Tuesday, 19 December 2017

Turnbull Government's data retention privacy blunder just rolls on and on...


“If data can be re-identified with no more than SQL, there's no "if" about a leak, and the "when" is history.” [Journalist Richard Chirgwin, Twitter 18 December 2017]

“But why are medical records so attractive? Well, it turns out that there’s a metaphorical holiday feast of enticing data served up in your average health record. Family history, demographic data, insurance information, medications, etc. means there’s enough information to completely steal an individual’s identity and commit medication fraud, financial fraud, insurance fraud and a wide array of other crimes. When this very private, unchangeable information gets into the wrong hands, devastation can ensue.” [Robert Lord writing in Forbes, 15 December 2017]

First the Australian general public were told that patient data was well protected and data breaches wouldn't happen as a result of government's drive to collect, cross-match and retain as much information about each and every Australian citizen/permanent resident as possible.

Then when the inevitable day came where poor data security was laid bare - as the personal histories of 550,000 blood donors were placed on an insecure computer and accessed, as Medicare details began to be offered for sale on the Internet's dark web and Medicare itself became careless with its encryption -  the public was told in the first instance that misuse was unlikely, in the second instance that personal medical information couldn't be accessed and that patients couldn't really be individually identified in the third instance where a billion line encrypted data set was publicly released.

After that the Turnbull Government assured the population that it would create legislation which would make it illegal for anyone to de-encrypt anonymised data and create a Notifiable Data Breaches scheme.

We were all going to be safe once more in the arms of the Turnbull Government.

Now the cat is out of the bag, because that billion-line 30 year's worth of personal health information about est. 3 million people just won't stay in the back of the ministerial cupboard where Greg Hunt shoved it.

 [Fairfax journalist Ben GrubbTwitter 18 December 2017]

The Sydney Morning Herald, 18 December 2017:

One in ten Australians' private health records have been unwittingly exposed by the Department of Health in an embarrassing blunder that includes potentially exposing if someone is on HIV medication, whether mothers have had terminations, or if mentally unwell people are seeing psychologists.

A report, published on Monday by Dr Chris Culnane, Dr Benjamin Rubinstein and Dr Vanessa Teague from the University of Melbourne's School of Computing and Information Systems, outlines how de-identified historical health data from the Australian Medicare Benefits Scheme (MBS) and the Pharmaceutical Benefits Scheme (PBS) released to the public in August 2016 can be re-identified using known information about the person to find their record.

The study reveals unique patient records matching the online public information of seven prominent Australians, including three (former or current) MPs and an AFL footballer. While a unique match may not always be accurate, Dr Rubinstein said there was the possibility to improve confidence by cross-referencing other data.

"Because only 10 per cent of Australians are included in the sample data, there can be a coincidental resemblance to someone who isn't included," he said.

"We can improve confidence by cross-referencing with a second dataset of population-wide billing frequencies. We can also examine uniqueness according to the characteristics of commercial datasets we know of, such as bank billing data."…….

Privacy analyst and Lockstep consultant Stephen Wilson said the breach damaged public confidence in health policy makers and data custodians.

"It's a huge breach of trust," he said.

"Promises of 'de-identification' and 'anonymisation' made by health officials, and ABS too in connection with census data releases, have been shown to be erroneous.

"The ability to re-identify patients from this sort of public release is frankly, in my view, catastrophic. Real dangers are posed to patients with socially difficult conditions.

"It beggars belief that any official would promise 'anonymity' any more. These promises cannot be kept."

Computer security researcher Troy Hunt said re-identification of anonymised records was attractive to researchers and nefarious parties alike.

"In this case, clearly more work needs to be done to protect individuals' identities,' he said. "My hope is that the government embraces responsible research like this and strives to improve confidentiality rather than penalise those seeking to report deficiencies such as this."

The federal Department of Health was notified about the issue December last year.

"The Department of Health takes this matter very seriously and had already referred this to the Privacy Commissioner," a Department of Health spokesperson told Fairfax Media......

Meanwhile, the Office of the Australian Information Commissioner, which houses Australia's privacy commissioner, said it was investigating the publication of the datasets.

"The investigation was opened under section 40(2) of the Australian Privacy Act 1988 (Privacy Act) in late September 2016 when the Department of Health notified the OAIC that the datasets were potentially vulnerable to re-identification," a spokesperson said.

"Given the investigation into the Medicare Benefits Scheme (MBS) and Pharmaceutical Benefits Scheme (PBS) datasets is ongoing, we are unable to comment on it further at this time.

However, the commissioner will make a public statement at the conclusion of the investigation."

The OAIC said it continued to work with Australian government agencies to enhance privacy protection in published datasets.....

Australian Labor Party will not support Social Services Legislation Amendment (Cashless Debit Card) Bill 2017 in its current form


Labor MP for Jagajaga and Shadow Minister for Families and Social Services Jenny Macklin, media release. 5 December 2017:

CASHLESS DEBIT CARD

Federal Labor will support the continuation of the existing cashless debit card trial sites in Ceduna and the East Kimberley. 

However Labor will not support the rollout of the cashless debit card to the two new proposed sites of Bundaberg and the Goldfields due to insufficient consultation with these communities, and the widespread criticism of the evaluation and the effectiveness of the card.

After conducting our own consultations with people in Bundaberg and the Goldfields and hearing evidence from the Senate Inquiry, it has become clear that Labor cannot support Social Services Legislation Amendment (Cashless Debit Card) Bill 2017 in its current form. 

Labor believes that there is insufficient credible evidence at this point to support the establishment of further trials of the cashless debit card. 

The flawed Orima Evaluation of the existing trials in Ceduna and the East Kimberley was inconclusive.

The Orima evaluation was subject to detailed criticism from leading academics, including Dr Janet Hunt from ANU, who said the evaluation does: “not present adequate evidence of the trial leading to successful outcomes for participants…. it is impossible to have confidence that the trial actually succeeded.”

Given the significant cost of the trials, an accrued cost of around $25.5 million or about $12,000 per participant, we must be sure that the cashless card can deliver its stated objectives. 

We have consistently said that we will take a community-by-community approach to the further rollout of the cashless debit card. 

Labor also has concerns that two years is not long enough for communities to determine whether there has been any real benefit from the introduction of the cashless debit card.

We are hearing that the communities in the existing trial sites want to continue using the card, and see the trial through.  

We will continue to support the continuation of the trials in Ceduna and the East Kimberley for these reasons. 

Labor will move amendments to the Bill to extend the end date for the trials in Ceduna and the East Kimberley to 30 June 2019 so that a proper evaluation can take place over a longer trial period. 

We have always said that we are supportive of community driven initiatives designed to tackle chronic alcohol abuse. But they must be genuinely community driven and not be part of a top-down approach. 

Labor understands that entrenched disadvantage cannot, and will not, be solved by income management alone. That’s why we have always advocated for the Government to provide additional wraparound supports to participating communities. 

We are calling on the Senate to support our amendment that funding for these vital wraparound service be guaranteed in the legislation. 

In future, Labor will only consider the introduction of any new trial sites if the Government can show that the community have agreed through a formal consultation process with the community, as well as an agreed definition of consent, and have established an evidence base through a robust and credible evaluation.

The Turnbull Government’s Social Services Legislation Amendment (Cashless Debit Card) Bill 2017 progressed as far as it second reading and was referred to the Senate Community Affairs Legislation Committee for inquiry and report.

The final report has a single line recommendation and also contains two dissenting opinions by Labor and the Australian Greens.

The bill returns to the House of Representatives in the new year.

Labor has now baulked but is unlikely to prevail given it doesn’t have the numbers in the lower house.

Monday, 18 December 2017

Five years on and the Royal Commission into Insitutional Responses to Child Sexual Abuse formally closes


Then Australian Labour Prime Minister Julia Gillard announced her intention to call a royal commission into child sexual abuse on 12 November 2012.

By 11 January 2013 six commissioners had been appointed and on 3 April 2013 the first of fifty-seven public hearings was underway.

These public hearings conducted 57 case studies, 30 of which examined responses to child sexual abuse in religious institutions.

The Royal Commission into Institutional Responses to Child Sexual Abuse formally closed on 15 December 2017 when it presented its final report to the Governor-General.

By that time the Royal Commission had heard evidence from nearly 8,000 historic abuse survivors with 6,875 survivors being heard in private sessions, of whom 4,029 (58.6 per cent) spoke about child sexual abuse in religious institutions. 

There were more allegations of child sexual abuse in relation to the Catholic Church than any other religious organisation, followed by the Anglican Church, The Salvation Army and others.  

ABC News created this graph on 15 December 2017:



During the course of its investigation the Royal Commission referred 2,575 matters to authorities, including to police.

The full 17 volume Final Report can be read here.

It is worth noting that the Turnbull Government has introduced a bill allowing child sexual abuse survivors who experienced abuse in government or participating non-government institutions to claim up to $150,000 compensation. 

The Commonwealth Redress Scheme for Survivors of Institutional Child Sexual Abuse commences on 1 July 2018 and operates for ten years. However it intends to deny compensation to any survivors who have have themselves been convicted of sex offences, or sentenced to prison terms of five years or more for crimes such as serious drug, homicide or fraud offences. A measure likely to exclude thousands of child abuse survivors - if the fact that 10.4% of survivors were in prison at the time they were heard in Royal Commission private session is any guide.

It is further noted that elements within the Catholic Church in Australia intend to resist certain recommendation in the Royal Commission's final report - particularly Recommendation 7.4 relating to reporting of child sexual abuse admissions/allegations heard during confession.

Three days after the Royal Commission's final report was published the Diocese of Ballarat gave up the pretence of empathy it donned for the duration of the inquiry and cut hundreds of brightly coloured ribbons off the fence at St Patrick's Cathedral placed there by abuse victims, their friends, families and supporters.

And right-wing politicians still wonder why the general public is in favour of a genuine federal royal commission into banks and bankers?


Is it any wonder reading this that the Australian Government was finally compelled to call  a royal commission into banks and banking practices commencing in 2018.

ABC News, 14 December 2017:

The Commonwealth Bank's ongoing woes around alleged systematic money laundering operations by criminal gangs and terrorists have deepened, with fresh claims the contraventions are continuing.

The allegations were raised as AUSTRAC filed a further 100 alleged breaches of Anti-Money Laundering/Counter Terrorism Financing (AML/CTF) as part of the existing Federal Court proceeding being run by the Government's financial transactions watchdog.

In one case, a client who had been convicted of terrorism charges in Lebanon, and was known to have tried to organise funding for terrorist acts in Australia, was given 30 days' notice of the closure of his CBA account before AUSTRAC was even alerted.

He also managed to withdraw funds from the account more than a week after it was supposedly closed.

"On 20 July 2017, CommBank erroneously processed a transfer of $5,000 from CommBank Account 184 [the alleged terrorist funder] to an account held by Person 138 [his brother] in Lebanon in spite of suspecting terrorism financing in relation to an identical attempted transfer on 19 June 2017," AUSTRAC's new court statement alleged….

Royal Commission Into Misconduct In The Banking, Superannuation And Financial Services Industry, Draft Terms of Reference, 30 November 2017.

Sunday, 17 December 2017

In Australia 90% of the population read news media


Excerpt from AUSTRALIAN NEWSPAPER HISTORY GROUP, NEWSLETTER No. 95, December 2017:

The Australian Financial Review’s weekday edition increased its print readership by 14.9 per cent to 347,000 people during the 12 months ending in August. The AFR Weekend rose 4.8 per cent to 130,000 people. The weekday Australian increased its print readers by 5.6 per cent in the past 12 months. The paper’s weekday audience rose 26,000 to 494,000, while the Weekend Australian was up 2.8 per cent to 590,000 for the 12 months ending in August, according to the Enhanced Media Metrics Australia statistics.

The Sydney Morning Herald fell 3.5 per cent to 640,000 people Monday to Friday, while its Saturday edition was down 8.4 per cent to 655,000. In Melbourne, weekday print readership of News Corp’s Herald Sun fell 5.1 per cent to 1.190 million, while the paper’s Saturday edition dropped 7.3 per cent to 974,000 readers. The Age fell 8.7 per cent to 549,000 readers, with the Saturday edition down 11.4 per cent to 522,000.

The Australian’s total combined audience across print and digital platforms was 3.159 million, down 4.1 per cent on the year. Sydney’s Daily Telegraph was the best performing of the state-based News Corp papers, with its Monday-to-Friday edition up 1 per cent to 1.003 million readers; its Saturday edition rose 4.7 per cent to 798,000 readers. The Sunday Telegraph print readership fell 5 per cent to 1.027 million readers.

Emma found 13.1 million Australians — 70 per cent of the population — read news media electronically on smartphones, tablets, mobiles or computers. Across all platforms, including print, news media was read by 16.7 million people, 90 per cent of the population.

Shark management on the NSW North Coast


Senate Environment and Communications References Committee, Inquiry Report, Shark mitigation and deterrent measures, December 2017:

List of recommendations
Recommendation 1
8.19 The committee recommends that the New South Wales and Queensland Governments:
* immediately replace lethal drum lines with SMART drum lines; and
* phase out shark meshing programs and increase funding and support for the development and implementation of a wide range of non-lethal shark mitigation and deterrent measures.
8.20 The committee further recommends that the Australian Government pursue this recommendation at a future Meeting of Environment Ministers.
Recommendation 2
8.28 The committee recommends that, while state government lethal shark control programs remain in place, management arrangements for these programs should include more effective and transparent catch monitoring with the objective of improving understanding of the efficacy of lethal measures for public safety and the effects of the measures on the populations of marine species.
Recommendation 3
8.29 The committee recommends that the Australian Government:
* establish a publicly accessible national database of target and non-target species interactions with shark control measures; and
* require the Department of the Environment and Energy to use this information to prepare and publish an annual assessment of the impacts of lethal shark control measures on target and non-target marine species.
Recommendation 4
8.30 The committee recommends that state governments review and regularly audit the quality of the data collected on target and non-target species interactions with shark control measures.
Recommendation 5
8.37 The committee recommends that the Australian Government establish a review into the effectiveness of shark research and, following the review, commit to providing funding on a long-term basis for research areas that are considered likely to significantly contribute to improved knowledge about effective shark mitigation and deterrent measures.
Recommendation 6
8.38 The committee recommends that the Australian Government review the funding provided to CSIRO to enable CSIRO to:
* undertake ongoing data collection and monitoring to support the determination of white shark population trends;
* develop a predictive model of shark abundance and location; and
*• undertake a social survey to determine how the behaviour of water users has changed in response to the recent human–shark interactions.
8.39 The committee further recommends that the Australian Government seek advice from CSIRO as to whether research can be undertaken to address anecdotal evidence presented to the committee on the potential risk that certain ocean-based activities, such as the use of teaser baits in cage diving, crayfish pots and trophy hunting, might increase the risk of human–shark interactions. The Australian Government should review the funding provided for marine science research to enable CSIRO (or another research institution) to conduct the research CSIRO advises could be undertaken.
Recommendation 7
8.42 The committee recommends that the Australian Government initiate discussions with state and Northern Territory governments regarding the clinical information collected about shark bite incidents to enable subsequent expert analysis of shark behaviour.
Recommendation 8
8.46 The committee recommends that the Australian Government match funding provided by state governments in support of the development of new and emerging shark mitigation and deterrent measures.
Recommendation 9
8.52 The committee recommends that the Australian Government develop a process to ensure products marketed as personal shark deterrent devices are independently verified as being fit-for-purpose.
Recommendation 10
8.53 The committee recommends that the Minister for the Environment and Energy and relevant state governments work with key stakeholder groups, such as national surfing organisations, to encourage water users to take all reasonable steps to reduce the probability of being involved in a shark bite incident, including by endorsing the use of independently verified personal deterrent devices.
Recommendation 11
8.55 The committee recommends that the Western Australian Government's trial rebate program for independently verified personal deterrent devices be made ongoing in Western Australia and adopted by other relevant state governments.
8.56 The committee further recommends that relevant state governments consider developing programs for subsidising independently verified personal deterrent devices for occasional surfers at beaches associated with the risk of dangerous shark encounters.
Recommendation 12
8.62 The committee recommends that the Australian Government hold a National Shark Summit of shark experts.
Recommendation 13
8.63 The committee recommends that the Australian Government establish a National Shark Stakeholder Working Group comprising key stakeholders in shark management policies. The principal function of the Working Group would be to further the objective of ending lethal shark control programs by developing strategies and facilitating information sharing about the effective use of non-lethal measures.
Recommendation 14
8.68 The committee recommends that the National Shark Stakeholder Working Group review the adequacy of information available to beachgoers regarding the risk presented by sharks, such as signage at beaches and how real-time information provided through shark alert apps can be made available at beaches.
Recommendation 15
8.69 The committee recommends that the Australian Government, working with relevant state governments, develop a program to provide grants for specialised trauma kits at venues near beaches associated with the risk of human–shark encounters.
Recommendation 16
8.70 The committee recommends that relevant state governments review the water safety education programs and education about sharks generally that is provided in schools (particularly schools in coastal areas), with a view to enhancing the education provided on reducing the risk of shark interactions and improving knowledge about shark behaviour and the ecological value of sharks.
8.71 As part of these reviews, the committee recommends that state governments consider the role that relevant community and scientific organisations with expertise in human–shark encounters could have in supporting the delivery of such programs.
Recommendation 17
8.72 The committee recommends that the National Shark Stakeholder Working Group review the various social media accounts and apps that distribute real-time information about shark sightings and warnings about the risk of shark activity to consider whether an integrated national database and app should be established.
Recommendation 18
8.74 The committee recommends that the New South Wales Department of Primary Industries improve its consultation and communication with animal rescue groups regarding marine wildlife caught in or injured by lethal shark control measures.
Recommendation 19
8.80 In light of the repeated use of section 158 exemptions for lethal shark control programs, the committee recommends that the next independent review of the Environment Protection and Biodiversity Conservation Act 1999 carefully consider whether section 158 is operating as intended. In particular, the committee recommends that the independent review consider:
* whether the matters the Minister may consider in determining the national interest should be limited; and
* whether section 158 should be amended to prohibit the repeated granting of exemptions for the same controlled action or any other controlled action of a similar nature.
Recommendation 20
8.81 The committee recommends that the Minister for the Environment and Energy refrain from granting exemptions under section 158 of the Environment Protection and Biodiversity Conservation Act 1999 for matters relating to shark control programs until after the operation of section 158 has been reviewed in accordance with Recommendation 19.

The burning question which flows from these recommendations is: Will the Berejiklian Government listen?

Saturday, 16 December 2017