning the sale of a service, or changing a penalty for that service, if a customer does not provide consent.

MINNESOTA

States where legislation has been introduced

A number of similar broadband privacy amendments were attempted in Minnesota. HF 2209 has a provision that prevents ISPs that do business within the state from collecting the personal information from customers without express, written consent. HF 2579, HF 2606, and HF 2309 have the same language but also prohibit conditioning the sale of a service on a customer given them consent to collect personal information.

NEBRASKA

States where legislation has been introduced

LR 136, designates the Transportation and Telecommunications Committee to conduct an interim study of the effects of the overturning of the FCC’s broadband privacy rule. If the study concludes that repeal of the rule does impact the privacy of Nebraskans, it may consider state legislative and administration options to restore privacy protections to consumers. The bill was introduced with bi-partisan support.

NEW HAMPSHIRE

States where legislation has been introduced

An amendment to HB 305, which was not adopted, prohibited ISPs from using, disclosing, selling or permitting access to a customer’s personal information without affirmative consent (absent certain emergency and other exceptions). The amendment defined personal information as the content of communications, demographic information, browsing history, financial and health information, information pertaining to children, app usage, and precise geolocation, among others. The amendment also required ISPs to take reasonable steps to protect customer personal information from unauthorized use, disclosure, or access.

NEW JERSEY

States where legislation has been introduced

SB 3156 requires ISPs to keep their customer’s personally identifiable information—which includes browsing history and precise geolocation—confidential unless the customers provide affirmative consent. It also provides that ISP give written notice of this requirement to each customer. The provisions of the bill do not apply to investigations undertaken pursuant to the “New Jersey Wiretapping and Electronic Surveillance Control Act. Importantly, an ISP cannot refuse to offer internet service to customers simply because the customer does not consent to disclosure of personal information.

AB 3027 instructs the Board of Public Utilities, in consultation with the Division of Consumer Affairs and the Department of Law and Public Safety, to undertake a public awareness campaign to promote consumer understanding of ISP’s information disclosure practices. The campaign would include information about state and federal privacy laws, the circumstances under which ISPs can disclose customer information, and guidance for how consumers can access and understand the privacy policies of ISPs. The bill does not specifically address how the campaign will be clear and accessible to the public.

NEW YORK

States where legislation has been introduced

New York has the most currently pending bills of any state. A 7191 and S5603 prohibit any ISP that do business within the state from collecting or disclosing a customer’s personal information—which includes browsing history and the contents of data-storage devices—without affirmative consent . However, the bills have a number of exceptions for the consent requirement, including provisions that would allow law enforcement to access customer data without a warrant. The bills also require ISPs to take reasonable data security steps and provide a cause of action for ISP violations of its provisions.

A 7236 and S 5576 require ISPs to obtain affirmative consent from a customer prior to using, sharing or selling that customer’s sensitive information, which includes browsing history, financial and medical data, biographical data, the content of communications, and internet usage. Non-sensitive data, which includes aggregate data or subscription data, does not require consent for disclosure. The bills also require ISPs to provide customers with a copy of a privacy policy that includes: data collection and use practices; the ISP’s relationships with third-parties, the purposes for which the ISP collects data; and information for how consumers can exercise control over their privacy. Any ISP that violates the provisions would be guilty of a misdemeanor and subject to fines.

A 7495 and S 5516 require ISPs to keep confidential, unless given affirmatives consent, customer information including biographical information, browsing history, financial and health information, and information about political affiliation, among others. The ISP is also required to provide written notice of the requirements of the bill to each customer.

S 3367 requires ISPs to keep all customer information confidential unless affirmative consent is provided. The bill also creates a find of $500 per offense for any ISP found to be in violation.

OREGON

States where legislation has been introduced

HB 2090, which has been passed by the Oregon legislature, makes it a violation of that state’s consumer protections law for a company to engage in practices that are inconsistent with its stated privacy policy.

HB 2813 prohibits an ISP from disclosing, selling, or permitting access to a customer’s personal information without affirmative consent (absent certain emergency or other exceptions). The bill defines personal information to include demographic information, browsing history, app usage, the content of communications, information about finances, health or children, and precise geolocation, among others. The bill also prohibits an ISP from conditioning service on or charging a higher rate to customers that do not provide consent for their information to be used. The bill requires ISPs to take reasonable measures to protect customer personal information from unauthorized use, disclosure, or access. And the bill gives a private right of action against an ISP that discloses or sell their information in violation of the bill’s provisions.

RHODE ISLAND

States where legislation has been introduced

HB 6086 prevents ISPs that do business within the state from collecting the personal information from customers without express, written consent. It also prevents ISPs from conditioning service on a customer given them consent to collect personal information.

SOUTH CAROLINA

States where legislation has been introduced

HB 4154 prevents ISPs that do business within the state from collecting the personal information from customers without express, written consent. It also prevents ISPs from conditioning service on a customer given them consent to collect personal information.

WASHINGTON

States where legislation has been introduced

HB 2200, which has already passed the House twice, prohibits an ISP from selling or transferring a customer’s proprietary information, which includes communications content, browsing history, precise geolocation, and financial and health information, among others, without opt-in consent. The bill also prohibits an ISP conditioning service on a customer’s consent to use their proprietary information, and further must disclose the terms and conditions of any financial incentive provided to a customer that consents to having their information used by the ISP.

SB 5919 prevents ISPs that do business within the state from collecting the personal information from customers without express, written consent. It also prevents ISPs from conditioning service on a customer given them consent to collect personal information.

VERMONT

States where legislation has been introduced

HB 535 directs the Attorney General, in consultation with the Commissioner of Public Services to adopt privacy and data security rules for ISPs. SB 147 uses similar language, but also requires that the rules adopted include disclosure requirements for ISP privacy policies, opt-in or opt-out procedures for obtaining customer approval to use and share sensitive or non-sensitive customer propriety information, and data security and breach notification requirements.

SB 72 directs the Attorney General, in consultation with the Commissioner for Public Service and industry and consumer stakeholders, to submit a recommendation or draft legislation regarding whether and to what extent the state should adopt privacy and data security rules for ISPs.

WISCONSIN

States where legislation has been introduced

SB 233 prohibits an ISP from using, disclosing or permitting access to a customer’s proprietary information without affirmative consent (absent certain emergency and other exceptions). The bill defines proprietary information as the content of communications or information that relates to the quantity, technical configuration, type, destination, location, or amount of use of an ISP’s service. The bill also requires that ISP provide notice to consumers about how they collect and use their information and it requires reasonable data security practices and notification of data breaches.

Australia Card Mark 3: Surprise! Without justification we will be collecting biometric data to create one centralised identity for each and every one of you and we will be retaining your metadata for an indefinite period at our discretion

The Turnbull Government received the Commonwealth Digital Transformation Agency (DTA) preliminary report, Initial Privacy Impact Assessment (PIA) for the Trusted Digital Identity Framework (TDIF) Alpha, in December 2016.

The origin of this particular digital identity proposal was a recommendation by the Financial System Inquiry set up by then Treasurer Joe Hockey in December 2015, with an inquiry committee dominated by representatives of banks and the financial services sector.

This preliminary Privacy Impact Assessment is the latest step in establishing a single digital identity for each and every Australian citizen, with all the same privacy and security risks as the formerly proposed Australia Card and Access Card.

It is proposed that an individual’s digital identity information will initially be made available to federal government departments/agencies and later to state government departments/agencies that apply to join the TDIF.

As yet there is no underlying legal authority for the Trusted Digital Identity Framework, much of the security arrangements for this framework are apparently not yet developed and a full independent risk assessment has either not been completed to date or is not publicly available.

Cross-border data transfers of personal information held on Australian citizens may occur under this framework.

It is expected that complaints and correction requests may cause some difficulties in the TDIF because multiple participants may each hold part of the relevant data and responsibility for dealing with complaints and corrections may be difficult to determine.

On 24 March 2017 The Canberra Times reported:

The federal government is experimenting with a system that would allow Australians to use selfies to log onto Centrelink, Medicare and other Commonwealth services.

Prime Minister Malcolm Turnbull's digital re-invention agency is designing a system that would use "bio-metric" facial recognition technology to allow easy log-ins while protecting accounts from identity thieves.

The Digital Transformation Agency insists that no collection or data base of images would be built, the system would be voluntary and the strictest privacy safeguards would be in place.

But privacy activists are worried the idea is simply a high-tech version of the unpopular "Australia card" plan, resurrected more than 20 years after the national ID scheme was dumped.

The government is determined to improve to access to its services online, to save time and money, and to step-up the automation of many of its core activities, particularly in the expensive health and welfare sectors.

But security and privacy has been a huge issues, with many of the problems associated with the much-maligned myGov portal put down to the complex and glitch-prone log-in protocols……

A user of the proposed new system, after establishing their account, would log-in by scanning their traditional forms of ID and as a fail-safe against hacker and identity thieves, take a selfie and upload it from their mobile, tablet or computer.

Central [to] the architecture of the scheme would be an online "identity exchange", a portal that would confirm to a government agency, Centrelink for example, that a user's identity had been verified and cleared to use their account but would not supply the photo or any other data used to make the confirmation.

But talks with "stakeholders" including state and federal privacy authorities as well as online privacy campaigners, have begun to reveal the full complexity of the privacy problems facing the TDIF.

Many of those consulted were surprised they had not already heard of such a game-changing project  and questioned the motivation for the decision.

"Stakeholders queried whether due consideration had been given to the failure of previous centralised models in the Commonwealth identity field, such as the Australia Card and the Access Card," Galexia reported.

There were worries that various parts of the system "would obtain, over time, a large and rich source of personal data that will be attractive to third parties for surveillance...or subject to external attack (e.g. hackers), and  or subject to accidental breach."

"The consequences of surveillance or a breach were likely to be significant," Galexia noted.

""Some stakeholders predicted that, over time, each [agency] would collect biometric information (photographs) and contribute to the development of a national data set of photographs.

"Although there is no intention to retain photographs in the TDIF, and they are destroyed as soon as a verified match has been made, stakeholders believed that 'it was only a matter of time' before the system was changed and photographs were retained and shared."

A prototype of the TDIF system is expected to be ready for testing in mid-2017….

Key stakeholders consulted sometime in October-November by Galexia Pty Ltd for its 5 December 2016 report:

Australia Post

Australian Communications Consumer Action Network (ACCAN)

Australian Privacy Foundation (APF)

Commissioner for Privacy and Data Protection Victoria (CPDP)

Department of Finance, Services and Innovation NSW (DFSI)

Digital Rights Watch           

Information and Privacy Commission NSW (IPC)

Office of the Australian Information Commissioner (OAIC)

Office of the Information Commissioner QLD (OIC)

Queensland Government Chief Information Office (QGCIO)

Queensland SmartService (Digital Productivity and Services Division)

Service NSW

According to Galexia on Page 27 of its report:

In the consultation conducted for this PIA, the following views were expressed on this issue:

* Stakeholders questioned where the decision had ‘come from’ as it appeared to take nearly all stakeholders by surprise;

* Stakeholders queried the link between the decision to establish a single Commonwealth IdP and the recommendations of the Murray Report (which in part endorses the development of multiple IdPs in order to foster competition, choice and innovation);

* Stakeholders queried whether due consideration had been given to the failure of previous centralised models in the Commonwealth identity field, such as the Australia Card and the Access Card. Although stakeholders recognised some differences between those proposals and the TDIF in relation to the overall framework and the Identity Exchange, they viewed the decision to establish a single Commonwealth IdP as a ‘throwback’ to those earlier proposals. Even after detailed discussions and explanation on the details of the TDIF most stakeholders still viewed the single Commonwealth IdP as an updated version of the Australia Card / Access Card;

* Stakeholders were strongly of the view that such an important and far-reaching decision should have been the subject of extensive community consultation and debate, with many stakeholders calling for a public discussion paper and / or legislation; and

* Almost all stakeholders struggled to see any justification for the establishment of a single IdP – a common question was “what is the problem that needs to be solved?”.

Australian Bureau of Statistics under Kalisch continues to prove that Census 2016 was expensive as well as a statistical and public relations disaster

Information coming out of the once-proud Australian Bureau of Statistics (ABS) again proves that it approached the most radical change to the national census of population and housing with an almost complete lack of understanding of the mood of the populace¹.

ABC News, 23 December 2016:

Taxpayers spent close to $200,000 to turn the Sydney Opera House green to promote the 2016 census, without any clear reference to the national survey.

The seven sails of the national landmark were lit up for two nights but did not include any information about the census, the website, a hashtag or branding.

Internal documents show it cost taxpayers $192,000 for setup, equipment hire, management and support.

The Australian Bureau of Statistics (ABS) chief statistician David Kalisch described it as a "major public relations opportunity" and said it was likely to attract "social media influencers".

"This will maximise awareness and engagement with the census, and help create a national conversation," Mr Kalisch wrote in the document.

The Opera House turned green for census night and the night before but the social media conversation was dominated by the website's failure.

There was a 40-hour outage caused by four Distributed Denial of Service (DDoS) attacks that had been the subject of a blame game between the Australian Bureau of Statistics (ABS) and contractors for months.

The Opera House was part of a national campaign to light up landmarks with the colour green.

The Melbourne Arts Centre, Canberra's Telstra Tower, Brisbane's City Hall and the Darwin Convention Centre were some of the 20 sites to "go green" for the census…..

The total census campaign media budget was $12 million.

#CENSUSfail is believed to have increased the cost 2016 national census by as much as $30 million.

In late September 2016 the ABS began processing and analysing the data collected to provide high-quality information for all communities across Australia. This process, including the Post Enumeration Survey (PES), will ultimately determine the overall response rate and coverage of the 2016 Census and the Independent Assurance Panel on 2016 Census of Population and Housing data sat for the first time in November 2016.

Currently ABS alleges that the national census response rate exceeds 96 per cent - comprising over 4.9 million online forms and over 3.5 million paper forms representing 8.4 million households/dwellings.

A rather strange statement by the Bureau, given it previously stated in the lead up to the census that it expected to survey close to 10 million dwellings and afterwards that there were exactly 9.8 million dwellings within the survey pool.

The failure to genuinely meet response rate requirements being papered over by the many personal forms in addition to the household ones [Senate Economics References Committee, 24 November 2016, inquiry report, 2016 Census: issues of trust, p.80].  Presumably these personal forms were official census forms which stated the person was in transit (travellers, homeless, & hospital patients) – all est.1.2 million of them if the deliberately vague assertion of the Bureau is to be believed.

The next public confidence hurdle for the failed 9 August 2016 Census comes when preliminary population and dwelling counts are released in April 2017 – given that so many people are aware of friends or acquaintances who deliberately refused to supply name and/or address or filled in their census forms with inaccurate or misleading information in an attempt to avoid having their genuine personal information retained by the federal government indefinitely in a national database for as yet unstated or unexplained purposes.

NOTES:

1. Previous North Coast Voices posts on 2016 Census here.

    Bill McLennan, 2016, Privacy and the 2016 Census.

Yet another example of why the Australian Government's desire for the ultimate big data pool of citizen' personal information is a bad idea

This time it was the Australian Red Cross releasing 1.28 million donor records, containing first name, last name, gender, physical address, email address, phone number, date of birth, blood type, previously blood donations, country of birth, when record was created, type of donation, date of donation and donor eligibility answers including any sexually transmitted disease or drug use history.

This information was publicly available for viewing and download from 5 September to 26 October 2016.

           

IT News, 28 October 2016:

More than one million personal and medical records of Australian citizens donating blood to the Red Cross Blood Service have been exposed online in the country’s biggest and most damaging data breach to date.

A 1.74 GB file containing 1.28 million donor records going back to 2010, published to a publicly-facing website, was discovered by an anonymous source and sent to security expert and operator of haveibeenpwned.com Troy Hunt early on Tuesday morning.

The database was uncovered through a scan of IP address ranges configured to search for publicly exposed web servers that returned directory listings containing .sql files.

The contents of the 'mysqldump' database backup contains everything from personal details (name, gender, physical and email address, phone number, date of birth and occasionally blood type and country of birth) to sensitive medical information, like whether someone has engaged in at-risk sexual behaviour in the last year.

The database collected information submitted when an individual books an appointment - either on paper or online - to donate blood. The process requires donors to enter their personal details and fill out an eligibility questionnaire.

It does not contain data on blood reports or analyses, or responses to the full donor questionnaire all blood bank visitors are required to fill out at the time of their donation.

The database was published on the webserver of a Red Cross Blood Service technology partner that maintains the service's website, not the organisation’s www.donate.blood.com.au site where online bookings are made.

"This is a seriously egregious cock-up - this should never happen," Hunt told iTnews.

"There are no good reasons to put database backups on a publicly-facing website." The issue was compounded by the fact that directory browsing was enabled on the server, he said.

The file was removed on Wednesday. Hunt said there was no evidence of it having been accessed by anyone else, and both he and the anonymous source had deleted their copies.

Australia’s computer emergency response team, AusCERT, has been working with the Red Cross after being notified to the breach by Hunt on Tuesday.

The Red Cross indicated around 550,000 individual donors were impacted.

It attributed the issue to "human error" and said it was "deeply disappointed" to be in this position.

The service has started notifying affected donors today.

The Australian, 29 October 2016:

The Red Cross admitted it did not know how many people had accessed the information, which was publicly available from September 5 until Wednesday.

The breach was revealed by an unknown person who alerted Microsoft employee Troy Hunt, who runs a data breach notification service. Mr Hunt reported the breach to cyber-threat group AusCert, which in turn alerted the Red Cross.

The incident is being investigated by the Australian Federal Police, the Department of Health and the Australian Privacy ­Commission.

Red Cross Blood Service chief executive Shelly Park yesterday urged people to continue ­donating blood, saying information was now secure. “To our knowledge, all known copies of the data have been ­deleted. However, investigations are continuing,” Ms Park said.

But Mr Hunt said there was no guarantee the information had been completely erased, adding the breach was the latest ­illustration of how basic mistakes are key contributors to ­personal data being accessed by others.

“There was nothing new in how this data was accessed, this was just plain, old stupidity,” he said. “The real question this raises is should this data have been ­retained in the first place and why a third party needed the information at all.”

According to breachlevelindex.com in the first half of 2016 the Asia Pacific Region experienced 76 significant data breaches, 22 of which were in Australia.

Earlier this year: a Menulog exposed breach exposed 1.1 million records containing customer names, addresses, order histories and phone numbers [the exact quote in the CIO Australia article linked to here was "suffered from a breach of 1.1 million records leaving customer names, addresses, order histories and phone numbers exposed"- The Ideas Suite public relations agency acting on behalf of Menulog 
contacted North Coast Voices and would prefer to characterize this breach as "A former Menulog employee stumbled upon the private details of the company's customers, including customer names and email addresses". It is noted that the journalist quoted does not appear to have been asked by this agency to amend the original 21 September 2016 CIO Australia article as it remains as first published]; a malicious hacked dump of 67,118 Shadi.com customer records, recruitment agency Sarina Russo exposed client financial records which were dumped in a bin next to the office; disability information on nearly 7,000 current/former Sydney University students was exposed; customer accounts details on The Sydney Morning Herald and The Age digital editions, the Do Not Call Register and industry group CompTIA were also breached.

Also in 2016: the Australian Bureau of Statistics released contact names linked to more than 5,000 Queensland businesses in what was described as a “human error”; the Health Department was forced to remove data from its website amid an investigation into whether personal information has been compromised; and the Australian Public Service Commission confirmed it had withdrawn data gathered in its massive annual employee census from public view – but not before the data set containing the details of 96,700 federal public servants has been accessed by unknown persons 58 times. The Queensland Dept. of Premier and Cabinet and Dept. of Tourism were also maliciously hacked - along with the Maitland office of the NSW Dept. of Resources and Energy. 

In the 2015-16 financial year Victoria Police had 453 "information security incidents"  - up 36 per cent on the year before, with 27 incidents of police officers inappropriately accessing computer systems (including the Law Enforcement Assistance Program LEAP) and 40 instances of police data released without authorisation.

In 2015 K-Mart Australia’s online shopper database was hacked. Payroll systems were breached, harvesting extensive personal details (including names, address, dates of birth, tax file numbers, bank account details, gross earnings and superannuation funds and membership numbers) of up to 500 workers a day and the information used to lodge fraudulent tax returns with the Australian Taxation Office.

Additionally in 2015 Telstra customer’s admin and user credentials were stolen - including those of the Australian Federal Police. Similarly, the Patagonia Clothing Company, Aussie Farmers, David Jones, Queensland TAFE experienced data breaches where personal information was hacked and, 31,140 Optus customers’ had their personal and credit history information publicly posted on the website freelancer.com by the debt collection agency ARC Merchantile.

In 2014 Centrelink left revealing personal and financial details of clients lying around at a suburban railway station and the Department of Immigration and Border Protection unlawfully disclosed the personal information of approximately 9,250 asylum seekers by publishing a word document on a public page of the department’s website.

An estimated 800 million records were lost in 2014, mainly through cyber-attacks, and such attacks are thought to cost large Australian enterprises an average of $8.3 million a year.

With this unhealthy mix of ongoing institutional incompetence and determined malicious hacking risking the privacy of so much personal information, is it any wonder that concerned individuals look on the Turnbull Government’s drive to create a national database - which it will continuously update with additional medical, legal, financial, social and family information on each person born and/or residing in this country – as a gigantic honey hive ripe for the robbing?

Oh, and in case social media users are feeling comfortable about their own privacy on major online platforms – in June 2016 the Facebook application known as Uiggy was hacked and 4.3 million accounts were exposed along with names, genders, and Facebook IDs (2.7 million of which had email addresses against them) and on 27 October 2016 there was a Pastebin dump of 32 million Twitter accounts along with an invitation to use the details to hack further.