Showing posts with label big data. Show all posts
Showing posts with label big data. Show all posts

Thursday 20 July 2017

A new Australian Federal Government super ministry capable of deploying armed soldiers on our streets


“The first question to ask yourself is this: does handing Dutton that power sound like a good idea?” [journalist Katherine Murphy, The Guardian, 18 July 2017]

A new Australian Federal Government super agency capable of deploying armed soldiers on our streets? With a former Queensland police officer of no particular merit as its head?

What could possibly go wrong with a rigid, far-right, professed ‘Christian’ property millionaire having oversight of a super portfolio which would reportedly bring together the Australian Security Intelligence Organisation (ASIO), the Australian Federal Police (AFP) Australian Border ForceAustralian Criminal Intelligence Commission and AUSTRAC along with a database on ordinary citizens, ‘intellectuals’ and perfectly legal organisations, going back literally generations?

How long will it take before any industrial action or protest event would be quickly labelled as terrafret and armed soldiers sent to disperse people exercising their democratic right?

Australia’s been down that painful path before during the last 229 years and been the worse for it.

Turnbull at Holsworthy Barracks, Forbes Advocate,17 July 2017

“The measures I am announcing today will ensure that the ADF is more readily available to respond to terrorism incidents, providing state and territory police with the extra support to call on when they need it.”  
[Prime Minster Malcolm Turnbull, media release, Holsworthy NSW,17 July 2017]


Malcolm Turnbull has confirmed a dramatic shake-up of Australia's security, police and intelligence agencies that will put Immigration Minister, Peter Dutton, in charge of a sprawling new Home Affairs security portfolio.

The department of Home Affairs will bring together domestic spy agency ASIO, the Australian Federal Police, the Australian Border Force, the Australian Criminal Intelligence Commission, AUSTRAC and the office of transport security and will be put together over the next year.

And Mr Turnbull has also announced the government would, in response to the 
L'Estrange review of Australia's intelligence agencies, establish an Office of National Intelligence and that the Australian Signals Directorate will also be established as an independent statutory authority. 

The new Office of National Intelligence will co-ordinate intelligence policy and is in line with agencies in Australia's "Five Eyes" intelligence partners in the US, Britain, Canada and New Zealand…..

The changes are to be finalised by June 30, 2018 - subject to approval of the National Security Committee of Cabinet -  with Mr Dutton to work with Senator Brandis in bedding down the changes.

Senator Brandis will lose responsibility for ASIO under the changes but, crucially, retain sign-off power on warrants for intelligence agency. 

Mr Turnbull said the Attorney-General's oversight of Australia's domestic security and law enforcement agencies would be strengthened, with the Inspector-General of Intelligence and Security and the independent national security legislation monitor moving into his portfolio. 

The Prime Minister said Australia needed these reforms "not because the system is broken, but because our security environment is evolving quickly…..


However that L'Estrange review – part of a routine reassessment of national security arrangements – is understood not to specifically recommend such a super-portfolio.

Mr Turnbull has been dropping strong hints lately that he is inclined to make a significant change, rejecting what he's branded a "set and forget" policy on national security and warning that Australia must keep up with an evolving set of threats from terrorism to foreign political influence.

Security and intelligence agencies themselves are also believed to have concerns about such a change, while some former intelligence heads have publicly said they do not see any need for change.

However, a well-placed source in the intelligence community said a Home Affairs office - as opposed to a US-style Department of Homeland Security - was the preferred options for police and intelligence agencies.

That was because a Home Affairs department would potentially be broader, including agencies such as the Computer Emergency Response Team, the Australian Cyber Security Centre, Crimtrac, the Australian Criminal Intelligence Commission and the new Critical Infrastructure Centre, rather than just police and intelligence agencies.

The Guardian, 18 July 2017:

Peter Jennings, the executive director of the Australian Strategic Policy Institute, put it well on Tuesday when he said any “grit” in the Dutton/Brandis relationship could be problematic for intelligence operations, which is obviously problematic for all of us, given we rely on the efficiency of the counter-terrorism framework to keep us safe.

So we’d better hope for the best, to put it mildly.

We’d also better hope it’s a good use of the time of our intelligence services and public servants to nut out how the Big Idea is going to work in practice, which will be a reasonably complex task, at a time when these folks already have a serious day job.

Recapping that specific day job again: trying to disrupt national security threats, in a complex environment. Pretty busy and important day job, that one.

It’s cartoonish to say this is all about the prime minister rewarding old mate Dutton, on the basis you keep your friends close, and your (potential) enemies closer.

Nothing is ever that simple outside a House of Cards storyboard– although it remains an irrefutable fact that Dutton wanted this to happen, and if Dutton really wanted it to happen, it would have been difficult for Turnbull, in his current position, to say no.
The Australian, 19 July 2017:         
The pressure points lie in the risk calculations that link intelligence to response. In a liberal democracy, we rightly demand high certainty of the intention to carry out an act of violence before we are comfortable with our security services pre-emptively taking someone off the streets. Usually when an attack happens, here or in the US or Europe, it’s because the calibration of risk hasn’t worked. It’s not because security services weren’t concerned about an individual’s beliefs and actions or couldn’t find him.
For those of us without access to national security data, the evidence suggests that Australia does these important risk calculations relatively well. Our list of foiled terrorist attacks is quite a bit longer than the list of attacks. The reason for this is the national security structures we have evolved: the combination of separate national security agencies, each with highly developed specialist capabilities and slightly different cultures and perspectives, working in close, 24/7 collaboration.
When calculating risk, separation and diversity are a strength because they build contestation, careful deliberation and stress testing into the system. Britain, the US, France and Belgium have chosen more centralised structures, and the evidence is that their systems do not work as well as ours. Bringing our highly effective agencies into a super-department cannot help but disrupt their inner structures and cultures. Such enterprises inevitably lose sight of the goal — keeping Australians safe — as they become driven by the desire for efficiencies and cultural homogenisation, and the urge for bureaucratic tidiness. Look no further than the creation of the Department of Immigration and Border Protection, a process that has consumed enormous amounts of resources in reconciling two incompatible cultures, with no apparent benefits and a list of embarrassing blunders.
Creating one security super-department places a major imperative on the government to get everything right, first time. Separate but closely collaborating security agencies create a powerful check against underperformance: a struggling agency or a leader who’s not up to it are spotted and called out quickly. But underperformance in a federation-style conglomerate is not so easy to see and to call out. And in the meantime, it’s the safety of Australians that will be the price for underperformance.
If the Turnbull government were serious about national security, it would not engage in evidence-free experimentation with our national security. It should instead be building on what’s working well and making it even stronger. We need better co-ordination and cross agency connectivity, not big-bang organisational redesign.
We should be getting these sorts of issues right in a system that is working, rather than indulging in the risk-riddled gesture politics of a grand restructure.
Michael Wesley is professor of international affairs and dean of the College of Asia and the Pacific at the Australian National University.

Monday 10 July 2017

Would you trust these men with your personal health information? Part Two


Left to Right: Minister for Human Services and Liberal MP for Aston, Alan Tudge
Minister for Health and Liberal MP for Flinders, Greg Hunt

The Guardian, 8 July 2017:
The government found itself facing heavy criticism this week over how it handles Australians’ personal information, after a Guardian investigation revealed a darknet trader was illegally selling the details of any Medicare card holder on request by “exploiting a vulnerability” in a government system.
The data had been for sale since at least October 2016, and the seller appears to have sold the Medicare details of at least 75 Australians…..
“What’s happening is the community is wrapping these attacks together and seeing them as a threat, and it adds to a perception that their data is not safe,” said Australia’s privacy commissioner, Timothy Pilgrim. “All the players need to work out a way to build up that trust.”
But why do these breaches keep happening? And is the government doing everything it can to stop them, and reassure the public when they do happen?
After being alerted by the Guardian to the Medicare breach, the minister took swift action, referring it to the Australian federal police for investigation. Pilgrim welcomed this as an appropriate response…..
The most critical risk to Australians from the misuse of Medicare card data is one of identity fraud. A fake Medicare card with legitimate details can get a criminal a quarter of the way to an entire fake ID. This could then be used by organised crime groups in any number of ways, for example by leasing property or equipment. It could also be used to fraudulently obtain services from Medicare itself.
In this case, the darknet was the vehicle for this particular identity fraud scam. But it didn’t need to be, and it is likely similar, less-sophisticated scams are taking place right now.
Tudge has used an unusual line to explain the breach. He has said it was not a hack or cyber attack, but “traditional criminal activity”. What he’s edging around is that his department believe this was a case of an individual using a legitimate method to access Medicare data – but for an unauthorised and illegal purpose.
But contrary to Tudge’s assertion, access control is very much a matter of cybersecurity. And there are a lot of problems with the way Medicare card details can be obtained.
For instance more than 200,000 individual users can potentially look up Medicare card details through the department’s system. The department has declined to answer whether each access is logged, which could allow it to trace when a particular card was looked up. If those controls aren’t there, it’s unlikely the darkweb vendor selling this data will be found.
It doesn’t mean someone sitting in a doctor’s clinic has been supplying the data. A prospective patient could show up at a GP’s reception, pretending to be someone else, and just ask for that person’s Medicare card details. Guardian Australia has spoken with one employee at a medical practice who said people regularly asked for their card details to be supplied.
Identity fraud using Medicare cards is coming to be seen as a big problem in the government. The human services department acknowledged in February 2016 that there had been 1,500 “probable” cases of Medicare fraud, a jump from 269. The Australian reported that in 2014 the justice minister, Michael Keenan, set out to quantify the scale of Medicare card fraud taking place. A study found Medicare cards and driving licences were the mostly commonly used forms of ID for fraudsters.
The problem appears to be growing worse as those given credentials to access Medicare card details legitimately has increased – jumping 25% in the last financial year – and as organised crime groups grow more sophisticated in their methods.
All of this contributes to the loss of trust….


Wednesday 5 July 2017

Would you trust these men with your personal health information?


The darknet vendor says they are “exploiting a vulnerability which has a much more solid foundation which means not only will it be a lot faster and easier for myself, but it will be here to stay. I hope, lol.” [The Guardian, 4 July 2017]
Left to Right: Minister for Human Services and Liberal MP for Aston, Alan Tudge
& Minister for Health and Liberal MP for Flinders, Greg Hunt

These two federal politicians have portfolio responsibility for some of the largest government databases in Australia.

One has portfolio responsibility for those sensitive e-health records which are due to be rolled out nationally on an opt-out basis by 2020.

This is how secure your personal information is on their watch…….


The Australian Federal Police is investigating reports Australians' personal Medicare details are being accessed and sold on the dark web, an apparent breach that has been labelled an "internet catastrophe".

According to a Guardian Australia report, an online vendor can pull up the full Medicare card details of any Australian on request — and is selling them for around $30 each — indicating a security hole somewhere in the health system.

Human Services Minister Alan Tudge said the government was taking the matter seriously. 

The sales are reportedly listed on an undisclosed dark web marketplace, in which the vendor claims to be "exploiting a vulnerability" in order to run software that pulls the data. The vendor calls it "the Medicare Machine".

"Leave the first and last name, and DOB of any Australian citizen, and you will receive their Medicare patient details in full", the listing says, adding that the nature of the security hole being utilised means the vendor will be "here to stay".

In a statement, Mr Tudge said any authorised access to Medicare card numbers was "of great concern" and his department was also conducting its own investigation. 

Medicare's database was always a honeypot waiting to be exploited once governments embraced data matching, data retention and data sharing with much enthusiasm but little understanding.

Once someone decides they want your Medicare details ID theft is now just 0.0089 bitcoin away - as is your abusive former spouse/partner or that anonymous stalker or Internet troll that has been making your life a misery.

UPDATE

Anthony Baxter, 4 July 2017:

You supply the person with name, date of birth and gender and around $30 of Bitcoin they'll give you the person's Medicare number. This is pretty bad, as it allows idemtity thieves to forge them - a Medicare card is usually worth 25 points on the standard 100 point ID check here. The AU govt had no idea this was happening until the journo from The Guardian let them know.

It turns out there's a portal that any health care provider can use to look up Medicare numbers this way. In case you've lost your card or whatever. Likely it's someone who works for one of them selling access, or someone's popped a PC there (more on that to come).

When asked, the relevant government minister (the same guy who presided over the Census fuckup last year (update: I misremembered, that was a different clown), the accidental publishing of PBS data that was poorly deidentified and the ongoing Centrelink robodebt nightmare) claimed it's OK because you can't get access to someone's medical records through the shiny new online electronic health records system with just a Medicare number. Aside from ignoring the ID theft issue there's a liiiiiittle bit of an issue here.

Guess what information you need along with the Medicare number to pull someone's medical records? Did you guess "name, date of birth and gender"? Collect your prize.

According to https://www.itnews.com.au/news/govt-blames-medicare-card-breach-on-traditional-crims-467502 the folks who did the Privacy Impact Assessment on the electronic health records system were told it would be secure because you needed Medicare number as well as name/DOB/gender and weren't told you could use the latter to look up the former.

It Gets Worse.

In theory you can only look up this stuff from a secure endpoint, with a client side certificate installed. Which in practice means maybe 20K PCs scattered across every doctors office in the country. Worse still, many of these client certs were originally sent out via unencrypted email, and a nontrivial number were "lost". And you reckon all or even a significant fraction of these 20K boxes are running modern Windows with up to date patches? Me neither. I can't count the number of times I've been left alone in a room with an unlocked doctor's PC while he went to check something.

It (Incredibly) Gets Even Worse.

They have a Two Factor Auth system which doctors are supposed to use. One of the ways to get the 2FA key is, and I wish I was joking here, email.

So get access to a box running some XP/Win7 version that's ludicrously unpatched that's also logged into the doctors email, collect health care records. Australian government cannot computer.

At the moment the electronic health records thing is opt-in, at some point next year they'll be moving to an opt-out scheme with a window to opt-out. There's an email form here https://myhealthrecord.gov.au/internet/mhr/publishing.nsf/content/home where you can sign up to be notified when the window to opt the hell out is opened and I urge everyone to do so A
SAP.


UPDATE

The federal government was warned more than three years ago of security deficiencies surrounding personal Medicare data, with the Department of Human Services told it was not fully complying with spy agency rules.

Questioning the department's ability to keep the data safe from "security threats from external and internal sources", the government auditor made a series of recommendations in April 2014 but it is unclear if they were fully implemented.

Saturday 20 May 2017

Quotes of the Week



“Director of Public Prosecution, Ms Marianne Ny, has today decided to discontinue the investigation regarding suspected rape (lesser degree) by Julian Assange.” [Swedish Prosecution Authority, media release, concerning the seven year investigation of Wikileaks founder Julian Assange, 19 May 2017]  

This is the single greatest witch hunt of a politician in American history! [U.S. President  Donald  J. Trump tweeting on 18 May 2017 after discovering that the official FBI investigation into Russian interference in the 216 presidential election had been widened]

If you can pay rent, buy food for a week, pay for phone etc and buy drugs on $267.80 a week, you should be made treasurer. [@mrumens, commenting on Turnbull Government plan to drug test unemployment benefit recipients, 11 May 2016]

This is a government of poor data ethics. Hand-waving at risks associated with sloppy data-architecture. Self-congratulatory culture of applause over a mediocre to disastrous experience of digital governance. Vindictive and retributory exploitation and commodification of citizen data. The Australian government isn’t a fit and proper data custodian.  [Internet activist and journalist Asher Wolf writing at medium.com on 9 May 2017]

The standout demographic characteristic of One Nation voters was their lack of education. The typical One Nation voter didn’t finish school, much less, as Marr put it, “set foot in a university”. [Mike Seccombe writing in The Saturday Paper, 6-12 May 2017]


Wednesday 10 May 2017

Turnbull Government identifies a new source of revenue and there are no prizes for guessing from whom


Now that the Turnbull Government has embraced big data and begun collecting and collating information on all citizens across multiple agency platforms, there is a temptation to explore all the money-making potential of this data.

In March 2016 Treasurer Scott Morrison requested that the Productivity Commission:

Examine the benefits and costs of options for increasing availability of public sector data to other public sector agencies (including between the different levels of government), the private sector, research sector, academics and the community. Where there are clear benefits, recommend ways to increase and improve data linking and availability.

Upfront the aim to gather more information, limit ownership rights of citizens with regard to their own personal information and to sell-on data it collects on citizens is apparent, however it takes a few pages of the Commission’s report to discover that it probably also intends to make additional money out of the ordinary individuals who have been forced to supply government agencies with this same detailed data.

If the Commission recommendation (that a charge can levied by an agency when a citizen requests access to their data) is accepted then, by way of example, the door will have been opened to charge a cost to welfare recipients who request Centrelink statements of income required twice-yearly by social housing agencies, or who request their Basic Card transaction records for a specific period if there is a concern relating to a pension/benefit/allowance periodic payment or who request that data held in e-Health records be edited/corrected if it contains erroneous information.

Of course, this being a report whose terms of reference reflect the wishes of a right-wing federal government - the intention appears to be that all business or government agency charges to supply the individual with his or her own data will be set by those same businesses or agencies with little or no limit on the size these fees.

Australian Government Productivity Commission, Inquiry Report, Data Availability and Use: Overview & Recommendations, 31 March 2017:

Knowing when your data has been sold
One of the most potentially pernicious practices with data is the onward trade or disclosure of data to third parties, leaving consumers unaware of who knows what about them. The damage is often not so much in monetary terms but in the feeling of exploitation. This has great capacity to undermine social licence over time, if misused. Around half of all Australians surveyed by Office of the Australian Information Commissioner (OAIC) have expressed concern about unknown organisations having obtained their personal information.
We do not propose that consumers be advised on each occasion data is traded or otherwise disclosed to a third party — the burden on businesses using contractors and outsourcing aspects of their operations could be enormous. Moreover, consumers in some areas could be inundated. But advising on which organisations data has been traded or disclosed to is a reasonable expectation of what is, after all, a joint right to data. You should surely be informed that something in which you now have a joint right is traded or disclosed to a third party.
Accordingly, entities should inform consumers about their data being traded or disclosed by including in their privacy policies, terms and conditions or on their websites, a list of parties to whom consumer data has been traded or otherwise disclosed over the past 12 months. Such lists should easily accessible to consumers and updated in a timely manner.
Consumers may also be at risk of loss of data access on the wind up of a firm. In such circumstances, consumers should always be advised of who now holds their data if it is transferred (as an asset) by the insolvency practitioner; or dataset owner if the data is separately sold.
Costs, timeliness and transition
We recognise that there may be costs to business associated with their adherence to the Right. There are a number of aspects of the recommendation that seek to ensure these are manageable.
First, as noted above, it is expected that industry sectors themselves would determine the scope of data to be transferred, subject to approval by the ACCC.
Second, businesses and government data holders would be able to charge for costs reasonably incurred in transferring consumer data. We fully expect that there may be a tiered approach to such charges, namely that some digital data that is of high quality, readily available, and clearly identifiable with a particular individual (such as transactions data), should be made available at low or no cost and at relatively short notice. Data stored on different (yet still digital) systems, or that is of lesser quality may require additional effort to provide in a usable format and therefore could attract a higher charge and take longer. This would be for data holders themselves to determine and explain.
Our intention in recommending the creation of this Right is to enhance consumer outcomes, as a contribution to sustaining community support for the role data will play in the future. Business and governments as data holders would need to adjust to this Right. Neither should have interests in creating a process that was so costly as to prohibit its take up by most if not all consumers, as this would be counter to enhancing consumer outcomes and may eventually undermine the quality of data collections.
To make the process manageable, it is surely preferable to offer the parties affected in incurring expense the chance to meet the intent of the Right, namely enabling consumers to use their data. This is likely to involve degrees of iteration and transition. But the clear expectation is that there would be transparency on the part of businesses and agencies. Over time as systems evolve, the time taken and the cost involved should fall as these processes become part of each firm growing its business or government agency keeping faith with its clients, and while volume of data transferred might reasonably be expected to grow.
Similarly, it is expected that businesses and government data holders themselves would likely reap benefits from system transformation and better data management, such that all of the costs would not reasonably fall to consumers availing themselves of the Right.
Support for consumers in exercising their new Right
The ACCC would be the primary government entity charged with ensuring consumers are able to transfer their data and exercise their new rights. Specifically, any charges levied by data holders for access, editing, copying and/or transferring of data should be monitored, with the methodology used by a data holder recorded, transparent (such as on the data holder’s web page) and reviewable on request by the ACCC.
While recourse for consumers not satisfied with the way their new Comprehensive Right can be exercised could primarily be through the ACCC, we recognise there are other bodies — industry-specific ombudsmen, State and Territory fair trading offices, and the OAIC — that may have industry-specific skills and knowledge to deal with particular complaints. There should be a ‘no wrong door’ approach to this. This means the key regulators need to implement systems that enable consumer concerns to be handled with efficacy — not leave the consumer straddling a regulator abyss.
While the changes proposed aim to enable consumers to exercise more control over the collection and use of their data, the onus remains on individuals to make responsible choices regarding to whom they provide personal information in the first instance and for what purposes.

Thursday 27 April 2017

Of course, certainly, we keep your personal information safe from prying eyes!


Anyone who is certain that all information a state/federal government department/agency or civil corporation holds about their social, financial, genealogical or health status is strictly protected from prying eyes needs to seriously question why they appear to hold that unsafe assumption.

The Sydney Morning Herald, 21 April 2017:

More than 700 public patients have had their privacy breached and potential delays in their follow up care after more than 1600 medical letters were found dumped in a Sydney bin.

NSW Health is investigating the incident involving a sub-contractor for a company tasked with transcribing medical letters sent from specialists to general practitioners.

On Tuesday, April 11, a man found piles of follow-up letters containing patient details stuffed into a garbage bin at an apartment block in Ashfield. It is understood there were more than 1600 documents in total. Some of the letters were duplicates. 

The man called in his neighbour, a female health worker, who recognised the documents were out-patient letters and contacted Ashfield police. 

A sub-contractor for Global Transcription Services (GTS) was supposed to take the letters home to post but instead stuffed them into the bin. The young woman had been dealing with personal upheaval and health issues, Health Minister Brad Hazzard said on Thursday, adding it was inappropriate to comment further.

The letters related to 768 public hospital patients from Royal North Shore, Gosford Hospital outpatients and Cancer Centre and Dubbo Hospital Cancer Centre.

There were also 700 letters relating to patients from six private providers: Chris O'Brien Lifehouse, providing services to Dubbo Cancer Clinic, Northern Cancer Institute (Frenchs Forest and St Leonards), Sharp Neurology, Southside Cancer Care Centre, Strathfield Retina Clinic and the Woolcock Institute.

Newcastle Herald, 17 April 2017:

The NSW privacy commissioner has called for a thorough investigation after thousands of photo ID cards, including gun licences, were mistakenly sent to the wrong people in a "significant" security breach.

A total of 2693 cards were sent to the wrong people earlier this month.

Among the documents mailed out were 2000 driver's licences, 104 firearm licences, 318 permits to use disabled parking, 242 proof of age cards, 26 security licences and 3 commercial and private investigator licences.

It is understood people affected went to Service NSW to apply for their licence on April 5, with the licences printed at the agency's card operations centre on April 7.

The error was discovered four days later. Service NSW informed police, Roads and Maritime Services and the privacy commissioner.

Shortly afterwards, gun shops were contacted by police and told to be "extra vigilant" in checking licences until all licences sent to the wrong address were retrieved, News Corp reported.

Those affected have been advised to "be alert to activities that may indicate their identity is being misused by others".

Acting NSW Privacy Commissioner Elizabeth Coombs said the breach was significant as it involves the identity of members of the public.

"These cards contain personal information that can identify individuals. Health information, which is even more sensitive, appears to have also been affected (eg on disability status)," Dr Coombs said.

"This breach is of particular concern as it occurs at a time when the NSW Government is increasing its digital interaction and service provision with the NSW community.

Education HQ Australia, 12 April 2017:

The traumatic, sensitive details of a Victorian mother's life lingered online for days after the education department thought it had dealt with a privacy breach.

The woman was one of 120 people affected when the Victorian education department inadvertently published personal details of parents online after receiving 558 submissions on proposed new regulations for state education.

The department thought it had taken the documents offline, but they were still publicly available five days after the breach, with several still listed on Google's search engine on Wednesday afternoon.

The Australian, 7 April 2017:

A Senate committee which investigated secret Defence training that teaches soldiers how to deal with being taken prisoners of war accidentally disclosed the confidential evidence of witnesses to each other.

On March 7, the Senate Foreign Affairs, Defence and Trade references committee took evidence from witnesses in-camera, which means it wasn't a public hearing, as part of an inquiry into training procedures for resistance to interrogation and conduct after capture.

Witnesses were posted copies of their transcripts to check over by registered mail, but the committee accidentally sent witnesses all transcripts rather than just individual ones.

Crickey.com.au, 4 April 2017:

Qantas customers’ personal data has been compromised after a data breach revealed the names, seat numbers and frequent flyer numbers of eight passengers to another passenger looking at the Qantas check-in app on Thursday. The app, which was used to check in for a flight between Newman, Western Australia, and Perth, showed the length of the flight and that a snack or brunch would be available, but the Qantas passenger was shocked to be able to see details for other passengers…..

It is not the first time Qantas customer details have been shared with others. In January, an email sent to customers flying out of Melbourne warned of traffic delays on the Tullamarine Freeway included surnames and booking references of other passengers

The Age, 26 March 2017:

A hospital is being investigated for breaching the privacy of dozens of patients after medical records revealing a "swollen penis" and mental illnesses among other things, were found in a Coburg street.
The Australian Information and Privacy Commissioner Timothy Pilgrim is investigating how the records of 31 patients were removed from the John Fawkner Private Hospital in Melbourne's north last month.

Determination
1. I find that the respondent, Comcare, interfered with the complainant’s privacy in breach of Part III of the Privacy Act 1988 (Cth) (Privacy Act) by:
a. disclosing the complainant’s personal information, including sensitive health information on a publicly available website contrary to Information Privacy Principle (IPP) 11; and
b. failing to take such security safeguards as it is reasonable in the circumstances to take, against loss, against unauthorised access, use, modification or disclosure, and against other misuse contrary to IPP 4.


Findings
1. Commonwealth Bank of Australia Limited (the CBA) interfered with the complainant’s privacy by:
* disclosing her personal information to the principal of a Commonwealth Bank Mortgage Innovation agency (MIA) for a purpose other than the primary purpose of collection, in breach of National Privacy Principle (NPP) 2.1 of the Privacy Act 1988 (Cth) (Privacy Act), and
* failing to take reasonable steps under NPP 4.1 to protect her personal information from misuse and loss and from unauthorised access, modification or disclosure.

Friday 21 April 2017

Every man and his dog may soon have access to your personal medical history if you live in Australia


A federal government digital medical information storage and retrieval system, which will eventually contain information on every person permanently residing in Australia and which was hacked even before it publicly went online, is now going national – and it still has significant privacy problems.

The Daily Telegraph, 10 April 2017:

THE private health records of Australians can be accessed by more than half a million people under the latest bungle with the $2.2 billion electronic My Health Record.

News Corp Australia has learned that the privacy settings on the government’s computerised My Health Record, which lists every medicine a patient takes and records every medical visit and procedure, are automatically set on “universal access”.

This means every registered health practitioner in the nation — 650,000 people — can view them, not just the family GP, unless the patient specifically requested to opt out.

Occupational therapists working for an employer, doctors working for insurance companies, a dietitian, an optometrist or a dentist or their staff can view the record and see if individuals have a sexually transmitted disease, a mental illness, have had an abortion or is using Viagra.

“Potentially your employer’s occupational therapist can look at your record and get information they really shouldn’t be getting access to, its confidential data,” says former AMA president Dr Mukesh Haikerwal who was a government consultant on the My Health Record.

The bungle came about because the record was originally set up as an opt in system and when people set up their record they were given the option to set a PIN number to protect the information and determine who got to see it.

Nearly four million people set up a My Health Record under the opt in system but doctors weren’t using it because four years after it was established 83 per cent of Australians still did not have one.

Last year the Turnbull Government trialled turning the failed record into an opt out system.

One million people in the Nepean Blue Mountains area of NSW and Northern Queensland were given a record unless they opted out.

News Corp has now learned only 147 of these one million Australians automatically given a record under the trial set up a PIN number to protect their health information.

“147 My Health Records created in the trials have access controls set to restrict which healthcare providers can see the record, or have controls restricting access to certain documents in the record,” the Department said.

“This equates to 0.0151 per cent of My Health Records automatically created in the trials. This is consistent with the rates of access controls set by those who have opted to register for a My Health Record,” a spokeswoman for the department said.

The My Health Record lists a person’s medications and allergies, doctors can upload a health summary about the person’s health problems, eventually the system will include X-ray results, pathology results, hospital discharge summaries and other data that for the first time can be shared between medical practitioners.

The privacy problem is about to affect everyone because two weeks ago state and federal health ministers agreed to give every Australian a My Health Record unless they opt out.
This decision was made even though the results of the original opt out trial have never been made public.

And it means the health records of every Australian will soon be on open access.

The Australian, 27 March 2017:

Companies bidding for the Medicare digital payments system have been given the option of proposing a new identity card to protect against fraud and improve system capabilities.

As the federal government pushes ahead with electronic health records, in anticipation of a digital health revolution, The Australian has learned the Department of Health has made identity management a key part of the new payments system and left it open to companies to propose alter­natives.

Companies may suggest alternatives to the green Medicare card — which holds no data, just a magnetic strip and numbers for indiv­iduals whose information is stored in a database — and forms of identity for veterans’ affairs, aged care and related payments.

It would be the biggest shift since the Howard government proposed the Australian Access Card, a broad-function smartcard that attracted privacy concerns and comparisons to the ill-fated Australia Card of the 1980s and was dumped by the incoming Rudd government.

A departmental spokeswoman emphasised that there was no proposal for a new identity card under moves to develop a new digital payments system.

“While the Depart­ment of Health has not been prescriptive, the presumption is that the Medicare card and number will continue to be the basis for identification,” she said.

The option for a new identity management solution came after health ministers decided on Friday that the My Health Rec­ord system would be opt-out, making electronic medical records compulsory for all Australians unless they said otherwise, despite trials of that model having yet to report.

Australian Doctor, 27 March 2017:

Australian health ministers have officially agreed to a national opt-out model under which every patient will have a MyHealth Record created for them by default.

Yet precisely when the model will be rolled out remains to be seen.

Federal, state and territory health ministers met in Melbourne on Friday, where, according to a communique, they agreed "to a national opt-out model for long-term participation arrangements" in the My Health Record system.

The agreement precedes the release of findings from two pilot trials of opt-out enrolment systems, in North Queensland and NSW's Blue Mountains, which included nearly one million patients.

A little history…….

News.com.au, 11 September 2016:

THE man who led the dumped UK digital health record system has been put in charge of Australia’s bungled $1 billion e-health record and is being paid as much as the Prime Minister to fix it.

Former journalist Tim Kelsey will be paid a total remuneration package worth $522,240 a year, almost the same as Malcolm Turnbull and just shy of the $548,360 paid to the Chief of the Navy and more than the Chief Scientist, the head of the Fair Work Commission and the Inspector General of Taxation, a remuneration tribunal determination reveals.

The former NHS executive is an interesting appointment as CEO of the Australian Digital Health Agency because he was in charge of the UK digital health records scheme Care.data dumped by the UK’s National Health System in July.

The Department of Health stated that Mr Kelsey is uniquely suited to the role because of his experience with data and digital platforms in health and personal privacy.

The Care.data scheme to store patients’ medical information in a single database suffered multiple delays and was then scrapped after major problems emerged over patient confidentiality.

It was similar to Australia’s My Health Record that Mr Kelsey will now oversee.

Friday 14 April 2017

Was there really a typical Australian in 2016? The Australian Bureau of Statistics thinks so


This month the Australian Bureau of Statistics released its first taste of data from the 2016 national census and rather bravely decided it should be a profile of The ‘Typical’ Australian.

I’m just wondering how reliable this profile is, given the number of people who either stated an intention to or admitted on social media platforms that they falsified some or all of the information they entered on the compulsory census form as a privacy safeguard against personal information data retention and the creation of longitudinal data every Australian.

As the exact number of deliberately falsified forms cannot be known this casts some doubt on census data available to statisticians.

Australian Bureau of Statistics, Census 2016, 11 April 2017:
     ______________________________________________________
The 'Typical' Australian


Median Age
38
Sex (Mode)
Female
Country of Birth of Person (Mode)
Australia
Country of Birth of Parents (Mode)
Both parents born in Australia
Language Spoken at Home (Mode)
English
Ancestry 1st Response (Mode)
English
Social Marital Status (Mode)
Married in a registered marriage
Family Composition (Mode)
Couple family with children
Count of All Children in Family (Mode)
Two children in family
Highest Year of School Completed (Mode)
Year 12 or equivalent
Unpaid Domestic Work: Number of Hours (Mode)
5 to 14 hours
Number of Motor Vehicles (Mode)
Two vehicles
Number of Bedrooms in Private Dwelling (Mode)
Three bedrooms
Tenure Type (Dwelling Count) (Mode)
Owned with a mortgage


Aboriginal and/or Torres Strait Islander people


Median Age
23
Sex (Mode)
Female


Persons born overseas


Median Age
44
Sex (Mode)
Female
Country of Birth of Person (Mode)
England
Language Spoken at Home (Mode)
English



Note:
* The mode is the most commonly occurring value in a distribution.
* Statements of typical age in this release are median values. The median is the middle value 
in distribution when the values are arranged in ascending or descending order.
* The most common response for each data item is calculated independently. For example, i
the 'typical' person is male and the 'typical' person does 5-14 hours of unpaid domestic work per 
week, this does not imply that the 'typical' male does 5-14 hours of unpaid domestic work per week.
* No detailed Census data will be issued with this information. Datasets for the above characteristics 
will be released as part of the main release of 2016 Census data on Tuesday, 27 June 2017.

The Sydney Morning Herald, 11 April 2017:

The census preview showed that NSW has become more culturally diverse over the past decade.

The typical person in the state now has at least one parent born overseas. In 2006 and 2011, the typical person in NSW had both parents born in Australia. This change also suggests NSW is more culturally diverse than the rest of the nation – the "typical Australian" still has both parents born in Australia.

It's a diversity well masked by averages.

"In my social circles, yes, I guess I'd say I feel very typical but my work is a completely different place," Mrs Purvis says.

"Most of the people I work with speak another language. Their parents weren't born in Australia. A lot of them are younger people who don't have children … and are either still living at home with their parents or renting."

The preview also highlighted the shifting ancestry of the state's migrants. In 2016, the state's typical migrant was a Chinese-born female, aged 44. A decade ago, the typical migrant in NSW was a 45-year-old female born in England.

The state's typical Aboriginal or Torres Strait Islander person was a female aged 22.