Category: Government Regulation, Legislation & Enforcement

1
Technology mightier than the Sword: US Military’s Secret Cyber Strike stifles Iranian Forces
2
AI (Adverse Inferences): AI Lending Models may show unconscious bias, according to Report.
3
Uniformity of Law: NSW Government opens consultation to consider making Data Breach Reporting mandatory in respect of State Government Agencies
4
Not just for jilted ex-lovers: The criminalisation of the non-consensual distribution of intimate images in WA
5
Facial Recognition Technology – Good or Bad?
6
US Internet of Things bill advanced to vote on House floor
7
PwC’s Enforcement Tracker finds a large increase in fines for privacy breaches in the UK
8
Canada proposes to increase penalties for tech giants in its Digital Charter
9
Sharing of ‘abhorrent violent material’ now an offence under new laws
10
Consumer Data Right Draft Rules – submissions closing soon

Technology mightier than the Sword: US Military’s Secret Cyber Strike stifles Iranian Forces

By Cameron Abbott and Max Evans

Everyone knows the saying “the Pen is mightier than the sword”. The famous saying has been used for centuries to describe the ultimate power of words and communication over forms of violence. However, the rapid implementation and use of technology as a “combat” method doubts whether this saying is correct in a modern technological era, and begs the question as to whether technology is in fact mightier than the sword!

This dilemma is highlighted through the recent cyberstrike conducted by the United States. According to a Report by the Washington Post, in June of this year the Cyber Command of the US Military utilised a technology cyberstrike to target a significant Iranian database in the Persian Gulf. The relevant database was alleged to have been used by the IRGC, Iran’s elite paramilitary force, to damage oil takers and shipping traffic in the Persian Gulf. According to the Pentagon, the operation was in the works for weeks after Iran’s alleged attacks on two US tankers in the Gulf of Oman earlier in June, and following an attack by Iranian forces on an unmanned U.S. Surveillance drone hours earlier, the cyber-strike was immediately given the go-ahead.

Read More

AI (Adverse Inferences): AI Lending Models may show unconscious bias, according to Report.

By Cameron Abbott and Max Evans

We live in an era where the adoption and use of Artificial Intelligence (AI) is at the forefront of business advancement and social progression. Facial recognition technology software is used or is being piloted to be used across a variety of government sectors, whilst voice recognition assistants are becoming the norm both in personal and business contexts. However, as we have blogged previously on, the AI ‘bandwagon’ inherently comes with legitimate concerns.

This is no different in the banking world. The use of AI-based phishing detection applications has strengthened cybersecurity safeguards for financial institutions, whilst the use of “Robo-Advisers” and voice and language processors has facilitated efficiency by increasing the pace of transactions and reducing service times. However, this appears to sound too good to be true, as according to a Report by CIO Drive, algorithmic lending models may show an unconscious bias.

Read More

Uniformity of Law: NSW Government opens consultation to consider making Data Breach Reporting mandatory in respect of State Government Agencies

By Cameron Abbott, Warwick Anderson and Max Evans

We have blogged numerous times on the notifiable data breach scheme provided for in Part IIIC of Privacy Act 1988 (Cth) including more recently in relation to its success in assisting the preparedness of the health sector to report and respond to data breaches.

Whilst the NSW Information Privacy Commissioner recommends that public sector agencies notify it and affected individuals where a data breach creates a risk of serious harm, neither NSW privacy laws nor the notifiable data breach scheme require public sector agencies in NSW to provide such notification. There are many reasons for state government agencies to mandatorily report data breaches. Informing citizens when privacy breaches occur provides an opportunity for individual protection against potentially adverse consequences, whilst mandatory data breach reporting would address the current under-reporting of data breaches in NSW, which according to the consultation may be the norm.

Read More

Not just for jilted ex-lovers: The criminalisation of the non-consensual distribution of intimate images in WA

By Cathryn Palfrey and Esther Power

This week marked the conclusion of the first prosecution under the Criminal Law Amendment (Intimate Images) Act 2018 (WA). Mitchell Joseph Brindley, 24 years old, pleaded guilty to posting ten intimate images of the woman he dated. The images were taken with the woman’s consent whilst they were in a relationship. When it ended, Mr Brindley created fake Instagram accounts under her name and posted the images without her consent.

Non-consensual intimate image dissemination is colloquially known as ‘revenge porn’. A study in 2017 found that 20% of Australians between the ages of 16-49 years had a picture or video of themselves shared without their consent.

A global movement has emerged to counter the surge of ‘revenge porn’.

Read More

Facial Recognition Technology – Good or Bad?

By Cameron Abbott, Michelle Aggromito and Jacqueline Patishman

As of June 2019, law enforcement agencies are working with the city of Perth in running a 12-month trial in the use of facial recognition software. The trial involves the installation of the software in 30 CCTV cameras and is part of the Federal Government’s Smart Cities plan, which was created with the aim of increasing interconnectivity and building intelligent, technology-enabled infrastructure throughout Australia.

Read More

US Internet of Things bill advanced to vote on House floor

By Cameron Abbott and Rebecca Gill

Just a few months ago, we blogged on the ‘Internet of Things’ (or IoT) legislation making an appearance in the US Senate. But now the legislation may be becoming a reality. On Wednesday, the House Committee on Oversight and Reform advanced the Internet of Things Cybersecurity Improvement Act of 2019 to a vote on the House floor.

The bipartisan legislation aims to reduce the risk to critical government information technology infrastructure from cyberattacks, and directs the National Institute of Standards and Technology to develop recommendations for use and management of internet-connected devices by March 31 2020.

Read More

PwC’s Enforcement Tracker finds a large increase in fines for privacy breaches in the UK

By Cameron Abbott and Rebecca Gill

PwC’s UK Privacy & Security Enforcement Tracker has found that fines in the UK over data protection law violations totalled £6.5 million in 2018, a £2 million increase from 2017.

The Tracker analysed data protection enforcement actions by the UK Information Commissioner’s Office (ICO), including monetary fines, prosecutions and undertakings. The Tracker shows that the total sum of fines increased from 2017, but the number of ICO enforcements fell to 67 in 2018 from 91 in 2017.

Read More

Canada proposes to increase penalties for tech giants in its Digital Charter

By Cameron Abbott and Rebecca Gill

The Canadian federal government has proposed to introduce a combination of fines for companies that violate privacy laws, in order to rein in the growing power of Silicon Valley tech giants.

Canada’s Innovation Minister recently announced a 10-point Digital Charter that aims to provide more transparency into how companies collect and use personal information and stronger rights for consumers to consent to the use of their data. Key principles of the Charter include giving Canadians control over their data, promoting ethical use of data, ensuring that the online marketplace is competitive to facilitate growth of Canadian businesses, and implementing “meaningful penalties” for violations of privacy laws.

Read More

Sharing of ‘abhorrent violent material’ now an offence under new laws

By Cameron Abbott, Michelle Aggromito and Rebecca Gill

Governments around the world are imposing more responsibilities on tech providers to deal with online harms. In response to the recent attacks in Christchurch, in which a gunman livestreamed on Facebook his attack on a mosque, the Australian Government recently enacted the Criminal Code Amendment (Sharing of Abhorrent Violent Material) Act 2019 (Cth) (Act). The Act, which commenced on 6 April 2019, was pushed through swiftly and has a broad reach.

Under the Act, internet, content and hosting service providers must refer details of any ‘abhorrent violent material’ that records or streams ‘abhorrent violent conduct’ to the Australian Federal Police. Abhorrent violent material is material that is audio, visual or audio-visual, and that records or streams ‘abhorrent violent conduct’. Such conduct includes acts of terrorism, murder, attempted murder, torture, rape and kidnapping.

Read More

Consumer Data Right Draft Rules – submissions closing soon

By Cameron Abbott, Rob Pulham and Rebecca Gill

The deadline for submissions on the ACCC’s draft Competition and Consumer (Consumer Data) Rules 2019 (Draft Rules) is fast approaching. The ACCC is seeking feedback from community organisations, businesses and consumers on the approach and positions of the Draft Rules for the Consumer Data Right (CDR) regime until this Friday, 10 May 2019.

Key aspects of the Draft Rules (which are available on the ACCC’s website) include:

  • the three ways in which CDR data may be requested;
  • the requirements for consent to collect CDR data;
  • rules relating to the accreditation process; and
  • rules relating to the thirteen privacy safeguards for CDR data.
Read More

Copyright © 2019, K&L Gates LLP. All Rights Reserved.