Tag: Australian Federal Government

1
Encryption bill to give unprecedented power
2
Time to opt out of having a My Health Record has been extended
3
I Spy With My Little Phone – New Laws giving access to your phone data
4
My Health Records – To opt-in, or to opt-out? That is the question
5
Proposed anti-terror laws to give law enforcement access to personal data
6
Australian Government legislates to protect critical national infrastructure
7
Family Planning NSW the latest victim of cyber attacks
8
Russian-backed hacking targets Australian businesses
9
Over half of notifiable data breaches caused by human error
10
Cybersecurity is only one part of security – a filing cabinet could be your highest risk

Encryption bill to give unprecedented power

By Cameron Abbott and Wendy Mansell

The Coalition government is attempting to pass large-scale decryption reforms which will give sweeping powers to law enforcement agencies for overt and covert computer access.

The reforms have caused significant controversy as they may force tech companies and communications providers to modify their services, creating “systemic weaknesses” for intelligence agencies to exploit. However many point out these same vulnerabilities may be utilised by criminals.

Further the potential repercussions of these reforms may undermine consumers’ privacy, safety and trust through unprecedented access to private communications. This could have anti-competitive effects, as the reputations of Australian software developers and hardware manufacturers will suffer within international markets.

At the same time, the harsh reality that terrorists and organised crime increasingly utilise these technologies to evade surveillance highlights a very clear problem for law enforcement authorities.

We won’t seek to suggest where the balance between these interests should lie, but the debate rages on. Stay tuned.

Time to opt out of having a My Health Record has been extended

By Cameron Abbott and Keely O’Dowd

Australians now have until 31 January 2019 to decide whether or not to have a My Health Record. The deadline to opt-out of having a My Health Record has been extended again.

Due to privacy and security concerns raised by various stakeholders and medical professionals, the Australian Government has proposed two sets of legislative changes to the My Health Record legislation to strengthen existing privacy protections set out in the legislation and established a Senate Committee inquiry to assess whether the My Health Record system is working and how it can be improved. In July this year, we blogged about the privacy and security concerns raised about the My Health Record system.

During the Senate Committee inquiry, it was revealed by the Office of the Australian Information Commissioner (OAIC) that since the My Health Record system commenced in July 2012, the OAIC has received 88 My Health Records mandatory data breach notifications and 11 mandatory data breach notifications. The data breaches generally involved incorrect information being uploaded to a My Health record.

It is evident to us that the My Health Record system has significant privacy and security issues that should be properly considered before the opt-out period ends. These issues are highlighted in the Senate Committee inquiry final report. In addition, the amending legislation designed to strengthen the privacy protections of the My Health Record system is still being debated in the Senate.

Extending the time for people to decide whether or not to opt-out of a My Health Record is a sensible approach. This gives individuals more time to properly understand the implications of having a My Health Record and for important privacy issues to be considered by the Australian Government.

However if ongoing concerns remain about the privacy and security protections of the My Health Record System by 31 January 2019, if in doubt, better to opt out!

I Spy With My Little Phone – New Laws giving access to your phone data

By Cameron Abbott and Colette Légeret

Yesterday, the Australian Government unveiled the draft Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018 which aims to compel telecommunication and multi-national tech companies (Providers) to give law enforcement and security agencies (Agencies) access to personal encrypted data of suspected criminals, including terrorists, child sex offenders and criminal organisations.

Read More

My Health Records – To opt-in, or to opt-out? That is the question

By Cameron Abbott and Keely O’Dowd

This year all Australians will have a My Health Record created. A My Health Record will operate as a digital medical file that allows healthcare providers to upload health information about a patient. This information may include prescriptions, medical conditions and test results. A patient’s digital medical file will be stored in a national electronic database operated by Australian Digital Health Agency (ADHA).

Read More

Proposed anti-terror laws to give law enforcement access to personal data

By Warwick Andersen, Rob Pulham and Sarah Goegan

Last week, the Australian Government announced that it would propose new anti-terror laws that force telecommunications and multinational tech companies to give law enforcement agencies access to encrypted data of suspected criminals and terrorists.

Cyber Security Minister Angus Taylor said the laws would give police, intelligence and security agencies the ability to bypass encryption on messaging (such as private messages sent on Whatsapp and Facebook), phone calls, photos, location and apps.

Read More

Australian Government legislates to protect critical national infrastructure

By Cameron Abbott, Keely O’Dowd and Sarah Goegan

Protecting Australia’s critical infrastructure from threats is essential to Australia’s national security interests, community safety and the overall quality of life for Australians.

In March 2018, the Australian Parliament passed the Security of Critical Infrastructure Act 2018, which is due to commence on 11 July 2018. The Act imposes new obligations on operators and owners of “critical infrastructure assets” – Australia’s high risk major ports and electricity, water and gas utilities.

Read More

Family Planning NSW the latest victim of cyber attacks

By Cameron Abbott and Allison Wallace

Up to 8000 clients of Family Planning New South Wales have been affected by a ransomware attack on the NGO’s website. No the sort of records people every want to see disclosed.

The website was hacked on ANZAC Day, with the personal information of clients who had contacted FPNSW  in the past 2 and a half years compromised – including details such as names, contact details and reasons for enquiries.

 

Read More

Russian-backed hacking targets Australian businesses

By Cameron Abbott, Allison Wallace and Sarah Goegan

Russian hackers are accused of penetrating up to 400 Australian businesses in 2017 as part of an alleged state-sponsored cyber-espionage campaign, targeting millions of computers across the world.

The Australian government made the announcement in light of an extraordinary joint statement from the US and UK governments pointing a stern finger at Russia for sponsoring cyber-attacks on government, private organisations, critical infrastructure providers and internet services providers.

Read More

Over half of notifiable data breaches caused by human error

By Warwick Andersen, Rob Pulham and Keely O’Dowd

Following on from Friday’s blog, we have looked at a particular aspect of the Office of the Australian Information Commissioner’s Notifiable Data Breaches Scheme quarterly report in more detail.

Read More

Cybersecurity is only one part of security – a filing cabinet could be your highest risk

By Cameron Abbott and Harry Crawford

No matter how much you spend on cybersecurity technology, data breaches can occur in the most basic ways, for example by leaving an old filing cabinet lying around. This demonstrates the need for a holistic approach to information security.

Recently, highly confidential government papers were discovered inside two locked filing cabinets that were purchased at a second-hand furniture shop in Canberra. What likely happened was a public servant overseeing an office clean up unwittingly sold the filing cabinets containing state secrets to the furniture shop.

Read More

Copyright © 2018, K&L Gates LLP. All Rights Reserved.