Irena Markovic



Australia’s privacy watchdog is pursuing Facebook in the federal court over privacy breaches relating to the Cambridge Analytica data harvesting scandal.

The Office of the Australian Information Commissioner began proceedings against the social media giant on Monday, alleging “serious and/or repeated interferences” with privacy law.

It comes almost two years after more than 87 million Facebook users globally had had their personal data improperly shared with the political consultancy.

OAIC opened a formal investigation into the social media giant in April 2018 when it came to light that 311,127 Australians had been caught up in the global data harvesting scandal.

The probe was to consider whether Facebook had breached the country’s Privacy Act, which would involve OAIC its regulatory counterparts internationally.

In its statement of claim, OAIC argues Facebook breached privacy laws when the personal information of Australian Facebook users was disclosed to This Is Your Digital Life app.

It said that most users (311,074 out of 311,127 users) had not installed the app themselves and that their personal information had been “disclosed via their friends’ use of the app”.

Only around 53 Australian users had installed the app.

“Unless those individuals undertook a complex process of modifying their settings on Facebook, their personal information was disclosed by Facebook to the “This is Your Digital Life” App by default,” the statement of claim states.

“Facebook did not adequately inform the affected Australian Individuals of the manner in which their personal information would be disclosed, or that it could be disclosed to an app installed by a friend, but not installed by that individual.”

OAIC also alleges that Facebook failed to take reasonable steps to protect its users’ personal information from unauthorised disclosure.

“As a result, the Affected Australian Individuals’ personal information was exposed to the risk of disclosure, monetisation and use for political profiling purposes,” the claim states.

Privacy commissioner Angelene Falk said the design of the Facebook platform meant “users were unable to exercise a reasonable choice and control about how they personal information was disclosed”.

“Facebook’s default settings facilitated the disclosure of personal information, including sensitive information, at the expense of privacy,” she said.

“We claim these actions left the personal data of around 311,127 Australian Facebook users exposed to be sold and used for purposes including political profiling, well outside users’ expectations.”

The current maximum penalty for serious or repeated breaches is $1.7 million, though this could soon increase to $10 million under law changes being floated by the federal government.

The US and UK government’s have already fined Facebook in relation to the data scandal.

OAIC’s UK counterpart, the Information Commissioner’s Office, finalised its investigation into the Cambridge Analytica scandal more than a year ago and fined Facebook 500,000 pounds.

The US Trade Commission has also secured a US$5 billion settlement with the social media company over its investigation into the social media company’s handling of user data.

The OAIC’s statement of claim can be found here.


0 FacebookTwitterPinterestEmail


HP Inc on Thursday rejected Xerox Holdings Corp’s raised takeover bid of about US$35 billion, saying it undervalued the personal computer maker.

The US printer maker last month increased its offer by US$2 to US$24 per share, after its previous buyout offers were rejected by the PC maker for the same reason.

Chip Bergh, chair of HP’s board, said the offer would leave shareholders with an investment in a combined company that is burdened with an irresponsible level of debt.

“(It) would subsequently require unrealistic, unachievable synergies that would jeopardize the entire company,” Bergh said in a statement.

He pointed to declining sales at Xerox and said its recent sale of its interest in the Fuji-Xerox joint venture raised concerns about the company’s future position.

Xerox decided to sell its 25 percent stake in Fuji Xerox, its joint venture with Fujifilm Holdings, for US$2.3 billion in November last year, following investor activism that scuppered a deal between the two companies.

After Xerox raised its bid last month, HP said it would implement a poison pill plan to stop investors from amassing more than 20 percent stake in the company.

HP on Thursday requested shareholders to reject Xerox’s tender offer launched earlier this week, saying it would disproportionately benefit Xerox shareholders relative to HP shareholders.

Xerox shares fell over 4 percent and HP shares about 1 percent in early trading.


0 FacebookTwitterPinterestEmail


The Digital Transformation Agency is hoping to begin publicly testing the facial recognition component of the government’s digital identity credentialing app by mid-2020.

Chief digital officer Peter Alexander revealed the time frame in senate estimates on Thursday, but stressed the DTA wanted to get the all-important biometric feature right before introducing it.

“We would like the biometric to be in by mid-year, but we wouldn’t pressure that,” he said.

“This is about getting it right because the biometric is so important that we do need to make sure that this is successful.”

The biometric refers to the facial recognition component of the Australian Taxation Office’s myGovID digital identity credentialing app. The ATO is the government’s exclusive identity provider.

myGovID, which has spent the last nine months in public beta, currently allows citizens to create a digital identity that can then be used to log into a limited range of online government services.

It currently works like a digital equivalent of the 100 point ID check by using the Document Verification Service and Face Verification Service to verify identity documents like passports, Medicare cards and driver’s licences.

But for citizens to access more confidential services – under what the DTA calls identity proofing level three (IP3) – requires that facial verification and liveness detection – or a proof-of-life test – be embedded in the app.

According to the trusted digital identity framework, IP3 provides “high confidence in the claimed identity and is intended for services with a risk of serious consequences from fraud”.

Since September 2018, the DTA and ATO has been testing liveness detection software from IDEMIA to check if a person is real by prompting them to move their head between a series of points.

But the pair still haven’t finalised which identity proofing solution to integrate within myGovID, with the ATO last month approaching the market for “additional vendor to test their solution against the ATO’s core usability and security requirements”.

“No decision has been made on which vendors and which products will be eventually used for Liveness detection. All options are being kept open,” an ATO spokesperson told iTnews.

“This exercise is about making sure that we have tested and optimised the IP3 experience for our clients.

“The ATO will continue to test multiple vendors and products in order to optimise the available usability and security requirements.”

On Thursday, Alexander said that while the facial recognition component has been trialled with test groups of citizens and has been shown to work, the feature has not yet been used publically.

DTA chief Randal Brugeaud described the approach to the “implementation of the biometric features to ensure the Facial Verification Service operates as expected” as “very considered.

“We are working through a set of technical issues in order for us to allocate an identity which has a biometric anchor,” he told estimates on Thursday.

“We want to make sure that the person that is granted that identity is entitle to it, so we’re ensuring that the quality of the biometric is exactly where it needs to be.”

Brugeaud also revealed that the myGovID app has now been downloaded more than 492,000 times, with a total of 332,421 myGovID digital identities created to date.

This figure is growing daily, as tax professionals continue to shift to myGovID to replace the soon-to-be mothballed legacy AUSkey authentication credential.

myGovID, which is set to move from public beta to live later this month, became the default option for tax professionals to access the ATO’s new online tax agent portal in January.


0 FacebookTwitterPinterestEmail


NBN Co is continuing to resist pressure to introduce a cheaper entry-level broadband product over fears of the number of users that would wind up using it, eating into long-term revenue and cash flow.

It’s the first time that NBN Co executives have publicly spelled out why they continue to oppose the introduction of more specific affordable, entry-level internet services than those already in-market.

The company has been under pressure to find a way to serve “price-sensitive” households and to improve the affordability of services on its network.

The government defines affordable internet as a basic 12/1Mbps service with unlimited data for $60 a month retail. Others have proposed specific products for low-income households for half that price.

A pricing review run through the back half of last year was meant to find a solution, but NBN Co wound up making only limited changes to its existing pricing, and deferred talk around a specific low-income solution to another process.

In a senate estimates hearing on Tuesday night, NBN Co raised fears that an aggressive entry-level plan would essentially sabotage the company’s multi-year effort to step users up to higher speed services.

“It would tend to drive more customers down into that much lower speed tier,” chief customer officer for residential Brad Whitcomb said.

“To the extent that the entry level price gets pulled down and the economics become more attractive to retailers, more people would tend to find themselves there. 

“The awareness around the impact of not having the right speed is limited across the market so you’re relying on a consumer group that might not be fully aware of the implications. 

“They could take up lower speed tiers, they won’t get the experience that they want, it doesn’t unleash the network that we’ve built.”

Whitcomb said NBN Co believed that “for the most part, customers get a better experience when they have access to the speeds that meet their needs in the home”.

“So when you start talking about entertainment or multiple devices, kids doing their homework etc typically that requires a higher speed tier than a 12/1,” he said.

“We’ve made a very concerted effort, and in fact to summarise our approach to pricing is ‘much much more for a little bit more’. 

“That’s to uplift the digital capability of the nation, and we see that better served when people have access to a lot of capacity and higher speed.”

NBN Co CEO Stephen Rue said any migration of users back down to 12/1Mbps would have long-term revenue and cash flow repercussions for the company.

“It is absolutely in the long term interests of customers for us to have cash flow so we can continue to invest in the network to improve customer experience, and to continue to evolve our network,” Rue said.

“Quite frankly, spending money on a network and having lots of people on low speeds I don’t think is a good outcome.”

Rue further argued that cutting 12/1 prices would have a flow-on impact to higher tier plans, which would need to also be made more attractive to discourage retailers from mass-migrating their user base down to 12/1.

“If we were to not want there to be a drift down of a lot of customers down to 12/1, we would have to look at the pricing structure of speed tiers above 12/1, which would obviously have an even greater detrimental revenue impact,” he said.

“It may address perhaps some of the customers not going to 12/1 – in other words, we may end up with the same mix we have today – but that would have an even greater impact on our revenues.”

Rue defended NBN Co’s current pricing, which includes a modified entry-level product.

He said it had been created to balance the needs of NBN Co, industry and consumers.

“We set what we thought was a fair pricing outcome with the industry following many, many months of consultation, and a disturbance of that would have a detrimental impact – I think – on consumers long-term,” Rue said.

“I’ve been on the public record many, many times, saying it’s important to balance the needs of retailers, the needs of NBN Co and obviously the needs of consumers.”

NBN Co has always had a take-up goal of between 73-75 percent of users. The rest, it is assumed, would connect with cellular or other technology, or in some cases may not have internet at all.

The concern is that for some Australians, an NBN connection is out of financial reach, meaning they are also unable to take advantage of online services such as government, health or education.

It still wasn’t clear from NBN Co’s commentary why it could not launch a product that only certain Australians, such as those receiving income support, could access.

This is, after all, what the long-running proposal by the Australian Communications Consumer Action Network (ACCAN) asks for.

“We believe that our plan for a 50Mbps product for $20 wholesale/$30 retail for households receiving income support is the best way to achieve affordable broadband for Australian households,” ACCAN has previously said.

Such a limitation could afford NBN Co the certainty that the cheap plan would not simply be inundated with all manner of users after a better deal.


0 FacebookTwitterPinterestEmail


Optus has put more process automation bots to work in its human resources, managed services and order management functions, following an internal hackathon held at the end of last year.

The telco is in its third year of working with robotic process automation (RPA) technology, which it uses to power “300-plus” automations.

It also has a centre of excellence (CoE) structure around its RPA operations, which it calls the iAutomate CoE.

Optus said in a LinkedIn post late last year that the CoE, “together with our Group Digital Office and RPA platform partner UiPath, recently held a ‘hack fiesta’ where 60 of our people registered to learn how to build their own RPA-assisted bot that automates a repetitive task in their work routine”.

Eight teams participated in the hackathon and one, developing a bot called ‘Tara’, was “crowned the overall winner”, though no details of the bots – or the processes they automated – were released.

However, in a new video, also published to LinkedIn, Optus provided a brief look at Tara and two other bots developed through the hackathon.

Tara bot, according to one of its creators, talent acquisition specialist Natasha Welden-Iley, “is going to allow us and our leaders to recruit more effectively.” 

“It’s really exciting as it will allow the team to actually deal with people more than paperwork,” she said.

Michael Chesterton, a technical services manager for integrated client services, said his team created a bot called ‘Robot Smith’.

“He’ll be a virtual contact centre agent logging into our Optus Business managed customers’ environments and confirming they’re functioning as expected,” Chesterton said.

“He’ll alert us to issues before they occur and enable our engineers to move onto more complex tasks.”

Shannon Booth, order management & visibility program manager in Optus’ supply chain division, said her team is developing a bot “that enables us to communicate to sales channels quicker about orders that need extra attention.” 

“This is incredibly useful and beneficial to the customers because it ensures they get the greatest customer experience possible,” she said.

Optus indicated it would continue to work with the lines of business to identify processes for rework and automation.

“As a result of our growth over a number of years we have a number of legacy processes, a lot of workarounds, a lot of manual and admin processes,” CFO Murray King said.

“That’s not the best use of our valuable resources, so what we want to be able to do is identify all of those processes that can essentially be automated just to free up time.”


0 FacebookTwitterPinterestEmail


The NSW government has experienced its largest year-on-year increase in technology spending in recent years, with overall agency costs now estimated at more than $3.8 billion a year.

Answers to questions on notice from a recent parliamentary inquiry reveal IT spending across the NSW public sector ballooned to $3.80 billion during the 2017-18 financial year.

NSW government chief information and digital officer Greg Wells said this included “all ICT and digital (including personnel and services)”.

It represents an increase of around 19 percent on 2016-17, when IT costs sat at $3.08 billion – or 4.3 percent of total agency expenditure.

But when taking into account data from the last two available financial years (2015-16 to 2017-18), this figure jumps to 30 percent.

By comparison, overall state government IT spending climbed by 41 percent between 2012-13 and 2016-17.

The government has previously put its jump in IT spending down to its aggressive digital transformation efforts, which have only accelerated since 2016-17.

Since returning to power in March 2019, the government has created a $100 million digital investment fund aimed at accelerating IT projects that adopt an agile delivery mythologies.

The fund will help the government transition from a traditional CapEx and OpEx investment model – designed for owning IT assets – to a contemporary funding model for technology projects.

It is aimed at developing common platforms – or “state digital assets” – that can be reused across agencies, but also legacy modernisations and building capability among staff.

Earlier this month, however, the government revealed that $38.6 million had already been spent, leaving just 60 percent of funding to last until June 2021.

Reduced transparency over IT spending

The new data is the first to be released by the NSW government in over a year.

Spending was previously reported on an annual basis by the now Department of Customer Service as part of its technology benchmarking work.

The data was broken down by cluster and service tower, including cloud-based services, allowing the government to pinpoint spending trends.

The report also contained data on a range of other metrics such as the number of government websites, which will now be radically reduced under a new consolidation project.

But the department has not released any data on current IT spending since the fifth annual round of IT benchmarking was quietly released in August 2018.

A spokesperson told iTnews the department was “working on re-establishing aspects of the ICT benchmark reports in 2020 based on the beyond digital strategy”.

The inaugural digital and customer strategy, which was released last November, is intended to be a living, breathing document that responds to changes in technology and customer feedback.

“Responding to these challenges means initial 10-year investment plans for government clusters are in the process of being finalised are part of the FY 20/21 budget cycle,” the spokesperson said.

The department is also yet to release a number of complementary strategies that were promised for delivery last month.

This includes the NSW IoT policy, NSW AI ethics framework, NSW AI ethics strategy and a NSW Telco Authority operational communications strategy, as well as a series of ten-year plans for clusters.


0 FacebookTwitterPinterestEmail


High-ranking crisis management and incident response public servant Abigail Bradshaw has been named the new head of the Australian Cyber Security Centre.

Australian Signals Directorate director-general Rachel Noble announced the appointment late on Friday afternoon, six weeks after the national cyber spy agency went looking for a replacement.

She replaces Noble, who left the ACSC this month to replace Mike Burgess as ASD’s director-general. Burgess has become Australian Security Intelligence Organisation’s director-general.

Bradshaw has spent the last several years at the Department of Prime Minister and Cabinet, most recently as the National Bushfire Recovery Agency’s strategy and governance deputy coordinator.

She also spent several years as PM&C’s national security first assistant secretary and in senior roles at the Department of Home Affairs, including as a maritime border command deputy commander.

Noble said Bradshaw’s “deep experience in crisis management and incident response” from her time at PM&C and Home Affairs made her a perfect fit for the role.

“Cyber threats in Australia continue to increase in sophistication,” Noble said.

“Ms Bradshaw has the proven experience to continue the ACSC’s commitment to ensuring Australia is the safest place to connect online.”

Bradshaw said she “delighted to be returning to the Defence portfolio, bringing my crisis management experience, and domestic and international connections to this exciting role in ASD”.

“I look forward to working closely again with colleagues inside and outside the portfolio, and with the talented team in ACSC to acquit our important cyber mission,” she said.

Noble also used the announcement to name Linda Geddes as ACSC’s new deputy director-general signals intelligence and network operations

Geddes, who will take up the role on March 16, comes to the agency from Home Affairs, where she has spent the last year-and-a-half as the Commonwealth counter-terrorism coordinator.

She has also held other senior roles at Home Affairs, including deputy secretary for policy, as well as PM&C, ASD and the Office of National Assessments.

“Ms Geddes will be a tremendous asset to ASD as she brings to this role her deep counter-terrorism and national security experience, including through her current role as the Commonwealth’s Counter-Terrorism Coordinator,” Noble said.

Geddes said she was “very excited to be returning to ASD” and was “look(ing) forward to renewing old relationships and making new ones”.


0 FacebookTwitterPinterestEmail


Customers of the National Australia Bank’s merchant and business banking facility NAB Connect have been hit by an outage that appears to have started at around lunchtime on Friday, with users that complaining end of month payments processing has been knocked offline.

As is now customary, disgruntled users took to social media to take the bank to task as the institution scrambled to restore services during the busy Friday afternoon and evening libation period.

“Some NAB merchant terminals in NSW may be intermittently unavailable due to an external network issue. Customers can still process payments via our automated phone service, calling 13 35 14, selecting option 4. Please be sure to know your store ID to process a payment,” NAB said in a tweet.

Users were not impressed.

Others users complained of lengthy waits.

NAB said the issue stemmed from authentication problems that were keeping customers out of the system. 

“We’re currently experiencing login failures preventing customers from accessing NAB Connect. Our technology team is currently working to fix the problem as soon as possible. We apologise to customers for any inconvenience and appreciate their patience while we fix the problem,” a NAB spokesperson told iTnews.

The latest NAB outage for business customers is the second in as many months.

In January customers of NAB’s health business payments play HICAPs were also knocked offline.

The latest outage comes as the Reserve Bank of Australia continues to apply pressure to banks to improve their uptime, having previously put institutions on notice they will be named and shamed over downtime.

The latest issue appeared to be ongoing at 6.30pm on Friday night.


0 FacebookTwitterPinterestEmail