Showing posts with label government spying. Show all posts
Showing posts with label government spying. Show all posts

Wednesday 16 May 2018

An insider has finally admitted what any digital native would be well aware of - your personal health information entered into a national database will be no safer that having it up on Facebook


Remembering that a federal government national screening program, working with with a private entity, has already accessed personal information from Medicare without consent of registered individuals and entered these persons into a research program - again without consent - and these individuals apparently could not easily opt out of being listed as a research subject but were often only verbally offered  the option of declining to take part in testing, which presumably meant that health data from other sources was still capable of being collected about them by the program. One has to wonder what the Turnbull Government and medical establishment actually consider patient rights to be in practice when it comes to "My Health Record".

Healthcare IT News, 4 May 2018:

Weeks before the anticipated announcement of the My Health Record opt out period, an insider’s leak has claimed the Australian Digital Health Agency has decided associated risks for consumers “will not be explicitly discussed on the website”.

As the ADHA heads towards the imminent announcement of the three-month window in which Australians will be able to opt out of My Health Record before being signed up to the online health information repository, the agency was caught by surprise today when details emerged in a blog post by GP and member of the steering group for the national expansion of MHR, Dr Edwin Kruys.

Kruys wrote that MHR offers “clear benefits” to healthcare through providing clinicians with greater access to discharge summaries, pathology and diagnostic reports, prescription records and more, but said “every digital solution has its pros and cons” and behind-the-scenes risk mitigation has been one of the priorities of the ADHA. However, he claimed Australians may not be made aware of the risks involved in allowing their private medical information to be shared via the Federal Government’s system.

“It has been decided that the risks associated with the MyHR will not be explicitly discussed on the website,” Kruys wrote.

“This obviously includes the risk of cyber attacks and public confidence in the security of the data.”

The most contentious contribution in the post related to the secondary use of Australians’ health information, the framework of which has yet to be announced by Health Minister Greg Hunt.

Contacted by HITNA, the agency moved swiftly to have Kruys delete the paragraph relating to secondary use.

In the comment that has since been removed, Kruys wrote, “Many consumers and clinicians regard secondary use of the MyHR data as a risk. The MyHR will contain a ‘toggle’, giving consumers the option to switch secondary use of their own data on or off.”

Under the My Health Records Act 2012, health information in MHR may be collected, used and disclosed “for any purpose” with the consent of the healthcare recipient. One of the functions of the system operator is “to prepare and provide de-identified data for research and public health purposes”. 

Before these provisions of the act will be implemented, a framework for secondary use of MHR systems data must be established. 

HealthConsult was engaged to assist the Federal Government in developing a draft framework and implementation plan for the process and within its public consultation process in 2017 received supportive submissions from the Australasian College of Health Informatics, the Australian Bureau of Statistics and numerous research institutes, universities, and clinicians’ groups.

Computerworld, 14 May 2018:

Use of both de-identified data and, in some circumstances, identifiable data will be permitted under a new government framework for so-called “secondary use” of data derived from the national eHealth record system. Linking data from the My Health Record system to other datasets is also allowed under some circumstances.

The Department of Health last year commissioned the development of the framework for using My Health Record data for purposes other than its primary purpose of providing healthcare to an individual.

Secondary use can include research, policy analysis and work on improving health services.

Under the new framework, individuals who don’t want their data used for secondary purposes will be required to opt-out. The opt-out process is separate from the procedure necessary for individuals who don’t want an eHealth record automatically created for them (the government last year decided to shift to an opt-out approach for My Health Record)……

Access to the data will be overseen by an MHR Secondary Use of Data Governance Board, which will approve applications to access the system.

Any Australian-based entity with the exception of insurance agencies will be permitted to apply for access the MHR data. Overseas-based applicants “must be working in collaboration with an Australian applicant” for a project and will not have direct access to MHR data.

The data drawn from the records may not leave Australia, but under the framework there is scope for data analyses and reports produced using the data to be shared internationally……

The Department of Health came under fire in 2016 after it released for download supposedly anonymised health data. Melbourne University researchers were able to successfully re-identify a range of data.

Last month the Office of the Australian Information Commissioner revealed that health service providers accounted for almost a quarter of the breaches reported in the first six weeks of operation of the Notifiable Data Breach (NDB) scheme.


Australians who don't want a personal electronic health record will have from July 16 to October 15 to opt-out of the national scheme the federal government announced on Monday.

Every Australian will have a My Health Record unless they choose to opt-out during the three-month period, according to the Australian Digital Health Agency.

The announcement follows the release of the government’s secondary use of data rules earlier this month that inflamed concerns of patient privacy and data use.


Under the framework, medical information would be made available to third parties from 2020 - including some identifying data for public health and research purposes - unless individuals opted out.

In other news....... 


A cyber attack on Family Planning NSW's website has exposed the personal information of up to 8000 clients, including women who have booked appointments or sought advice about abortion, contraception and other services.

Clients received an email from FPNSW on Monday alerting them that their website had been hacked on Anzac Day.

The compromised data contained information from roughly 8000 clients who had contacted FPNSW via its website in the past 2½ years to make appointments or give feedback.

It included the personal details clients entered via an online form, including names, contact details, dates of birth and the reason for their enquiries….

The website was secured by 10am on April 26, 2018 and all web database information has been secure since that time

SBS News, 14 May 2018:

Clients were told Family Planning NSW was one of several agencies targeted by cybercriminals who requested a bitcoin ransom on April 25…..
The not-for-profit has five clinics in NSW, with more than 28,000 people visiting every year.

The most recent Digital Rights Watch State of Digital Rights (May 2018) report can be found here.

The report’s 8 recommendations include:

Repeal of the mandatory metadata retention scheme

Introduction of a Commonwealth statutory civil cause of action for serious invasions of privacy

A complete cessation of commercial espionage conducted by the Australian Signals Directorate

Changes to copyright laws so they are flexible, transparent and provide due process to users

Support for nation states to uphold the United Nations Convention on the Rights of the Child in the digital age

Expand the definition of sensitive information under the Privacy Act to specifically include behavioural biometrics

Increase measures to educate private businesses and other entities of their responsibilities under the Privacy Act regarding behavioural biometrics, and the right to pseudonymity

Introduce a compulsory register of entities that collect static and behavioural biometric data, to provide the public with information about the entities that are collecting biometric data and for what purpose

The loopholes opened with the 2011 reform of the FOI laws should be closed by returning ASD, ASIO, ASIS and other intelligence agencies to the ambit of the FOI Act, with the interpretation of national security as a ground for refusal of FOI requests being reviewed and narrowed

Telecommunications providers and internet platforms must develop processes to increase transparency in content moderation and, make known what content was removed or triggered an account suspension.

Wednesday 2 May 2018

The man who would be prime minister


“In terms of ministerial oversight, the portfolio has the following ministers: the Minister for Home Affairs, who sits in the cabinet and who is also separately sworn as the Minister for Immigration and Border Protection; the Minister for Citizenship and Multicultural Affairs; the Minister for Law Enforcement and Cybersecurity; and the Assistant Minister for Home Affairs. The core functions of the department are policy, strategy, planning and coordination in relation to the domestic security and law enforcement functions of the Commonwealth as well as managed migration and the movement of goods across our borders…..four portfolio agencies that sit alongside the department, which are statutorily independent, but they are within the portfolio. They all, like me, report to the cabinet minister. The Australian Federal Police, ACIC, AUSTRAC and Australian Border Force. That is four. Then, with the passage of relevant legislation that is currently before the parliament, ASIO will move across soon.  [Secretary Dept. of Home Affairs Michael Pezullo at Senate Estimates Hearing, Legal and Constitutional Affairs Legislation Committee, 26 February 2018]

The worry about concentration of political power per se and that power in inappropriate hands…….

The Saturday Paper, 28 April 2018:

Peter Dutton is arguably the most powerful person in the country. In his new ministry he has oversight for national security, for the Federal Police, Border Force and ASIO, for the law enforcement and emergency management functions of the Attorney-General’s Department, the transport security functions of the Department of Infrastructure, Regional Development and Cities, the counterterrorism and cybersecurity functions of the Department of Prime Minister and Cabinet, the multicultural affairs functions of the Department of Social Services, and the entire Department of Immigration and Border Protection.

It is hard to imagine any member of federal parliament less suited to exercise the sort of powers now held by Dutton. It is easy to argue that no minister should be entrusted with such vast powers. But the fact that those powers are in Dutton’s hands is seriously alarming.

Ministerial powers are subject to limits. The rule of law means that the limits are subject to supervision by the judicial system. Most ministers understand that. Dutton apparently does not…..

On April 7, 2018, Dutton called for “like-minded” countries to come together and review the relevance of the 1951 Refugee Convention.

So, here it is: Australia’s most powerful minister is wilfully mistreating innocent people at vast public expense. He is waging a propaganda war against refugees and against the people who try to help them. And he is trying to persuade other countries to back away from international human rights protection.

He tries to make it seem tolerable by hiding it all away in other countries, so that we can’t see the facts for ourselves. [my yellow highlighting]

Evidence that the community concern is justified…….

MSM News, 29 April 2018:

Ministers are planning to make it easier for the government to spy on its own citizens, a leaked document has revealed.

As it stands, the Australian Federal Police and Australian Security Intelligence Organisation need a warrant from The Attorney-General to access Australians' emails, bank records and text messages.

But ministers are reportedly planning to amend the Intelligence Services Act of 2001 to allow Home Affairs Minister Peter Dutton and Defence Minister Marise Payne to give the orders without the country's top lawyer knowing

The intelligence - which could include financial transactions, health data and phone records - would be collected by a government spy agency called the Australian Signals Directorate. 

The plan was revealed by a leaked letter from Home Affairs Secretary Mike Pezzullo to Defence Secretary Greg Moriarty.

The top secret letter, written in February and seen by The Sunday Telegraph, details a plan to 'hack into critical infrastructure' to 'proactively disrupt and covertly remove' cyber-enabled criminals including child exploitation and terror networks. 
In March, the plan was outlined in a ministerial submission signed by Mike Burgess, the chief of the Australian Signals Directorate.

It states: 'The Department of Home Affairs advises that it is briefing the Minister for Home Affairs to write to you (Ms Payne) seeking your support for a further tranche of legislative reform to enable ASD to better support a range of Home Affairs priorities.'
But a proposal to change the law has not yet been made.

A spokesman for the Defence Minister Ms Payne said: 'There has been no request to the Minister for Defence to allow ASD to counter or disrupt cyber-­enabled criminals onshore.' 
      
An intelligence source told The Sunday Telegraph that the proposals could spell danger for Australians.

'It would give the most powerful cyber spies the power to turn on their own citizens,' the source said.

The letter also outlines 'step-in' powers which could force companies to hand over citizens' data, the source added.

The submission says the powers would help keep Australian businesses and individuals safe. [my yellow highlighting]

The inherent dishonesty of the Dept. of Home Affairs…..

Secretary of Department of Home Affairs Michael Pezullo, Senate Estimates, Legal and Constitutional Affairs Legislation Committee, 26 February 2018, denying the possibility of by-passing the judiciary and “the country's top lawyer”:

As I said at the last estimates meeting of this committee, all executive power is subject to the sovereignty of this parliament and to the supremacy of the law. In bringing the security powers, capabilities and capacities of the Commonwealth together into a single portfolio, these fundamentals will remain in place. All of them are crucial attributes of liberty. I repeat what I said last year to this committee: any contrary suggestion that the establishment of Home Affairs will somehow create an extra judicial apparatus of power bears no relationship to the facts or to how our system of government works, and any suggestion that we in the portfolio are somehow embarked on the secret deconstruction of the supervisory controls which envelop and check executive power are nothing more than flights of conspiratorial fancy that read into all relevant utterances the master blueprint of a new ideology of undemocratic surveillance and social control. [my yellow highting]

Ministerial denial - of sorts....

When confronted by the mainstream media Dutton supported government spying on its citizens, saying he believes there is a case to be made for giving the Australian Signals Directorate more powers to investigate domestic cyber threats, with appropriate safeguards in place and "If we were to make any changes ... I would want to see judicial oversight or the first law officer (attorney-general) with the power to sign off on those warrants".

Hands up everyone in Australia who will sleep well knowing that the tsar has spoken. *crickets*

Wednesday 7 March 2018

When it comes to human rights and civil liberties is it ever safe to trust the junkyard dog or its political masters?



On 18 July 2017, Prime Minister Malcolm Bligh Turnbull announced the establishment of a Home Affairs portfolio that would comprise immigration, border protection, domestic security and law enforcement agencies, as well as reforms to the Attorney-General’s oversight of Australia’s intelligence community and agencies in the Home Affairs portfolio.

 On 7 December 2017, the Prime Minister introduced the Home Affairs and Integrity Agencies Legislation Amendment Bill2017 into the House of Representatives.

This bill amends the Anti-Money Laundering and Counter-Terrorism Financing Act 2006, the Independent National Security Legislation Monitor Act 2010, the Inspector-General of Intelligence and Security Act 1986 and the Intelligence Services Act 2001.

The bill was referred to Parliamentary Joint Committee on Intelligence and Security which tabled its report and recommendations on 26 February 2018.

This new government department on steroids will be headed by millionaire former Queensland Police detective and far-right Liberal MP for Dickson, Peter Craig Dutton.

His 'front man' selling this change is Abbott protĂ©gĂ©former Secretary of the Department of Immigration and Border Protection and current Secretary of the new Department of Home Affairs, Michael Pezzullo. 

The question every Australian needs to ask themselves is, can this current federal government, the ministers responsible for and department heads managing this extremely powerful department, be trusted not to dismantle a raft of human and civil rights during the full departmental implementation.

It looks suspiciously as though former Australian attorney-general George Brandis does not think so - he is said to fear political overreach.

The Saturday Paper, 3-9 March 2018:

On Friday last week, former attorney-general George Brandis went to see Michael Pezzullo, the secretary of the new Department of Home Affairs.

The meeting was a scheduled consultation ahead of Brandis’s departure for London to take up his post as Australia’s new high commissioner. It was cordial, even friendly. But what the soon-to-be diplomat Brandis did not tell Pezzullo during the pre-posting briefing was that he had singled him out in a private farewell speech he had given to the Australian Security Intelligence Organisation on the eve of his retirement from parliament two weeks earlier.

As revealed in The Saturday Paper last week, the then senator Brandis used the ASIO speech to raise concerns about the power and scope of the new department and the ambitions of its secretary. Brandis effectively endorsed the private concerns of some within ASIO that the new security structure could expose the domestic spy agency to ministerial or bureaucratic pressure.

In a regular Senate estimates committee hearing this week, Pezzullo described his meeting with Brandis – on the day before The Saturday Paper article appeared – as Opposition senators asked him for assurances that ASIO would retain its statutory independence once it moves from the attorney-general’s portfolio to become part of Home Affairs.

“I had a very good discussion on Friday,” Pezzullo told the committee, of his meeting with Brandis.

“He’s seeking instructions and guidance on performing the role of high commissioner. None of those issues came up, so I find that of interest. If he has concerns, I’m sure that he would himself raise those publicly.”

Labor senator Murray Watt pressed: “So he raised them with ASIO but not with you?”
“I don’t know what he raised with ASIO,” Pezzullo responded. “… You should ask the former attorney-general if he’s willing to state any of those concerns … He’s a high commissioner now, so he may not choose to edify your question with a response, but that’s a matter for him. As I said, he didn’t raise any of those concerns with me when we met on Friday.”

The Saturday Paper contacted George Brandis but he had no comment.

“ANY SUGGESTION THAT WE IN THE PORTFOLIO ARE SOMEHOW EMBARKED ON THE SECRET DECONSTRUCTION OF THE SUPERVISORY CONTROLS WHICH ENVELOP AND CHECK EXECUTIVE POWER ARE NOTHING MORE THAN FLIGHTS OF CONSPIRATORIAL FANCY…”

Watt asked Pezzullo for assurance there would be no change to the longstanding provisions in the ASIO Act that kept the agency under its director-general’s control and not subject to instruction from the departmental secretary. The minister representing Home Affairs in the Senate, Communications Minister Mitch Fifield, said: “It is not proposed that there be a change to that effect.”

The new Department of Home Affairs takes in Immigration and Border Protection, the Australian Federal Police, the Australian Criminal Intelligence Commission, the Australian Transaction Reports and Analysis Centre, known as AUSTRAC, and ASIO.
ASIO does not move until legislation is passed to authorise the shift, and will retain its status as a statutory agency.

Pezzullo addressed the fears of those questioning his department’s reach. He said some commentary mischaracterised the arrangements as “being either a layer of overly bureaucratic oversight of otherwise well-functioning operational arrangements or, worse, a sinister concentration of executive power that will not be able to be supervised and checked”.

“Both of these criticisms are completely wrong,” he said.

Pezzullo had already described his plans, both to the committee and in a speech he made in October last year, in which he spoke of exploiting the in-built capabilities in digital technology to expand Australia’s capacity to detect criminal and terrorist activity in daily life online and on the so-called “dark web”.

But the language he used, referring to embedding “the state” invisibly in global networks “increasingly at super scale and at very high volumes”, left his audiences uncertain about exactly what he meant.

Watt asked if there would be increased surveillance of the Australian people. “Any surveillance of citizens is always strictly done in accordance with the laws passed by this parliament,” Pezzullo replied.

In his February 7 speech to ASIO, George Brandis described Pezzullo’s October remarks as an “urtext”, or blueprint, for a manifesto that would rewrite how Australia’s security apparatus operates.

Pezzullo hit back on Monday. “Any suggestion that we in the portfolio are somehow embarked on the secret deconstruction of the supervisory controls which envelop and check executive power are nothing more than flights of conspiratorial fancy that read into all relevant utterances the master blueprint of a new ideology of undemocratic surveillance and social control,” Pezzullo said.

As for day to day human resources, financial management and transparent accountable governance, media reports are not inspiring confidence in Messrs. Turnbull, Dutton and Pezzullo.

The Canberra Times, 2 March 2018:

Home Affairs head Mike Pezzullo was one of the first to front Senate estimates on Monday.

It's been up and running for only weeks, but his new department is part of one of the largest government portfolios.

Having brought several security agencies into its fold, and if legislation passes letting ASIO join, the Home Affairs portfolio will be home to 23,000 public servants. 
Mr Pezzullo was also quizzed on the investigation into Roman Quaedvlieg, the head of the Australian Border Force who has been on leave since May last year, following claims he helped his girlfriend - an ABF staff member - get a job at Sydney Airport.

It was revealed the Prime Minister's department has had a corruption watchdog's report into abuse of power allegations for at least five months while Mr Quaedvlieg has been on full pay earning hundreds of thousands of dollars.

Saturday 3 February 2018

Quotes of the Week


"The Cozy Bear [Russian] hackers are in a space in a university building near the Red Square. The group's composition varies, usually about ten people are active. The entrance is in a curved hallway. A security camera records who enters and who exits the room. The AIVD hackers manage to gain access to that camera. Not only can the intelligence service now see what the Russians are doing, they can also see who's doing it. Pictures are taken of every visitor. In Zoetermeer, these pictures are analyzed and compared to known Russian spies. Again, they've acquired information that will later prove to be vital."  [De Volkskrant, on the subject of Russian interference in 2016 presidential election, 25 January 2018]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

"The separation of powers doctrine dictates that the judiciary should not be the subject of improper influence by the other branches of government – being the executive and legislature. Comments by Dutton and other Coalition ministers to the effect that members of the judiciary should be selected on the basis of their ideological leanings and ability to deliver "tough" sentences – rather than independently look at all factors and apply the law – seek to undermine this doctrine and unduly influence both the selection process and practices of the judiciary. Dutton's populist political grandstanding may have some members of the public "egging him on", but the reality is that such rhetoric seeks to undermine one of the central pillars of our democracy." 
[Sydney Criminal Lawyers, 23 January 2018]


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

No president in history has burned more public money to sustain his personal lifestyle than Donald Trump”  [former George W. Bush staffer David Frum in his book Trumpocracy: The Corruption of the American Republic]


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

“The events I’ve described in these pages are based on conversations that took place over a period of eighteen months with the president, with most members of his senior staff—some of whom talked to me dozens of times—and with many people who they in turn spoke to. The first interview occurred well before I could have imagined a Trump White House, much less a book about it, in late May 2016 at Trump’s home in Beverly Hills—the then candidate polishing off a pint of Häagen-Dazs vanilla as he happily and idly opined about a range of topics while his aides, Hope Hicks, Corey Lewandowski, and Jared Kushner, went in and out of the room.
Conversations with members of the campaign’s team continued through the Republican Convention in Cleveland, when it was still hardly possible to conceive of Trumps election. They moved on to Trump Tower with a voluble Steve Bannon—before the election, when he still seemed like an entertaining oddity, and later, after the election, when he seemed like a miracle worker.
Shortly after January 20, I took up something like a semipermanent seat on a couch in the West Wing. Since then I have conducted more than two hundred interviews.” [Author Michael Wolff from his book “Fire and Fury: Inside the Trump White House” published 5 January 2018]


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Sunday 8 January 2017

It's as official as it is ever going to get - the Russian Government decided it would like this man to be the 45th President of the United States of America


It's as official as it is ever going to get - the Russian Government decided it would like this man to be the 45th President of the United States of America.
Donald John Trump
U.S. National Intelligence Council, Intelligence Community Assessment, 6 January 2017, excerpt:
This report is a declassified version of a highly classified assessment; its conclusions are identical to those in the highly classified assessment but this version does not include the full supporting information on key elements of the influence campaign.
Assessing Russian Activities and Intentions in Recent US Elections
ICA 2017-01D
6 January 2017
Key Judgments
Russian efforts to influence the 2016 US presidential election represent the most recent expression of Moscow’s longstanding desire to undermine the US-led liberal democratic order, but these activities demonstrated a significant escalation in directness, level of activity, and scope of effort compared to previous operations. We assess Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the US presidential election. Russia’s goals were to undermine public faith in the US democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency. We further assess Putin and the Russian Government developed a clear preference for President-elect Trump. We have high confidence in these judgments.
We also assess Putin and the Russian Government aspired to help President-elect Trump’s election chances when possible by discrediting Secretary Clinton and publicly contrasting her unfavorably to him. All three agencies agree with this judgment. CIA and FBI have high confidence in this judgment; NSA has moderate confidence.
 Moscow’s approach evolved over the course of the campaign based on Russia’s understanding of the electoral prospects of the two main candidates. When it appeared to Moscow that Secretary Clinton was likely to win the election, the Russian influence campaign began to focus more on undermining her future presidency.
 Further information has come to light since Election Day that, when combined with Russian behaviour since early November 2016, increases our confidence in our assessments of Russian motivations and goals.
Moscow’s influence campaign followed a Russian messaging strategy that blends covert intelligence operations — such as cyber activity — with overt efforts by Russian Government agencies, state-funded media, third-party intermediaries, and paid social media users or “trolls.” Russia, like its Soviet predecessor, has a history of conducting covert influence campaigns focused on US presidential elections that have used intelligence officers and agents and press placements to disparage candidates perceived as hostile to the Kremlin.
 Russia’s intelligence services conducted cyber operations against targets associated with the 2016 US presidential election, including targets associated with both major US political parties.
 We assess with high confidence that Russian military intelligence (General Staff Main Intelligence Directorate or GRU) used the Guccifer 2.0 persona and DCLeaks.com to release US victim data obtained in cyber operations publicly and in exclusives to media outlets and relayed material to WikiLeaks.
 Russian intelligence obtained and maintained access to elements of multiple US state or local electoral boards. DHS assesses that the types of systems Russian actors targeted or compromised were not involved in vote tallying.
 Russia’s state-run propaganda machine contributed to the influence campaign by serving as a platform for Kremlin messaging to Russian and international audiences.
We assess Moscow will apply lessons learned from its Putin-ordered campaign aimed at the US presidential election to future influence efforts worldwide, including against US allies and their election processes.
Full declassified report can be found here.

Tuesday 3 March 2015

Once the Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014 becomes law


On 27 February 2015 the Parliamentary Joint Committee on Intelligence and Security recommended that the Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014 be passed by the Australian Parliament.

It appears that there is bipartisan political support for the passage of this bill.

The information that will be kept on each and every one of us is found in the Draft Data Set (30 October 2014), but there is no guarantee that information collected and stored will be limited to this particular data set.