Facebook allows real estate agents to place online advertisements with undisclosed racial exclusions

ProPublica, 28 October 2016:

Imagine if, during the Jim Crow era, a newspaper offered advertisers the option of placing ads only in copies that went to white readers.

That’s basically what Facebook is doing nowadays.

The ubiquitous social network not only allows advertisers to target users by their interests or background, it also gives advertisers the ability to exclude specific groups it calls “Ethnic Affinities.” Ads that exclude people based on race, gender and other sensitive factors are prohibited by federal law in housing and employment.

Here is a screenshot of a housing ad that we purchased from Facebook’s self-service advertising portal:

The ad we purchased was targeted to Facebook members who were house hunting and excluded anyone with an “affinity” for African-American, Asian-American or Hispanic people. (Here’s the ad itself.)

When we showed Facebook’s racial exclusion options to a prominent civil rights lawyer John Relman, he gasped and said, “This is horrifying. This is massively illegal. This is about as blatant a violation of the federal Fair Housing Act as one can find.”

The Fair Housing Act of 1968 makes it illegal "to make, print, or publish, or cause to be made, printed, or published any notice, statement, or advertisement, with respect to the sale or rental of a dwelling that indicates any preference, limitation, or discrimination based on race, color, religion, sex, handicap, familial status, or national origin.” Violators can face tens of thousands of dollars in fines.

The Civil Rights Act of 1964 also prohibits the “printing or publication of notices or advertisements indicating prohibited preference, limitation, specification or discrimination” in employment recruitment.

Facebook’s business model is based on allowing advertisers to target specific groups — or, apparently to exclude specific groups — using huge reams of personal data the company has collected about its users. Facebook’s microtargeting is particularly helpful for advertisers looking to reach niche audiences, such as swing-state voters concerned about climate change. ProPublica recently offered a tool allowing users to see how Facebook is categorizing them. We found nearly 50,000 unique categories in which Facebook places its users.

Facebook says its policies prohibit advertisers from using the targeting options for discrimination, harassment, disparagement or predatory advertising practices.

“We take a strong stand against advertisers misusing our platform: Our policies prohibit using our targeting options to discriminate, and they require compliance with the law,” said Steve Satterfield, privacy and public policy manager at Facebook. “We take prompt enforcement action when we determine that ads violate our policies."

Satterfield said it’s important for advertisers to have the ability to both include and exclude groups as they test how their marketing performs. For instance, he said, an advertiser “might run one campaign in English that excludes the Hispanic affinity group to see how well the campaign performs against running that ad campaign in Spanish. This is a common practice in the industry.”

He said Facebook began offering the “Ethnic Affinity” categories within the past two years as part of a “multicultural advertising” effort.

Satterfield added that the “Ethnic Affinity” is not the same as race — which Facebook does not ask its members about. Facebook assigns members an “Ethnic Affinity” based on pages and posts they have liked or engaged with on Facebook.

When we asked why “Ethnic Affinity” was included in the “Demographics” category of its ad-targeting tool if it’s not a representation of demographics, Facebook responded that it plans to move “Ethnic Affinity” to another section.

Facebook declined to answer questions about why our housing ad excluding minority groups was approved 15 minutes after we placed the order.

By comparison, consider the advertising controls that the New York Times has put in place to prevent discriminatory housing ads. After the newspaper was successfully sued under the Fair Housing Act in 1989, it agreed to review ads for potentially discriminatory content before accepting them for publication.

Australia and New Zealand successful in gaining IWC review of process by which 'scientific' slaughter of Antarctic whales is allowed to continue

Antarctic Minke whale

On 28 October 2016 the International Whaling Commission (IWC) considered a draft resolution by Australia and New Zealand seeking to improve the review process for whaling under special permit. 

Special permits being the mechanism used by the Government of Japan to continue its annual slaughter of whales in the Southern Ocean for the commercial benefit of a domestic niche market for whale meat for human consumption and for the Japanese pet food industry.

The resolution was passed.

IWC, 27 October 2016:

Governments on all sides of the scientific whaling debate highlighted the positive and constructive spirit of negotiations on a Resolution on Improving the Review Process for Whaling under Special Permit, but ultimately agreement could not be reached and the Resolution was put to a vote which adopted the Resolution with 34 yes votes, 17 no votes and 10 abstentions.  Amongst the measures included is the establishment of a new Commission Working Group to consider Scientific Committee reports and recommendations on this issue.

Excerpt from the final version of Resolution 2016-2 - Resolution on Improving the Review Process for Whaling under Special Permit:

“Now, therefore the Commission:

1. Agrees to establish a Standing Working Group (“the Working Group”), in accordance with Article III.4 of the Convention. The Working Group will be appointed by the Bureau on the basis of nominations from Contracting Governments, to consider the reports and recommendations of the Scientific Committee with respect to all new, ongoing and completed special permit programmes and report to the Commission, in accordance with the Terms of Reference contained in the Appendix to this resolution.

2. Agrees that the discussion of special permit programmes be afforded sufficient priority and time allocation to allow for adequate review at both Commission and Scientific Committee meetings;

3. In order to facilitate the Commission’s timely and meaningful consideration of new, ongoing and completed special permit programmes, Requests Contracting Governments to submit proposals for new special permit programmes, and review documentation for ongoing and completed special permit programmes, at least six months before the Scientific Committee meeting held in the same year as a Commission meeting (see the indicative process set out in paragraph 9 of the Appendix);

4. In order to facilitate the Scientific Committee’s review of new, ongoing and completed special permit programmes, Requests Contracting Governments to provide members of the Scientific Committee unrestricted and continuing access to all data collected under special permit programmes that are:

a. used in the development of new programmes; or

b. included in ongoing or final programme reviews. Data made available in accordance with this request shall be used only for the purposes of evaluation and review of special permit programmes.

5. Instructs the Scientific Committee to inform the Commission as to whether Scientific Committee members had unrestricted and continuing access to data collected under special permit programmes, and analyses thereof;

6. Further instructs the Scientific Committee to provide its evaluation of proposals to the Commission in the same year as a Commission meeting (regardless of when the Scientific Committee’s review commences), and to make necessary revisions to its procedures for reviewing special permit programmes, including Annex P, to incorporate the expectation that Contracting Governments will schedule any special permit programmes in accordance with the process outlined in paragraph 3;

7. Agrees that the Commission will consider the reports of the Scientific Committee and of the Working Group at the first Commission meeting after the Scientific Committee has reviewed the new, ongoing or completed special permit programme in question and, taking into account those reports, the Commission will: a. form its own view regarding:

i. whether the review process has adequately followed the instructions set out in Annex P and any additional instructions provided by the Commission ;

ii. whether the elements of a proposed special permit programme, or the results reported from an ongoing or completed special permit programme, have been adequately demonstrated to meet the criteria set out in the relevant terms of reference in Annex P, and any additional criteria elaborated by the Commission; and

iii. any other relevant aspect of the new, ongoing or completed special permit programme and review in question;

b. provide any recommendations or advice it considers appropriate to the responsible Contracting Government regarding any aspect of the new, ongoing or completed special permit programme, including affirming or modifying any proposed recommendations or advice proposed by the Scientific Committee.

c. provide any direction it considers appropriate to the Scientific Committee.

d. make public a summary of the Commission’s conclusions in this respect, by way of publication on the Commission’s website, within 7 days of the end of the Commission meeting.”

Background

The Sydney Morning Herald, 24 March 2016: 

Tokyo: Japan's whaling fleet returned on Thursday from its Antarctic hunt after a year-long suspension with a take of more than 300 whales, including pregnant females.

The International Court of Justice ruled in 2014 that Japan's whaling in the Southern Ocean should stop, prompting it to call off its hunt that season, although it said at the time it intended to resume later.

Japan then amended its plan for the next season to cut the number of minke whales it aimed to take by two-thirds from previous hunts.

Its fleet set out in December despite international criticism, including from important ally the United States.

The final ships of the four-vessel whaling fleet returned to Shimonoseki in southwestern Japan on Thursday, having achieved the goal of 333 minke whales, the Fisheries Agency said.

Of these, 103 were males and 230 were females, with 90 per cent of the mature females pregnant.

Australian Electoral Commission asks 18,343 voters to please explain.....

The Sydney Morning Herald, 19 October 2016:

More than 18,000 people have been asked to explain why they apparently voted more than once at the federal election.

Despite heavy fines and the risk of jail time for multiple voting, two people were marked off the electoral roll 11 times on July 2. 

A further two people had their names marked off five times, while four others had four marks and 51 people had three marks.

Australian Electoral Commissioner Tom Rogers told a Senate estimates hearing on Tuesday night 18,343 people have been asked to explain why their name was checked off more than once, with many expected to be in error.

The Commonwealth Electoral Act allows for fines of $10,800 or up to a year in jail for people convicted of multiple votes. Anyone found to have impersonated someone else at the ballot box faces up to six months in jail or a fine of $1800.

Before this year's election the AEC wrote to more than 4600 people with a prior history of apparent multiple voting to remind them of the law.

Mr Rogers said individuals who had two or more marks next to their name at the past two elections were sent warning letters.

"We wrote to a select group of people we thought may be at risk of not understanding their obligations under the Electoral Act," he said.

"We've never done that before.

"That was an attempt to demonstrate the seriousness with which we treat this particular issue." 

AEC officials will assess how many recipients of the letters are among those recorded as having their name marked off more than once. 

Website launched to remove Australian Human Rights Commission President Professor Gillian Triggs

This suburban home appears to be the West Australia headquarters of blendbox.com, nexus.vn, Easy Web Guy, Free Play Deals and presumably of one Bradley David Curnow who has recently registered the website www.gilliantriggsmustresign.com – a petition site dedicated to removing Australian Human Rights Commission President Professor Gillian Triggs from office.

One presumes that the decision to register this site was a commercial one on the part of Mr. Curnow acting on behalf of an as yet unknown client.

Though this tweet by Nationals Chief Whip and their MP for Dawson George Christensen may point to the particular group behind this political attack on a senior public servant.

BACKGROUND

Whois Record ( last updated on 2016-10-29 )

Domain Name: GILLIANTRIGGSMUSTRESIGN.COM
Registry Domain ID: 2069347586_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.enom.com
Registrar URL: www.enom.com
Updated Date: 2016-10-26T18:40:33.00Z
Creation Date: 2016-10-27T01:40:00.00Z
Registrar Registration Expiration Date: 2017-10-27T01:40:00.00Z
Registrar: ENOM, INC.
Registrar IANA ID: 48
Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID:
Registrant Name: BRADLEY CURNOW
Registrant Organization: NEXUS VIRTUAL NETWORK
Registrant Street: 20 BARNSBURY RD
Registrant Street: WARWICK
Registrant City: PERTH
Registrant State/Province: WA
Registrant Postal Code: 6024
Registrant Country: AU
Registrant Phone: +42.2949968
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: 
Registry Admin ID:
Admin Name: DOMAIN HOSTMASTER
Admin Organization: MELBOURNE IT LTD
Admin Street: LEVEL 2, 469 LA TROBE STREET
Admin City: MELBOURNE
Admin State/Province: VIC
Admin Postal Code: 3000
Admin Country: AU
Admin Phone: +61.299340510
Admin Phone Ext:
Admin Fax: +61.86242434
Admin Fax Ext:
Admin Email: 
Registry Tech ID:
Tech Name: BRADLEY CURNOW
Tech Organization: NEXUS VIRTUAL NETWORK
Tech Street: 20 BARNSBURY RD
Tech Street: WARWICK
Tech City: PERTH
Tech State/Province: WA
Tech Postal Code: 6024
Tech Country: AU
Tech Phone: +61.422949968
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: 
Name Server: NS10.NATIONBUILDER.COM
Name Server: NS11.NATIONBUILDER.COM
Name Server: NS12.NATIONBUILDER.COM
Name Server: NS13.NATIONBUILDER.COM
DNSSEC: unSigned
Registrar Abuse Contact Email: 
Registrar Abuse Contact Phone: +1.4252982646
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/

CHILD SEXUAL ABUSE: Is Australian Cardinal George Pell about to reluctantly prove that old saying that "You can run but you can't hide"?

Auxiliary Bishop of the Archdiocese of Melbourne George Pell accompanying known paedophile priest Gerard Ridsdale to Melbourne Magistrate's Court, 1993

Victorian Police interview Australian Cardinal George Pell who now resides in Italy under the legal protection of the Vatican state……

The Guardian, 26 October 2016:

Victoria Police have travelled to Rome and interviewed Cardinal George Pell about historic allegations of sexual assault.

Three police flew to Italy last week where Cardinal Pell “voluntarily participated in an interview”, a police spokeswoman said in a statement on Wednesday.

As a result of the interview, further investigations are continuing. Police said they could not comment further.

A spokeswoman for Pell confirmed to Guardian Australia that he was interviewed.

“The Cardinal repeats his previous rejection of all and every allegation of sexual abuse and will continue to co-operate with Victoria Police until the investigation is finalised,” she said.

“The Cardinal has no further comment at this time.”

Leonie Sheedy, the chief executive officer of the survivor support group Care Leavers Australasia Network, said the police interview with Pell was “long overdue”.

“It’s about time Australia’s most senior Catholic was interviewed by the police,” she said.

In July, the chief commissioner of Victoria police, Graham Ashton, confirmed allegations against Pell had been referred to the Office of Public Prosecutions for a recommendation as to whether police should drop the investigation, investigate further or lay charges.

The Royal Commission into Institutional Responses to Child Sexual Abuse has received a submission alleging that Cardinal Pell was not always truthfulful when giving sworn evidence.....

The Australian, 31 October 2016:

The child sex abuse royal commission has been told to reject evidence from Cardinal George Pell, the world’s third most senior Catholic.

In submissions by counsel assisting to case study 35 into the Melbourne Archdiocese, Gail Furness SC and Stephen Free submitted that the commission should reject Cardinal Pell’s evidence that he was intentionally deceived by the Catholic Education Office regarding former priest Peter Searson.

They submitted the CEO should have done much more to respond to the obvious threat posed by Searson, however there was no evidence any of the officer at any time intentionally concealed from the Archdiocese information that it received about Searson.

“Nor is there any evidence, or logical reason, despite the theory advanced by Cardinal Pell, that the CEO or any of its officers wished to keep Searson in Doveton and were resistant to any moves to the contrary,” they said.

“The matters known to Cardinal Pell on his own evidence ... were sufficient that he ought reasonably to have concluded that more serious action needed to be taken in relation to Searson.”

Ms Furness and Mr Free submitted Cardinal Pell’s failure to take action, like other senior officials in the Archdiocese, missed an important opportunity to recognise and deal with the serious risks posed by Searson.

Counsel for Cardinal Pell responded to the submissions by saying he should be treated with the same level of fairness as any other person involved in the matters being considered by the royal commission.

“Notwithstanding Bishop Pell had nowhere near the level of knowledge that Victoria Police had about Searson, CA Submissions seek findings against him which are more critical and extensive than any recommended against Victoria Police,” he submitted.

Searson was accused of sexual misconduct and showing a handgun to children among a series of accusations while a parish priest under effective control of now Cardinal Pell.

The misconduct occurred in the Doveton parish, in Melbourne’s outer south-east, in the 1980s and were dealt with by Cardinal Pell in the years before he became Archbishop of Melbourne.

Herald Sun, 31 October 2016:

CARDINAL George Pell was involved in shuffling paedophile priests between parishes, the child sex abuse royal commission has been told.

In their submissions to the Royal Commission into Institutional Responses to Child Sexual Abuse, counsel assisting Gail Furness SC and Stephen Free said that Cardinal Pell had been involved in moving paedophile priests as a consultor to then Ballarat bishop Ronald Mulkearns.

Mulkearns oversaw the movement of several paedophile priests, including the notorious Gerard Ridsdale.

“It follows that the conduct of any consultor who agreed to move Ridsdale, or indeed any priest, with knowledge of allegations of child sexual abuse made against them, is unacceptable,” they said.

While the submissions urge the commission to clear Cardinal Pell of wrongdoing over a string of allegations, they urge some of his evidence be rejected.

In his testimony to the commission in March, Cardinal Pell said he was the victim of a widespread deception, lasting decades, that kept him in the dark about child abuse.

He said in particular allegations of serious violent and sexual misconduct by Doveton priest Peter Searson were hidden from him while an auxiliary bishop.

But the commission has been told there was no evidence that anyone intentionally concealed anything from the Archdiocese.

ABC News, 31 October 2016:

In her submissions to the Royal Commission into Institutional Responses to Child Abuse, Counsel Assisting Gail Furness SC also stated she believed the evidence of a number of witnesses in the Ballarat and Melbourne dioceses instead of Cardinal Pell's in relation to the Cardinal being told by children and adults of inappropriate clerical conduct towards children in the 1970s and 1980s.

Counsel Assisting has found that Cardinal Pell, along with a number of other priestly consultors to Bishop Ronald Mulkearns of the Ballarat diocese, knew notorious serial paedophile priest Gerald Ridsdale was being moved from parish to parish because he was sexually abusing children, despite the Cardinal's strong denials.

Ridsdale was moved from parish to parish and allegations about his behaviour were never sent to police.

BACKGROUND

Excerpts from Submissions Of Counsel Assisting The Royal Commission, Case STUDY 35, THE CATHOLIC ARCHDIOCESE OF MELBOURNE:

Cardinal George Pell

A Cardinal, who has held the following appointments:

Priest, Ballarat Diocese (1966 – 1985)

Rector, Corpus Christi College, Weribee (1985 – 1987)

Auxiliary Bishop of the Archdiocese of Melbourne (1987 – 1996)

Archbishop of Melbourne (1996 - 2001)

Archbishop of Sydney (2001 – 2014), and

Prefect of the Secretariat for the Economy for the Holy See (2014 – present)....

619 It is submitted that the Commission should reject Cardinal Pell’s evidence that officers of the CEO intentionally deceived him and did so for the reasons suggested by Cardinal Pell. Those CEO officers who are available to give evidence about these matters gave evidence to the effect that they had no interest in deceiving Cardinal Pell or in trying to protect Searson. That evidence should be accepted. It is generally consistent with other evidence available to the Royal Commission. As submitted elsewhere, the CEO did not (both before and after 1989) effectively communicate their views that Searson posed a risk to children. The CEO also took an unreasonable attitude to such matters as the need for substantiation of claims and the making of formal complaints. The CEO officers who received information from time to time about Searson, and Monsignor Doyle in his general supervisory role, should have done much more to respond to the obvious threat posed by Searson. However, there is no evidence of the CEO or any of its officers having at any time intentionally concealed from the Archdiocese information that it had received about Searson. Nor is there any evidence, or logical reason, despite the theory advanced by Cardinal Pell, that the CEO or any of its officers wished to keep Searson in Doveton and were resistant to any moves to the contrary. The Royal Commission should find that the CEO officers had no motive to deceive Cardinal Pell and did not do so. 

620 Cardinal Pell was briefed by CEO officials, including Mr Lalor, prior to meeting with the teachers. There is insufficient evidence available to the Royal Commission to make a finding as to the particular information that was conveyed to Cardinal Pell in that briefing. It included at least information that there had been an allegation of sexual misconduct by Searson. 

621 However, given the significant concerns held by the CEO, it is inconceivable that in the briefing to Cardinal Pell, Mr Lalor deliberately held back any relevant information. 

622 The matters known to Cardinal Pell on his own evidence (being the matters on the list of incidents and grievances and the ‘non-specific’ allegation of sexual misconduct) were sufficient that he ought reasonably have concluded that more serious action needed to be taken in relation to Searson. One option was for Searson to be removed or suspended as parish priest. At the very least a thorough investigation needed to be undertaken as to the veracity of the complaints, in particular the allegation of sexual misconduct. It appears that Cardinal Pell concluded that no such action was required because the teachers did not ask for Searson to be removed. That was not a satisfactory response. It was incumbent on Cardinal Pell, having regard to his responsibilities as Auxiliary Bishop, including for the welfare of children in the parish, to take such action as he could to advocate that Searson be removed or suspended, or, at least, that a thorough investigation be undertaken. While the authority to remove Searson from his role as parish priest lay with the Archbishop, Cardinal Pell had direct access to the Archbishop, including through the Curia. It was within his power to investigate the matters further and it was also within his power to urge the Archbishop to take action against Searson. Cardinal Pell’s evidence was that he could not recall recommending a particular course of action to the Archbishop and he conceded that he could have been ‘a bit more pushy’ with all the parties involved. That concession was properly made. Cardinal Pell should also have taken direct action of his own to investigate the veracity of the complaints, in particular the allegation of sexual misconduct. His failure to take any such action meant that Cardinal Pell, like other senior officials in the Archdiocese before and after him, missed an important opportunity to recognise and deal with the serious risks posed by Searson. Cardinal Pell and other senior Archdiocesan officials failed to exercise proper care for the children of Doveton…..

708 It was put to Cardinal Pell that by 1993 it was notorious among priests that Searson was a serious problem and he would have learnt that too, and he said ‘Yes, I knew he was a serious problem.’ He said, however, he did not come to the conclusion that he should not be a priest and he accepted the ‘official position’ that there was not sufficient evidence to remove him.⁹¹⁵

709 The allegation that Searson had held a knife to a girl’s chest was admitted by Searson. The incident was known to a number of staff of the CEO, the Vicar General (Monsignor Cudmore), the Archbishop and the Curia. It added to information already known to a number of senior members of the Archdiocese that Searson was a danger to the safety and well-being of children......

115 Cardinal Pell said of the consultors ‘what I am saying is that they had no official role in providing such advice. It was advice that was sought and was given, but it’s quite clear that it’s nothing like a cabinet decision.’¹²⁹

116 Irrespective of the competencies of the College of Consultors and its predecessor the Diocesan Consultors as set out in the codes of canon law, the evidence of Archbishop Hart and Cardinal Pell was that they had the capacity to advise the Archbishop in relation to the placement of priests. Whether or not that was an official capacity, as Cardinal Pell said, advice was sought and it was given.

Cardinal George Pell's response:

Submissions of Cardinal Pell

Senators falling like skittles in Canberra

On 1 November 2016  it was the announcement that it was the intention of the Turnbull Government and  Australian Parliament to challenge the validity of the election of Family First Senator for South Australia Bob Day in the High Court on the basis of a potential non-direct pecuniary interest through Fullarton Investments Pty Ltd.

One day later and a similar announcement is made concerning One Nation Senator for West Australia Rod Cullerton in relation to a criminal conviction for larceny prior to the 2016 federal election.

UNCLASSIFIED

SENATOR THE HON GEORGE BRANDIS QC

ATTORNEY-GENERAL

LEADER OF THE GOVERNMENT IN THE SENATE

MEDIA RELEASE­

Senator Rod Culleton

Last Saturday, I wrote to the President of the Senate, the Hon Stephen Parry, to draw to his attention an Opinion which I had received from the Solicitor-General concerning the election of Senator Rod Culleton as a Senator for Western Australia.  I received the Opinion late on Friday, 28 October 2016.  I also provided a copy of the Opinion to Senator Culleton.

The opinion was sought by me on 13 October 2016 in view of issues raised in proceedings commenced in the High Court against Senator Culleton by Mr Bruce Bell. 

It appears that the proceedings brought by Mr Bell are based on an allegation that, at the time of the last election, Senator Culleton had been convicted of an offence punishable by a sentence of imprisonment for one year or longer, and was therefore “incapable of being chosen” as a Senator under section 44(ii) of the Constitution.

The President of the Senate has written to me today to advise that he proposes to bring the matter to the attention of the Senate when it sits on 7 November 2016.  At that time, the Government will initiate a referral of the matter to the High Court pursuant to section 376 of the Commonwealth Electoral Act.

2 November 2016

Yet another example of why the Australian Government's desire for the ultimate big data pool of citizen' personal information is a bad idea

This time it was the Australian Red Cross releasing 1.28 million donor records, containing first name, last name, gender, physical address, email address, phone number, date of birth, blood type, previously blood donations, country of birth, when record was created, type of donation, date of donation and donor eligibility answers including any sexually transmitted disease or drug use history.

This information was publicly available for viewing and download from 5 September to 26 October 2016.

           

IT News, 28 October 2016:

More than one million personal and medical records of Australian citizens donating blood to the Red Cross Blood Service have been exposed online in the country’s biggest and most damaging data breach to date.

A 1.74 GB file containing 1.28 million donor records going back to 2010, published to a publicly-facing website, was discovered by an anonymous source and sent to security expert and operator of haveibeenpwned.com Troy Hunt early on Tuesday morning.

The database was uncovered through a scan of IP address ranges configured to search for publicly exposed web servers that returned directory listings containing .sql files.

The contents of the 'mysqldump' database backup contains everything from personal details (name, gender, physical and email address, phone number, date of birth and occasionally blood type and country of birth) to sensitive medical information, like whether someone has engaged in at-risk sexual behaviour in the last year.

The database collected information submitted when an individual books an appointment - either on paper or online - to donate blood. The process requires donors to enter their personal details and fill out an eligibility questionnaire.

It does not contain data on blood reports or analyses, or responses to the full donor questionnaire all blood bank visitors are required to fill out at the time of their donation.

The database was published on the webserver of a Red Cross Blood Service technology partner that maintains the service's website, not the organisation’s www.donate.blood.com.au site where online bookings are made.

"This is a seriously egregious cock-up - this should never happen," Hunt told iTnews.

"There are no good reasons to put database backups on a publicly-facing website." The issue was compounded by the fact that directory browsing was enabled on the server, he said.

The file was removed on Wednesday. Hunt said there was no evidence of it having been accessed by anyone else, and both he and the anonymous source had deleted their copies.

Australia’s computer emergency response team, AusCERT, has been working with the Red Cross after being notified to the breach by Hunt on Tuesday.

The Red Cross indicated around 550,000 individual donors were impacted.

It attributed the issue to "human error" and said it was "deeply disappointed" to be in this position.

The service has started notifying affected donors today.

The Australian, 29 October 2016:

The Red Cross admitted it did not know how many people had accessed the information, which was publicly available from September 5 until Wednesday.

The breach was revealed by an unknown person who alerted Microsoft employee Troy Hunt, who runs a data breach notification service. Mr Hunt reported the breach to cyber-threat group AusCert, which in turn alerted the Red Cross.

The incident is being investigated by the Australian Federal Police, the Department of Health and the Australian Privacy ­Commission.

Red Cross Blood Service chief executive Shelly Park yesterday urged people to continue ­donating blood, saying information was now secure. “To our knowledge, all known copies of the data have been ­deleted. However, investigations are continuing,” Ms Park said.

But Mr Hunt said there was no guarantee the information had been completely erased, adding the breach was the latest ­illustration of how basic mistakes are key contributors to ­personal data being accessed by others.

“There was nothing new in how this data was accessed, this was just plain, old stupidity,” he said. “The real question this raises is should this data have been ­retained in the first place and why a third party needed the information at all.”

According to breachlevelindex.com in the first half of 2016 the Asia Pacific Region experienced 76 significant data breaches, 22 of which were in Australia.

Earlier this year: a Menulog exposed breach exposed 1.1 million records containing customer names, addresses, order histories and phone numbers [the exact quote in the CIO Australia article linked to here was "suffered from a breach of 1.1 million records leaving customer names, addresses, order histories and phone numbers exposed"- The Ideas Suite public relations agency acting on behalf of Menulog 
contacted North Coast Voices and would prefer to characterize this breach as "A former Menulog employee stumbled upon the private details of the company's customers, including customer names and email addresses". It is noted that the journalist quoted does not appear to have been asked by this agency to amend the original 21 September 2016 CIO Australia article as it remains as first published]; a malicious hacked dump of 67,118 Shadi.com customer records, recruitment agency Sarina Russo exposed client financial records which were dumped in a bin next to the office; disability information on nearly 7,000 current/former Sydney University students was exposed; customer accounts details on The Sydney Morning Herald and The Age digital editions, the Do Not Call Register and industry group CompTIA were also breached.

Also in 2016: the Australian Bureau of Statistics released contact names linked to more than 5,000 Queensland businesses in what was described as a “human error”; the Health Department was forced to remove data from its website amid an investigation into whether personal information has been compromised; and the Australian Public Service Commission confirmed it had withdrawn data gathered in its massive annual employee census from public view – but not before the data set containing the details of 96,700 federal public servants has been accessed by unknown persons 58 times. The Queensland Dept. of Premier and Cabinet and Dept. of Tourism were also maliciously hacked - along with the Maitland office of the NSW Dept. of Resources and Energy. 

In the 2015-16 financial year Victoria Police had 453 "information security incidents"  - up 36 per cent on the year before, with 27 incidents of police officers inappropriately accessing computer systems (including the Law Enforcement Assistance Program LEAP) and 40 instances of police data released without authorisation.

In 2015 K-Mart Australia’s online shopper database was hacked. Payroll systems were breached, harvesting extensive personal details (including names, address, dates of birth, tax file numbers, bank account details, gross earnings and superannuation funds and membership numbers) of up to 500 workers a day and the information used to lodge fraudulent tax returns with the Australian Taxation Office.

Additionally in 2015 Telstra customer’s admin and user credentials were stolen - including those of the Australian Federal Police. Similarly, the Patagonia Clothing Company, Aussie Farmers, David Jones, Queensland TAFE experienced data breaches where personal information was hacked and, 31,140 Optus customers’ had their personal and credit history information publicly posted on the website freelancer.com by the debt collection agency ARC Merchantile.

In 2014 Centrelink left revealing personal and financial details of clients lying around at a suburban railway station and the Department of Immigration and Border Protection unlawfully disclosed the personal information of approximately 9,250 asylum seekers by publishing a word document on a public page of the department’s website.

An estimated 800 million records were lost in 2014, mainly through cyber-attacks, and such attacks are thought to cost large Australian enterprises an average of $8.3 million a year.

With this unhealthy mix of ongoing institutional incompetence and determined malicious hacking risking the privacy of so much personal information, is it any wonder that concerned individuals look on the Turnbull Government’s drive to create a national database - which it will continuously update with additional medical, legal, financial, social and family information on each person born and/or residing in this country – as a gigantic honey hive ripe for the robbing?

Oh, and in case social media users are feeling comfortable about their own privacy on major online platforms – in June 2016 the Facebook application known as Uiggy was hacked and 4.3 million accounts were exposed along with names, genders, and Facebook IDs (2.7 million of which had email addresses against them) and on 27 October 2016 there was a Pastebin dump of 32 million Twitter accounts along with an invitation to use the details to hack further.