Can the CSIRO sink any lower?

“Collaborating with government. As a trusted adviser to government, our collaboration within the sector supports it to solve challenges, find efficiencies and innovate.” [CSIRO, Data61]

The Commonwealth Scientific and Industrial Research Organisation (CSIRO) is a federal government corporate entity ultimately responsible to the Australian Parliament.

It started life in the midst of global conflagration in 1916 and for most of its existence it was widely respected both in its country of origin and around the world.

Sadly that level of respect has been diminished in recent years as commercial imperatives saw it move away from its once proud boast that:

The integrity of our science is underpinned by commitment to our values, adherence to our policies and maintaining the highest standards of practice.

However, it had not yet become a low creature of right-wing political ideology.

Until now – when it appears willing to participate in enforcing punitive social policies, cynically presented in the guise of Budget measures by the Turnbull Coalition Government.

In particular, enabling the trial drug testing of income support applicants “based on a data-driven profiling tool developed for the trial to identify relevant characteristics that indicate a higher risk of substance abuse issues” which almost inevitably will target the poor and vulnerable.

Apparently the only matter holding the CSIRO back from full commitment to the trial is the matter of contract negotiations with the Dept. Of Social Security and/or Dept. of Human Services¹.

The cost of this measure has reportedly been deemed by government to be “commercial-in-confidence”.

InnovationAus, 2 June 2017:

CSIRO has still not officially agreed to allow its Data61 analytics unit to become involved in the government’s highly contentious welfare drug testing program, a Senate estimates hearing has been told.

But the delay appears to be related to difficult contract negotiations – for which the research agency is well known – rather than the objections of staff or management to becoming involved in such a politically-driven program.

The Department of Industry, Innovation and Science and CSIRO appeared at the Senate estimates on Thursday morning.

The shocking concession that CSIRO has been in discussion to work on the drug-test project since April comes despite the organisation having specifically declined to confirm any knowledge of the project for weeks – let alone that it was actively negotiating a contract.

This is despite direct questions being put to CSIRO on multiple occasions for weeks.

The estimates hearing also revealed that Data61 has been called into the controversy plagued Social Services robo-debt project that has mistakenly matched debt to welfare recipients.

CSIRO digital executive director David Williams told shadow industry minister Kim Carr that while CSIRO was approached by the Social Services department about the welfare drug testing scheme in late April – less than a month before its involvement was prematurely announced by Cabinet Minister Christian Porter – it is still yet to officially sign on to the project.

“The Department of Social Services approached CSIRO in early April, wanting to implement a trial involving activity tested income support recipients across a small number of geographical areas,” Mr Williams told senate estimates.

“They asked for Data61’s support in doing the analysis to see whether predictive analytics could help them in that task.”

“Since that time we’ve been talking with the department, and scoped out a statement of work and we’ve looked at how we can implement that work should we sign a contract and proceed. At this moment we’re working through the procedures inside CSIRO.”

FOOTNOTE

1. The CSIRO already has a business relationship with the Australian Department of Human Services (DHS). Commencing in February 2017 the CSIRO and/or CSIRO Data61 conducted a Review of Online Compliance Systems, as well as supplying Specialist Data Science Services and Selection Methodologies Advice to the department. See; https://www.tenders.gov.au.

Malcolm Bligh Turnbull's agile & innovative NBN accused of screwing the poor. Why am I not surprised?

“Examining the rollout of NBN technologies as of December 2016, our preliminary analyses suggest areas of greatest socio-economic disadvantage overlap with regions typically receiving NBN infrastructure of poorer quality.”  [The Conversation, 22 June 2017]

c|net, 23 June 2017:

The richer you are, the better the NBN getting rolled out in your area.

That's according to a new study that maps Australia's disadvantaged communities against the NBN technology they're receiving. The findings show that when it comes to accessing the technology of the future, the poorest in our community are being left behind.

Conducted by the Centre for Research Excellence in the Social Determinants of Health Equity at Flinders University, the study ranked Australia's richest and poorest communities according to ABS data. The team used the ABS's 2011 socio-economic indexes for area (SEIFA) and index of relative socio-economic advantage and disadvantage.

Matching these metrics against NBN technology, the researchers found "areas of greatest socio-economic disadvantage [shown on the left of the graph below] overlap with regions typically receiving NBN infrastructure of poorer quality."  

There is massive difference in the NBN technology rolled out to the least advantaged parts of our society (on the left-hand side) and the most advantaged. The wealthier you are, the more likely you are to be using fibre (shown in blue). 

Centre for Research Excellence in the Social Determinants of Health Equity

The Conversation, 22 June 2016:

This result tells a similar story to an early analysis by Sydney University’s Tooran Alizadeh of 60 NBN release sites that were announced in 2011. She found some of the most disadvantaged areas of Australia were not gaining equal access to the new infrastructure.

If we look only at major cities in Australia – where the level of fibre technology is higher overall – areas with the greatest disadvantage, while exceeding similarly disadvantaged areas nationally, still received significantly less FTTP and FTTN: 65% of areas with a SEIFA decile of one had FTTP and FTTN, compared with 94% of areas with a SEIFA decile of 10…. 

NBN services in outer regional areas

Composition of currently available* NBN service technologies in outer regional areas by Socio-Economic Indexes for Areas deciles (SEIFA). SEIFA decile 1 denotes the most disadvantaged areas, and SEIFA decile 10 denotes the least disadvantaged areas. 
Note: Decile 10 has been excluded from this chart because only one suburb falls into this category, whereas other deciles have between 129 (Decile 8) and 341 (Decile 4) suburbs.

Notes: 
(i) A suburb can have multiple NBN service types. The data is for services that are currently available*. (Services that are planned or where build has commenced is not included).  
(ii) Fibre denotes both Greenfields and Brownfields fibre, and includes Fibre to the Premises (FTTP), Fibre to the Building (FTTB) and Fibre to the Node (FTTN). 
(iii) HFC is Hybrid-Fibre Coaxial service. 

*Technology available at December 2016

Another perspective on the issue……..

How the early NBN roll out was originally determined.

Telecommunications Policy, Volume 41, Issue 4, Tooran Alizadeh,  and Reza Farid, Political economy of telecommunication infrastructure: An investigation of the National Broadband Network early rollout and pork barrel politics in Australia, May 2017:

Abstract

It has been argued that infrastructure unevenness rigidifies into more lasting structures of socio-economic and political privilege and advantage. This paper focuses on telecommunication infrastructure as the backbone of the fast-growing digital economy, and raises important questions about the early National Broadband Network (NBN) rollout in Australia. The paper asks whether there was any case of pork barrelling in the selection of early release sites that enjoyed a regional competitive advantage against other localities that had to wait several years to receive the infrastructure. The answer to this question then leads to a second question about the degree to which voting in the early NBN release sites has swung following the infrastructure rollout. In order to answer these questions the paper examines the voting patterns in the earlier NBN release sites versus all electorates in the Federal elections in 2007–2013 using the data available via Australian Electoral Commission. Findings show trends of politically targeted funding, followed by vote swing in the very next election.

State of Australian Cities Conference 2015, Tooran Alizadeh:

An analysis of the voting behaviours within the suburbs that were selected by governing Australian Labor Party, for the early NBN release, reveals that those suburbs that voted for the opposition Liberal/National Coalition and where the Coalition-held marginal seats were the key beneficiaries. This pattern occurred in all three states, as highlighted in Figure 3. In New South Wales and Queensland, electorates where either party held marginal seats had the most likely chance of receiving the NBN, followed by those were the Australian Labor Party-held safe seats. Chances of receiving the NBN in Victoria differed to the northern states, with electorates where the Australian Labor Party-held safe seats almost as likely as suburbs where marginal seats were held by the Liberal/National Coalition to receiving the NBN in the early rollout. Moreover, across the three states, the opposing Liberal/National Coalition-held safe seats were least likely to receive the NBN. With this said, fairly safe-held seats by either party also lucked out, although those held by the Australian Labor Party overall had slightly higher chances. Thus, in terms of receiving the NBN early rollout, the overall winners were those seats held marginally by the opposing Liberal/National Coalition. At the same time, the biggest loosers where the safe seats held by the opposing Coalition.

The American Resistance has many faces and here are just seventeen of them (8)

According to the American Civil Liberties Union (ACLU):

In April 2017…. President Trump signed a law overturning strong, commonsense privacy rules that gave consumers control over what internet service providers (ISPs) could do with their data. The rules that were overturned would have prevented ISPs from sharing our browsing history with advertisers, forced ISPs to be clear about what information they’re collecting, and required ISPs to take reasonable steps to protect our data from hackers.

The response from many states was almost instantaneous. State legislators around the nation are now considering laws to restore the privacy protections that Congress and President Trump eviscerated……..

ALASKA

States where legislation has been introduced

Alaska’s HB 232, and the similar HB 230, prevents ISPs that do business within the state from collecting the personal information from customers without express, written consent. It also prevents ISPs from conditioning service on a customer giving them consent to collect personal information.

HAWAII

States where legislation has been introduced

A proposed version of Hawaii’s SB 1201 prevents ISPs that do business within the state from collecting the personal information from customers without express, written consent. It also prevents ISPs from conditioning service on a customer given them consent to collect personal information. However, the current version of the legislation does not include any privacy language.

KANSAS

States where legislation has been introduced

Kansas’s HB 2423 prevents ISPs that do business within the state from collecting or otherwise storing the personal information from a resident of Kansas without express, written consent. It also prevents ISPs from refusing to provide their service to a resident of Kansas who has not given approval for the collection, storage or sale of their personal information.

MAINE

States where legislation has been introduced

Maine’s LD 1610 prohibits an ISP from using, disclosing, selling, or permitting access to a customer’s personal information without express, affirmative consent (absent certain emergency and other exceptions). The bill defines personal information as including web browsing history, app usage, and precise geolocation information, among other sensitive types of data. It prohibits conditioning the sale of a service, or changing a penalty for that service, if a customer does not provide consent. The bill also requires ISPs to take reasonable measures to protect customer’s personal information against unauthorized use, disclosure or access.

MARYLAND

States where legislation has been introduced

A bill was introduced just six days before the end of the legislative session and failed to pass through Maryland’s state legislature, SB 1200, due to the lack of time to consider the issue. It would have prohibited ISPs from selling or transferring a customer’s personally identifying information—which includes browsing history and IP address—for marketing purposes without affirmative consent from the customer (absent certain legal exceptions). It would have prevented ISPs from showing ads to customers from the ISP based on the customer’s browsing history, without affirmative permission. The bill would have prevented ISPs from conditioning service on a customer giving them consent to collect personal information. And the bill would have required the state’s Joint Committee on Cybersecurity, Information Technology, and Biotechnology to monitor enforcement of the act and provide recommendations on future changes needed to the law.

MASSACHUSETTS

States where legislation has been introduced

There are several internet privacy bills pending in Massachusetts. HB 3698 prohibits an ISP from collecting, using, disclosing, or permitting access to a customer’s sensitive propriety information without opt-in consent (absent certain emergency and other circumstances). Sensitive proprietary information includes financial and health information, information about children, precise geolocation, browsing history, and app usage, among others. The bill also requires that ISPs disclose, at the point of sale or during significant changes to their practices, the types of information the ISP wishes to collect, the purposes for which it would use the information, and the types of third-parties who would receive the information when asking the customer for opt-in consent.

S 2062 would prohibit ISPs from collecting, using, disclosing or permitting third-party access to a customer’s proprietary information, which includes web browsing history and app usage, without affirmative consent (absent certain emergency and other exceptions). It also requires the ISP to ask for opt-in approval when material changes are made to the company’s privacy policy, and it requires that customers be given a conspicuous notice of what information is collected, the purpose for which it would be disclosed, and the type of third-party it would be disclosed to. It also prohibits conditioning the sale of a service, or changing a penalty for that service, if a customer does not provide consent.

MINNESOTA

States where legislation has been introduced

A number of similar broadband privacy amendments were attempted in Minnesota. HF 2209 has a provision that prevents ISPs that do business within the state from collecting the personal information from customers without express, written consent. HF 2579, HF 2606, and HF 2309 have the same language but also prohibit conditioning the sale of a service on a customer given them consent to collect personal information.

NEBRASKA

States where legislation has been introduced

LR 136, designates the Transportation and Telecommunications Committee to conduct an interim study of the effects of the overturning of the FCC’s broadband privacy rule. If the study concludes that repeal of the rule does impact the privacy of Nebraskans, it may consider state legislative and administration options to restore privacy protections to consumers. The bill was introduced with bi-partisan support.

NEW HAMPSHIRE

States where legislation has been introduced

An amendment to HB 305, which was not adopted, prohibited ISPs from using, disclosing, selling or permitting access to a customer’s personal information without affirmative consent (absent certain emergency and other exceptions). The amendment defined personal information as the content of communications, demographic information, browsing history, financial and health information, information pertaining to children, app usage, and precise geolocation, among others. The amendment also required ISPs to take reasonable steps to protect customer personal information from unauthorized use, disclosure, or access.

NEW JERSEY

States where legislation has been introduced

SB 3156 requires ISPs to keep their customer’s personally identifiable information—which includes browsing history and precise geolocation—confidential unless the customers provide affirmative consent. It also provides that ISP give written notice of this requirement to each customer. The provisions of the bill do not apply to investigations undertaken pursuant to the “New Jersey Wiretapping and Electronic Surveillance Control Act. Importantly, an ISP cannot refuse to offer internet service to customers simply because the customer does not consent to disclosure of personal information.

AB 3027 instructs the Board of Public Utilities, in consultation with the Division of Consumer Affairs and the Department of Law and Public Safety, to undertake a public awareness campaign to promote consumer understanding of ISP’s information disclosure practices. The campaign would include information about state and federal privacy laws, the circumstances under which ISPs can disclose customer information, and guidance for how consumers can access and understand the privacy policies of ISPs. The bill does not specifically address how the campaign will be clear and accessible to the public.

NEW YORK

States where legislation has been introduced

New York has the most currently pending bills of any state. A 7191 and S5603 prohibit any ISP that do business within the state from collecting or disclosing a customer’s personal information—which includes browsing history and the contents of data-storage devices—without affirmative consent . However, the bills have a number of exceptions for the consent requirement, including provisions that would allow law enforcement to access customer data without a warrant. The bills also require ISPs to take reasonable data security steps and provide a cause of action for ISP violations of its provisions.

A 7236 and S 5576 require ISPs to obtain affirmative consent from a customer prior to using, sharing or selling that customer’s sensitive information, which includes browsing history, financial and medical data, biographical data, the content of communications, and internet usage. Non-sensitive data, which includes aggregate data or subscription data, does not require consent for disclosure. The bills also require ISPs to provide customers with a copy of a privacy policy that includes: data collection and use practices; the ISP’s relationships with third-parties, the purposes for which the ISP collects data; and information for how consumers can exercise control over their privacy. Any ISP that violates the provisions would be guilty of a misdemeanor and subject to fines.

A 7495 and S 5516 require ISPs to keep confidential, unless given affirmatives consent, customer information including biographical information, browsing history, financial and health information, and information about political affiliation, among others. The ISP is also required to provide written notice of the requirements of the bill to each customer.

S 3367 requires ISPs to keep all customer information confidential unless affirmative consent is provided. The bill also creates a find of $500 per offense for any ISP found to be in violation.

OREGON

States where legislation has been introduced

HB 2090, which has been passed by the Oregon legislature, makes it a violation of that state’s consumer protections law for a company to engage in practices that are inconsistent with its stated privacy policy.

HB 2813 prohibits an ISP from disclosing, selling, or permitting access to a customer’s personal information without affirmative consent (absent certain emergency or other exceptions). The bill defines personal information to include demographic information, browsing history, app usage, the content of communications, information about finances, health or children, and precise geolocation, among others. The bill also prohibits an ISP from conditioning service on or charging a higher rate to customers that do not provide consent for their information to be used. The bill requires ISPs to take reasonable measures to protect customer personal information from unauthorized use, disclosure, or access. And the bill gives a private right of action against an ISP that discloses or sell their information in violation of the bill’s provisions.

RHODE ISLAND

States where legislation has been introduced

HB 6086 prevents ISPs that do business within the state from collecting the personal information from customers without express, written consent. It also prevents ISPs from conditioning service on a customer given them consent to collect personal information.

SOUTH CAROLINA

States where legislation has been introduced

HB 4154 prevents ISPs that do business within the state from collecting the personal information from customers without express, written consent. It also prevents ISPs from conditioning service on a customer given them consent to collect personal information.

WASHINGTON

States where legislation has been introduced

HB 2200, which has already passed the House twice, prohibits an ISP from selling or transferring a customer’s proprietary information, which includes communications content, browsing history, precise geolocation, and financial and health information, among others, without opt-in consent. The bill also prohibits an ISP conditioning service on a customer’s consent to use their proprietary information, and further must disclose the terms and conditions of any financial incentive provided to a customer that consents to having their information used by the ISP.

SB 5919 prevents ISPs that do business within the state from collecting the personal information from customers without express, written consent. It also prevents ISPs from conditioning service on a customer given them consent to collect personal information.

VERMONT

States where legislation has been introduced

HB 535 directs the Attorney General, in consultation with the Commissioner of Public Services to adopt privacy and data security rules for ISPs. SB 147 uses similar language, but also requires that the rules adopted include disclosure requirements for ISP privacy policies, opt-in or opt-out procedures for obtaining customer approval to use and share sensitive or non-sensitive customer propriety information, and data security and breach notification requirements.

SB 72 directs the Attorney General, in consultation with the Commissioner for Public Service and industry and consumer stakeholders, to submit a recommendation or draft legislation regarding whether and to what extent the state should adopt privacy and data security rules for ISPs.

WISCONSIN

States where legislation has been introduced

SB 233 prohibits an ISP from using, disclosing or permitting access to a customer’s proprietary information without affirmative consent (absent certain emergency and other exceptions). The bill defines proprietary information as the content of communications or information that relates to the quantity, technical configuration, type, destination, location, or amount of use of an ISP’s service. The bill also requires that ISP provide notice to consumers about how they collect and use their information and it requires reasonable data security practices and notification of data breaches.

You're not on Facebook? Why not?!

One of the many reasons some people are closing their Facebook accounts and walking away – excessive, obsessive data collection and the uses to which it is put.

News.com.au, 1 May 2017:

FACEBOOK has come under fire over revelations it is targeting potentially vulnerable youths who “need a confidence boost” to facilitate predatory advertising practices.

The allegation was revealed this morning by The Australian which obtained internal documents from the social media giant which reportedly show how Facebook can exploit the moods and insecurities of teenagers using the platform for the potential benefit of advertisers.

The confidential document dated this year detailed how by monitoring posts, comments and interactions on the site, Facebook can figure out when people as young as 14 feel “defeated”, “overwhelmed”, “stressed”, “anxious”, “nervous”, “stupid”, “silly”, “useless”, and a “failure”.

Such information gathered through a system dubbed sentiment analysis could be used by advertisers to target young Facebook users when they are potentially more vulnerable.

While Google is the king of the online advertising world, Facebook is the other major player which dominates the industry worth about $80 billion last year.

But Facebook is not one to rest on its laurels. The leaked document shows it has been honing the covert tools its uses to gain useful psychological insights on young Australian and New Zealanders in high school and tertiary education.

The social media services we use can derive immense insight and personal information about us and our moods from the way we use them, and arguably none is more fastidious in that regard than Facebook which harvests immense data on its users.

The secret document was put together by two Australian Facebook execs and includes information about when young people are likely to feel excited, reflective, as well as other emotions related to overcoming fears.

The Guardian, 3 May 2017:

For two years I was charged with turning Facebook data into money, by any legal means. If you browse the internet or buy items in physical stores, and then see ads related to those purchases on Facebook, blame me. I helped create the first versions of that, way back in 2012.

The ethics of Facebook’s micro-targeted advertising was thrust into the spotlight this week by a report out of Australia. The article, based on a leaked presentation, said that Facebook was able to identify teenagers at their most vulnerable, including when they feel “insecure”, “worthless”, “defeated” and “stressed”.

Facebook claimed the report was misleading, assuring the public that the company does not “offer tools to target people based on their emotional state”. If the intention of Facebook’s public relations spin is to give the impression that such targeting is not even possible on their platform, I’m here to tell you I believe they’re lying through their teeth.

Just as Mark Zuckerberg was being disingenuous (to put it mildly) when, in the wake of Donald Trump’s unexpected victory, he expressed doubt that Facebook could have flipped the presidential election.

Facebook deploys a political advertising sales team, specialized by political party, and charged with convincing deep-pocketed politicians that they do have the kind of influence needed to alter the outcome of elections. 

I was at Facebook in 2012, during the previous presidential race. The fact that Facebook could easily throw the election by selectively showing a Get Out the Vote reminder in certain counties of a swing state, for example, was a running joke.

Express online, 6 January 2017:

FACEBOOK siphons an enormous amount of data from its users – whether it's monitoring your mouse movements, tracking the amount of time you spend on any given post, or the subject of your photographs……

The US social network is constantly tracking information about its users – however, most users will not be aware of just how much data it can siphon from a single photograph.

Facebook hints at how much data it is able to detect when it suggests people who might be in the photograph, prompting you to tag their faces.

But in reality, the California-based social network is tracking much more than just faces.

When you upload a photo on Facebook, the social network scans the image and detects how many people are in the photograph, and whether it was taken indoors or outside.

Facebook is also able to identify humans, animals and inanimate objects.

It is not always accurate, but the social network is able to differentiate between people who are standing, or sitting down.

To find out exactly what Facebook is reading into your photos, software developer Adam Geitgey has created a useful Chrome browser extension that reveals the data Facebook is collecting from your images.

Show Facebook Computer Vision Tags reveals data that Facebook usually keeps hidden from its users.

The free Google Chrome extension can be downloaded from the Chrome extension store.

Facebook has implemented object recognition technology since April 2016, a spokesperson for the company told Metro.co.uk.

The Verge, 27 May 2016:

Facebook will now display ads to web users who are not members of its social network, the company announced Thursday, in a bid to significantly expand its online ad network. As The Wall Street Journal reports, Facebook will use cookies, "like" buttons, and other plug-ins embedded on third-party sites to track members and non-members alike. The company says it will be able to better target non-Facebook users and serve relevant ads to them…

Some of the data Facebook collects to facilitate ad placements, according to The Washington Post on  19 August 2016:

1. Location
2. Age
3. Generation
4. Gender
5. Language
6. Education level
7. Field of study
8. School
9. Ethnic affinity
10. Income and net worth
11. Home ownership and type
12. Home value
13. Property size
14. Square footage of home
15. Year home was built
16. Household composition

As explained on that shiny new portal, Facebook keeps ads “useful and relevant” in four distinct ways. It tracks your on-site activity, such as the pages you like and the ads you click, and your device and location settings, such as the brand of phone you use and your type of Internet connection. Most users recognize these things impact ad targeting: Facebook has repeatedly said as much. But slightly more surprising is the extent of Facebook’s web-tracking efforts and its collaborations with major data brokers.

While you’re logged onto Facebook, for instance, the network can see virtually every other website you visit. Even when you’re logged off, Facebook knows much of your browsing: It’s alerted every time you load a page with a “Like” or “share” button, or an advertisement sourced from its Atlas network. Facebook also provides publishers with a piece of code, called Facebook Pixel, that they (and by extension, Facebook) can use to log their Facebook-using visitors.

While you’re logged onto Facebook, for instance, the network can see virtually every other website you visit. Even when you’re logged off, Facebook knows much of your browsing: It’s alerted every time you load a page with a “Like” or “share” button, or an advertisement sourced from its Atlas network. Facebook also provides publishers with a piece of code, called Facebook Pixel, that they (and by extension, Facebook) can use to log their Facebook-using visitors.

17. Users who have an anniversary within 30 days
18. Users who are away from family or hometown
19. Users who are friends with someone who has an anniversary, is newly married or engaged, recently moved, or has an upcoming birthday
20. Users in long-distance relationships
21. Users in new relationships
22. Users who have new jobs
23. Users who are newly engaged
24. Users who are newly married
25. Users who have recently moved
26. Users who have birthdays soon
27. Parents
28. Expectant parents
29. Mothers, divided by “type” (soccer, trendy, etc.)
30. Users who are likely to engage in politics
31. Conservatives and liberals
32. Relationship status

On top of that, Facebook offers marketers the option to target ads according to data compiled by firms like Experian, Acxiom and Epsilon, which have historically fueled mailing lists and other sorts of offline efforts. These firms build their profiles over a period of years, gathering data from government and public records, consumer contests, warranties and surveys, and private commercial sources — like loyalty card purchase histories or magazine subscription lists. Whatever they gather from those searches can also be fed into a model to draw further conclusions, like whether you’re likely to be an investor or buy organic for your kids.

Wired, 28 December 2012:

In 2010, while researching his thesis, he asked Facebook if it could send him all of the user data the company had relating to his own account. Amazingly, he got a response.

Facebook was, in Schrems' words, "dumb enough" to send him all his data in a 1,200-page PDF. It showed that Facebook kept records of every person who had ever poked him, all the IP addresses of machines he had used to access the site (as well as which other Facebook users had logged in on that machine), a full history of messages and chats and even his "last location", which appeared to use a combination of check-ins, data gathered from apps, IP addresses and geo-tagged uploads to work out where he was.

As Schrems went through the document, he found items he thought he had deleted, such as messages, status updates and wall posts. He also found personal information he says he never supplied, including email addresses that had been culled from his friends' address books. European law is worded vaguely, but says that personal data must be processed "fairly"; people should be given comprehensive information on how it will be used; the data processed should not be "excessive" in relation to the purpose for which it was collected; it should be held securely and deleted when no longer needed. And each person should have the right to access all of their personal data.

This is the NBN Liberal & National Party MPs & senators are offering most of remote, rural and regional Australia

Stories from B.I.R.R.R. from MaRiKi Media on Vimeo.

https://vimeo.com/209040090

Of course, certainly, we keep your personal information safe from prying eyes!

Anyone who is certain that all information a state/federal government department/agency or civil corporation holds about their social, financial, genealogical or health status is strictly protected from prying eyes needs to seriously question why they appear to hold that unsafe assumption.

The Sydney Morning Herald, 21 April 2017:

More than 700 public patients have had their privacy breached and potential delays in their follow up care after more than 1600 medical letters were found dumped in a Sydney bin.

NSW Health is investigating the incident involving a sub-contractor for a company tasked with transcribing medical letters sent from specialists to general practitioners.

On Tuesday, April 11, a man found piles of follow-up letters containing patient details stuffed into a garbage bin at an apartment block in Ashfield. It is understood there were more than 1600 documents in total. Some of the letters were duplicates. 

The man called in his neighbour, a female health worker, who recognised the documents were out-patient letters and contacted Ashfield police. 

A sub-contractor for Global Transcription Services (GTS) was supposed to take the letters home to post but instead stuffed them into the bin. The young woman had been dealing with personal upheaval and health issues, Health Minister Brad Hazzard said on Thursday, adding it was inappropriate to comment further.

The letters related to 768 public hospital patients from Royal North Shore, Gosford Hospital outpatients and Cancer Centre and Dubbo Hospital Cancer Centre.

There were also 700 letters relating to patients from six private providers: Chris O'Brien Lifehouse, providing services to Dubbo Cancer Clinic, Northern Cancer Institute (Frenchs Forest and St Leonards), Sharp Neurology, Southside Cancer Care Centre, Strathfield Retina Clinic and the Woolcock Institute.

Newcastle Herald, 17 April 2017:

The NSW privacy commissioner has called for a thorough investigation after thousands of photo ID cards, including gun licences, were mistakenly sent to the wrong people in a "significant" security breach.

A total of 2693 cards were sent to the wrong people earlier this month.

Among the documents mailed out were 2000 driver's licences, 104 firearm licences, 318 permits to use disabled parking, 242 proof of age cards, 26 security licences and 3 commercial and private investigator licences.

It is understood people affected went to Service NSW to apply for their licence on April 5, with the licences printed at the agency's card operations centre on April 7.

The error was discovered four days later. Service NSW informed police, Roads and Maritime Services and the privacy commissioner.

Shortly afterwards, gun shops were contacted by police and told to be "extra vigilant" in checking licences until all licences sent to the wrong address were retrieved, News Corp reported.

Those affected have been advised to "be alert to activities that may indicate their identity is being misused by others".

Acting NSW Privacy Commissioner Elizabeth Coombs said the breach was significant as it involves the identity of members of the public.

"These cards contain personal information that can identify individuals. Health information, which is even more sensitive, appears to have also been affected (eg on disability status)," Dr Coombs said.

"This breach is of particular concern as it occurs at a time when the NSW Government is increasing its digital interaction and service provision with the NSW community.

Education HQ Australia, 12 April 2017:

The traumatic, sensitive details of a Victorian mother's life lingered online for days after the education department thought it had dealt with a privacy breach.

The woman was one of 120 people affected when the Victorian education department inadvertently published personal details of parents online after receiving 558 submissions on proposed new regulations for state education.

The department thought it had taken the documents offline, but they were still publicly available five days after the breach, with several still listed on Google's search engine on Wednesday afternoon.

The Australian, 7 April 2017:

A Senate committee which investigated secret Defence training that teaches soldiers how to deal with being taken prisoners of war accidentally disclosed the confidential evidence of witnesses to each other.

On March 7, the Senate Foreign Affairs, Defence and Trade references committee took evidence from witnesses in-camera, which means it wasn't a public hearing, as part of an inquiry into training procedures for resistance to interrogation and conduct after capture.

Witnesses were posted copies of their transcripts to check over by registered mail, but the committee accidentally sent witnesses all transcripts rather than just individual ones.

Crickey.com.au, 4 April 2017:

Qantas customers’ personal data has been compromised after a data breach revealed the names, seat numbers and frequent flyer numbers of eight passengers to another passenger looking at the Qantas check-in app on Thursday. The app, which was used to check in for a flight between Newman, Western Australia, and Perth, showed the length of the flight and that a snack or brunch would be available, but the Qantas passenger was shocked to be able to see details for other passengers…..

It is not the first time Qantas customer details have been shared with others. In January, an email sent to customers flying out of Melbourne warned of traffic delays on the Tullamarine Freeway included surnames and booking references of other passengers

The Age, 26 March 2017:

A hospital is being investigated for breaching the privacy of dozens of patients after medical records revealing a "swollen penis" and mental illnesses among other things, were found in a Coburg street.

The Australian Information and Privacy Commissioner Timothy Pilgrim is investigating how the records of 31 patients were removed from the John Fawkner Private Hospital in Melbourne's north last month.

'LB' and Comcare (Privacy) [2017] AICmr 28 (24 March 2017):

Determination

1. I find that the respondent, Comcare, interfered with the complainant’s privacy in breach of Part III of the Privacy Act 1988 (Cth) (Privacy Act) by:

a. disclosing the complainant’s personal information, including sensitive health information on a publicly available website contrary to Information Privacy Principle (IPP) 11; and

b. failing to take such security safeguards as it is reasonable in the circumstances to take, against loss, against unauthorised access, use, modification or disclosure, and against other misuse contrary to IPP 4.

'KA' and Commonwealth Bank of Australia Limited [2016] AICmr 80 (25 November 2016):

Findings

1. Commonwealth Bank of Australia Limited (the CBA) interfered with the complainant’s privacy by:

* disclosing her personal information to the principal of a Commonwealth Bank Mortgage Innovation agency (MIA) for a purpose other than the primary purpose of collection, in breach of National Privacy Principle (NPP) 2.1 of the Privacy Act 1988 (Cth) (Privacy Act), and

* failing to take reasonable steps under NPP 4.1 to protect her personal information from misuse and loss and from unauthorised access, modification or disclosure.

Every man and his dog may soon have access to your personal medical history if you live in Australia

A federal government digital medical information storage and retrieval system, which will eventually contain information on every person permanently residing in Australia and which was hacked even before it publicly went online, is now going national – and it still has significant privacy problems.

The Daily Telegraph, 10 April 2017:

THE private health records of Australians can be accessed by more than half a million people under the latest bungle with the $2.2 billion electronic My Health Record.

News Corp Australia has learned that the privacy settings on the government’s computerised My Health Record, which lists every medicine a patient takes and records every medical visit and procedure, are automatically set on “universal access”.

This means every registered health practitioner in the nation — 650,000 people — can view them, not just the family GP, unless the patient specifically requested to opt out.

Occupational therapists working for an employer, doctors working for insurance companies, a dietitian, an optometrist or a dentist or their staff can view the record and see if individuals have a sexually transmitted disease, a mental illness, have had an abortion or is using Viagra.

“Potentially your employer’s occupational therapist can look at your record and get information they really shouldn’t be getting access to, its confidential data,” says former AMA president Dr Mukesh Haikerwal who was a government consultant on the My Health Record.

The bungle came about because the record was originally set up as an opt in system and when people set up their record they were given the option to set a PIN number to protect the information and determine who got to see it.

Nearly four million people set up a My Health Record under the opt in system but doctors weren’t using it because four years after it was established 83 per cent of Australians still did not have one.

Last year the Turnbull Government trialled turning the failed record into an opt out system.

One million people in the Nepean Blue Mountains area of NSW and Northern Queensland were given a record unless they opted out.

News Corp has now learned only 147 of these one million Australians automatically given a record under the trial set up a PIN number to protect their health information.

“147 My Health Records created in the trials have access controls set to restrict which healthcare providers can see the record, or have controls restricting access to certain documents in the record,” the Department said.

“This equates to 0.0151 per cent of My Health Records automatically created in the trials. This is consistent with the rates of access controls set by those who have opted to register for a My Health Record,” a spokeswoman for the department said.

The My Health Record lists a person’s medications and allergies, doctors can upload a health summary about the person’s health problems, eventually the system will include X-ray results, pathology results, hospital discharge summaries and other data that for the first time can be shared between medical practitioners.

The privacy problem is about to affect everyone because two weeks ago state and federal health ministers agreed to give every Australian a My Health Record unless they opt out.

This decision was made even though the results of the original opt out trial have never been made public.

And it means the health records of every Australian will soon be on open access.

The Australian, 27 March 2017:

Companies bidding for the Medicare digital payments system have been given the option of proposing a new identity card to protect against fraud and improve system capabilities.

As the federal government pushes ahead with electronic health records, in anticipation of a digital health revolution, The Australian has learned the Department of Health has made identity management a key part of the new payments system and left it open to companies to propose alter­natives.

Companies may suggest alternatives to the green Medicare card — which holds no data, just a magnetic strip and numbers for indiv­iduals whose information is stored in a database — and forms of identity for veterans’ affairs, aged care and related payments.

It would be the biggest shift since the Howard government proposed the Australian Access Card, a broad-function smartcard that attracted privacy concerns and comparisons to the ill-fated Australia Card of the 1980s and was dumped by the incoming Rudd government.

A departmental spokeswoman emphasised that there was no proposal for a new identity card under moves to develop a new digital payments system.

“While the Depart­ment of Health has not been prescriptive, the presumption is that the Medicare card and number will continue to be the basis for identification,” she said.

The option for a new identity management solution came after health ministers decided on Friday that the My Health Rec­ord system would be opt-out, making electronic medical records compulsory for all Australians unless they said otherwise, despite trials of that model having yet to report.

Australian Doctor, 27 March 2017:

Australian health ministers have officially agreed to a national opt-out model under which every patient will have a MyHealth Record created for them by default.

Yet precisely when the model will be rolled out remains to be seen.

Federal, state and territory health ministers met in Melbourne on Friday, where, according to a communique, they agreed "to a national opt-out model for long-term participation arrangements" in the My Health Record system.

The agreement precedes the release of findings from two pilot trials of opt-out enrolment systems, in North Queensland and NSW's Blue Mountains, which included nearly one million patients.

A little history…….

News.com.au, 11 September 2016:

THE man who led the dumped UK digital health record system has been put in charge of Australia’s bungled $1 billion e-health record and is being paid as much as the Prime Minister to fix it.

Former journalist Tim Kelsey will be paid a total remuneration package worth $522,240 a year, almost the same as Malcolm Turnbull and just shy of the $548,360 paid to the Chief of the Navy and more than the Chief Scientist, the head of the Fair Work Commission and the Inspector General of Taxation, a remuneration tribunal determination reveals.

The former NHS executive is an interesting appointment as CEO of the Australian Digital Health Agency because he was in charge of the UK digital health records scheme Care.data dumped by the UK’s National Health System in July.

The Department of Health stated that Mr Kelsey is uniquely suited to the role because of his experience with data and digital platforms in health and personal privacy.

The Care.data scheme to store patients’ medical information in a single database suffered multiple delays and was then scrapped after major problems emerged over patient confidentiality.

It was similar to Australia’s My Health Record that Mr Kelsey will now oversee.