This week, Arj and Jordan mark Human Rights Day (Dec 10) with an argument for making human rights a more central focus in Australia's public policy and reform discussions about privacy. The discussion offers a useful framing for analysing a recent decision by EU regulators against Meta's use of personalised advertising without explicit consent, a ruling expected to strike at the heart of the tech giant's business models. They also discuss how stronger privacy laws that make the acquisition of "third-party data" more difficult might be spurring a trend towards new reward schemes and wellbeing apps in the health sector, which the ACCC has warned are creating "big honeypots" of sensitive data. Links: Jordan's oped about privacy and human rights (InnovationAus) https://www.innovationaus.com/the-blindspot-in-australias-approach-to-privacy-reform/ Human Rights Day https://www.un.org/en/observances/human-rights-day EU set to bar Meta from ads based on personal data (Reuters) https://www.reuters.com/technology/eu-raises-concerns-over-metas-targeted-ad-model-wsj-2022-12-06/ Meta’s behavioral ads will finally face GDPR privacy reckoning in January (TechCrunch) https://techcrunch.com/2022/12/06/meta-gdpr-forced-consent-edpb-decisions/ Cyber risk in data honeypots from health insurance app craze: ACCC (The Australian - paywalled) https://www.theaustralian.com.au/business/financial-services/cyber-risk-in-data-honeypots-from-health-insurance-app-craze-accc/news-story/e98bf187286252a0f355980ef77c8cbd Credits: Music by Bensound.com

This week, Arj and Jordan dive into the collapse of cryptocurrency exchange FTX. It leads them to a broader discussion about Effective Altruism, a philosophy and a movement to govern charitable giving that has been taken up with gusto by influential tech billionaires (like FTX founder Sam Bankman-Fried). Arj and Jordan discuss how some of the thinking behind Effective Altruism may be having adverse effects on the direction of technology more broadly. Links: FTX collapse news story (ABC News) https://www.abc.net.au/news/2022-12-03/the-downfall-of-ftx-crypto-king-sam-bankman-fried/101714162 Effective Altruism website https://www.effectivealtruism.org/ Peter Singer pond thought experiment https://www.thelifeyoucansave.org.au/child-in-the-pond/#:~:text=If%20you%20don't%20wade,ll%20be%20late%20for%20work. Timnit Gebru oped about Effective Altruism (WIRED) https://www.wired.com/story/effective-altruism-artificial-intelligence-sam-bankman-fried/ Critique of longtermism (New Statesman) https://www.newstatesman.com/ideas/2022/11/elon-musk-william-macaskill-useful-philosopher Credits: Music by Bensound.com

This week, Arj and Jordan explore the concept of "safe harbour", a legal concept giving board directors a defence from liability from a privacy or cyber incident. With increased penalties recently introduced for privacy breaches and greater scrutiny on boards and executives, we're starting to hear this idea being floated more often. We explore its merits. We also chat briefly about the Australian Government's new "hack the hackers" gambit and the status of legislation to drastically increase fines for privacy violations. Links: Government announces standing operation to disrupt cybercrime (Home Affairs) https://minister.homeaffairs.gov.au/ClareONeil/Pages/standing-operation-against-cyber-criminal-syndicates.aspx New privacy penalty bill passes Parliament (InnovationAus) https://www.innovationaus.com/unworkable-data-breach-laws-pass-parliament/ Tech lobby exemptions sought to privacy fines (InnovationAus) https://www.innovationaus.com/tech-industry-wants-good-faith-data-breach-penalty-exemptions/ David Gonski calls for safe harbour (AFR) https://www.afr.com/companies/professional-services/gonski-pushes-for-new-cyber-risk-mechanism-to-protect-directors-20220822-p5bbqe Lawfirm calls for safe harbour for ransom payments (AFR) https://www.afr.com/technology/making-cyber-ransom-payments-unlawful-would-help-boards-20221120-p5bzp7 Credits: Music by Bensound.com

This week, Arj and Jordan dive into the Musk/Twitter saga. Opinions abound on this one - but Arj and Jordan look closely at how Musk is going with his promise to bring back free speech, the viability of Musk's blue-check verification thought-bubble, and likely repercussions of the departure of privacy, security and compliance officers from the platform. Links: Musk fires engineers after critical posts (CNBC) https://www.cnbc.com/2022/11/15/musk-fires-twitter-engineers-after-critical-posts-on-twitter-and-slack.html Musk halts blue check subscription plan (Reuters) https://www.reuters.com/technology/musk-says-his-companies-will-remain-well-positioned-2023-2022-11-11/ Oped by Twitter's former head of trust and safety (NYTimes) https://www-nytimes-com.cdn.ampproject.org/c/s/www.nytimes.com/2022/11/18/opinion/twitter-yoel-roth-elon-musk.amp.html Privacy and Security officers depart Twitter (The Verge) https://www.theverge.com/2022/11/10/23451198/twitter-ftc-elon-musk-lawyer-changes-fine-warning FTC settlement with Twitter https://www.ftc.gov/business-guidance/blog/2022/05/twitter-pay-150-million-penalty-allegedly-breaking-its-privacy-promises-again FTC warning to Twitter (TechCrunch) https://techcrunch.com/2022/11/10/ftc-warns-no-ceo-or-company-is-above-the-law-if-twitter-shirks-privacy-order/ Australia’s eSafety commissioner cautions Elon Musk (Guardian) https://www.theguardian.com/technology/2022/nov/08/australia-esafety-commissioner-elon-musk-twitter-moderation-concerns Credits: Music by Bensound.com

This week, Arj and Jordan dive into the vexed question of whether companies should pay ransoms to cybercriminals. The government's position is clear: do not pay. The reality on the ground for most companies is much more complex. Arj and Jordan step through these complexities and the competing imperatives organisations face when confronted with this difficult decision. Important note: This is a complex topic and it's important to emphasise that in this discussion we aren't advocating one way or the other in relation to paying ransoms generally - merely illustrating how businesses faced with a ransom demand do have various and competing considerations. Links: Medibank breach round-up (Guardian) https://www.theguardian.com/australia-news/2022/nov/12/medibank-v-the-hackers-how-the-health-insurer-fell-to-a-mass-data-theft National coordination mechanism invoked (IT News) https://www.itnews.com.au/news/gov-invokes-emergency-coordination-as-medibank-breach-worsens-586965 ACSC ransomware advice https://www.cyber.gov.au/ransomware Ransomware action plan https://www.homeaffairs.gov.au/cyber-security-subsite/files/ransomware-action-plan.pdf Labor call for National Ransomware Strategy https://timwatts.net.au/media/187357/beyond-the-blame-game-ransomware-discussion-paper.pdf Panama Papers https://en.wikipedia.org/wiki/Panama_Papers Credits: Music by Bensound.com

This week, Arj and Jordan dive into the issue of privacy and security of data in the rental market.  After a spate of data breaches affecting Australian businesses, commentators had been warning of the disaster-in-waiting in the real estate sector. And sure enough we got one. Arj and Jordan explore the underlying factors involved, including practices and attitudes at individual real estate agencies, power imbalances in the housing market and legislative gaps. Links: Samantha Floreani article on real estate data practices (Guardian) https://www.theguardian.com/commentisfree/2022/oct/04/telcos-arent-alone-in-collecting-too-much-of-our-personal-information Harcourts real estate agent data breach (Guardian) https://www.theguardian.com/australia-news/2022/nov/03/melbourne-real-estate-agency-data-breach-leaves-details-of-renters-and-landlords-exposed ABC investigation into real estate websites pressuring rental applicants to pay for background checks (ABC) https://www.abc.net.au/news/2022-11-04/regulators-examining-renters-pressured-into-paying-background/101611846 UNSW analysis of rental data collection practices https://newsroom.unsw.edu.au/news/social-affairs/cybersecurity-breaches-call-rental-data-collection-overhaul Business lobby pushes back on removal of small business exemption (AFR) https://www.afr.com/technology/you-can-t-just-flick-a-switch-small-business-fears-new-data-laws-20221004-p5bn2o First Dog on the Moon on housing https://www.theguardian.com/commentisfree/2022/oct/28/you-would-not-believe-what-questions-real-estate-agents-are-asking-tenants-now Credits: Music by Bensound.com

We're back after a break. This week, Arj is joined by elevenM privacy practice lead Melanie Marks to discuss the Australian Government's move to significantly lift penalties on businesses that violate privacy, as the nation experiences a spate of serious data breaches. They discuss the likely impact and effectiveness of the fines, clear up some misconceptions about what the fines are actually for, and explore some of the less-discussed additional powers introduced alongside the fines. Links: Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022 https://parlinfo.aph.gov.au/parlInfo/download/legislation/bills/r6940_first-reps/toc_word/22113b01.docx;fileType=application%2Fvnd.openxmlformats-officedocument.wordprocessingml.document Attorney-General press release https://ministers.ag.gov.au/media-centre/tougher-penalties-serious-data-breaches-22-10-2022 Explanatory Memorandum https://parlinfo.aph.gov.au/parlInfo/download/legislation/ems/r6940_ems_715c9651-94ce-4b91-9912-a4023d8c7f61/upload_word/22113%20EM.DOCX;fileType=application%2Fvnd.openxmlformats-officedocument.wordprocessingml.document  Link to make submissions on the Bill https://www.aph.gov.au/Parliamentary_Business/Committees/Senate/Legal_and_Constitutional_Affairs/PrivacyEnforcement2022 OAIC's Federal Court proceedings against Facebook https://www.oaic.gov.au/updates/news-and-media/commissioner-launches-federal-court-action-against-facebook Credits: Music by Bensound.com

This week, Arj and Jordan get wonky, exploring why public policy approaches to scaling back market power are increasingly dovetailing with reforms to better safeguard individual privacy. The conversation takes them to unexpected places, covering two new momentous EU regulations, Amazon's acquisition of Roomba maker iRobot, and the so-called "hipster antitrust" movement. Links: Article about Digital Markets Act and the Digital Services Act (InnovationAus) https://www.innovationaus.com/eu-double-act-puts-regulatory-squeeze-on-platform-tech/ FTC probing Amazon's iRobot aquisition (Reuters) https://www.reuters.com/markets/deals/ftc-seeks-more-data-amazons-17-bln-deal-vacuum-maker-irobot-2022-09-20/ ACCC Digital platforms inquiry https://www.accc.gov.au/focus-areas/inquiries-finalised/digital-platforms-inquiry-0 ACCC on Google's proposed FitBit acquisiton (Guardian) https://www.theguardian.com/australia-news/2020/dec/22/google-faces-400m-fine-over-fitbit-takeover-if-it-doesnt-wait-for-competition-watchdogs-approval Article about "hipster antitrust" (Reuters) https://www.reuters.com/article/us-usa-antitrust-breakingviews-idUSKBN2B3016 Lina Khan paper in Yale Law Journal https://www.yalelawjournal.org/pdf/e.710.Khan.805_zuvfyyeh.pdf Credits: Music by Bensound.com

This week, Arj and Jordan give their views on the strategic and policy takeaways from the now infamous Optus breach. They explore a philosophical shift in business attitudes to data, proposed legislative reforms, and the broader cultural shift needed in how we collectively approach the building of technology. Links: Jeremy Kirk reporting https://www.bankinfosecurity.com/optus-under-1-million-extortion-threat-in-data-breach-a-20142 Jeremy Kirk on Twitter https://twitter.com/jeremy_kirk/status/1573652986437726208?s=21&t=5kqrqoy-kIEnnvUh0YavOQ Data is the new asbestos (InnovationAus)  https://www.innovationaus.com/data-is-the-new-asbestos-optus-hack-renews-calls-for-privacy-reform/ Clare O’Neil on 7.30 report https://www.abc.net.au/7.30/home-affairs-minister,-clare-o%E2%80%99neil,-speaks-on-the/14066184 Credits: Music by Bensound.com

In this special episode of This Week in Digital Trust we feature an interview by our friend Jonathan Gadir with Chris Dolman, executive manager for Data and Algorithmic Ethics at IAG. Jonathan and Chris discuss the place of data ethics within organisations, how to break down the AI and data ethics risks, and how to think about the governance of these risks. They also use real-world example to illustrate and explore some of the common factors that lead to data ethics risks, such as "poor proxies" and "false causality". Links: Chris Dolman on LinkedIn: https://www.linkedin.com/in/cdolman/ Gradient Institute: https://www.gradientinstitute.org/ Gradient Institute report 'De-Risking Automated Decisions' https://www.gradientinstitute.org/assets/gradient_minderoo_report.pdf Jonathan Gadir on Twitter https://twitter.com/jonoloosecannon Credits: Music by Bensound.com