This Week In Digital Trust

This week, Arj and Jordan look at the human labour powering many AI solutions - solutions that we're encouraged to view as magic in a box. The way this labour is being used - much of it through sub-contracting arrangements in the developing world - raises worker welfare and privacy issues, among other concerns. Arj and Jordan explore this issue through a couple of news stories - one that reveals the workers involved in labelling images taken by some Roomba robot vacuum cleaner models, and a second story that reveals the role played by low-paid Kenyan workers in training ChatGPT to not be violent, racist and sexist. Links: Article about the ChatGPT making jobs redundant (NYPost) https://www.news.com.au/technology/innovation/inventions/the-jobs-ai-could-be-about-to-take-over-forever/news-story/3969af5aed12008263710e264876d5d4 Article about Roomba recording sensitive images (MIT Technology Review) https://www.technologyreview.com/2022/12/19/1065306/roomba-irobot-robot-vacuums-artificial-intelligence-training-data-privacy/ Article about OpenAI using Kenyan workers to train ChatGPT (TIME) https://time.com/6247678/openai-chatgpt-kenya-workers/ Article in NOEMA magazine https://www.noemamag.com/the-exploited-labor-behind-artificial-intelligence/ Book - The Costs of Connection (goodreads review) https://www.goodreads.com/en/book/show/43506400 Credits: Music by Bensound.com

This week, Arj and Jordan explore an encouraging proposal for regulating facial recognition. As the risks and dangers posed by AI and technologies like facial recognition continue to become apparent, UTS Human Technology Institute has published a "model law" for facial recognition that could become the basis for better regulation of facial recognition in Australia. As well as stepping through the highlights of the model law, Arj and Jordan explore the challenges with regulating facial recognition and why a dedicated law for facial recognition is necessary in light of existing privacy regulations. Links: Facial recognition technology: Towards a model law https://www.uts.edu.au/human-technology-institute/explore-our-work/facial-recognition-technology-towards-model-law UTS Human Technology Institute https://www.uts.edu.au/human-technology-institute Kmart, Bunnings and The Good Guys using facial recognition technology in stores (CHOICE) https://www.choice.com.au/consumers-and-data/data-collection-and-use/how-your-data-is-used/articles/kmart-bunnings-and-the-good-guys-using-facial-recognition-technology-in-store OAIC investigation into Bunnings and Kmart https://www.oaic.gov.au/updates/news-and-media/oaic-opens-investigations-into-bunnings-and-kmart OAIC finding against 7-Eleven https://www.oaic.gov.au/updates/news-and-media/oaic-finds-against-7-eleven-over-facial-recognition OAIC finding against Clearview AI https://www.oaic.gov.au/updates/news-and-media/clearview-ai-breached-australians-privacy Credits: Music by Bensound.com

This week, Arj and Jordan deconstruct the debate that has sprung up around Elon Musk's attempts to restrict the circulation of publicly available flight data about his private jet. They discuss how real time flight trackers have been an essential tool for journalists and independent researchers holding billionaires and governments to account and how many arguments about privacy are really arguments about power and accountability. Going deeper, Arj and Jordan talk about the idea of maintaining a privacy interest in information despite it being publicly available. They explore the important role of law, friction and obscurity in keeping things private even when we can no longer keep things secret. Links: Musk bans journalists and suspends account of flight tracking account (NYT) https://www.nytimes.com/2022/12/16/business/elon-musk-twitter-suspensions.html WIRED article on Musk banning twitter accounts (WIRED) https://www.wired.co.uk/article/elon-musk-elonjet-flight-tracker-transparency Article about privacy impacts of electronic court filings (WSJ - paywall) https://www.wsj.com/articles/electronic-court-filings-trial-privacy-records-motions-paper-trail-hippa-sensitive-personal-data-11672869403?mod=Searchresults_pos2&page=1 IAPP article touching on private/public distinction https://iapp.org/news/a/a-view-from-dc-elon-musks-privacy-lessons/ Helen Nissenbaum book on Obfuscation https://mitpress.mit.edu/9780262529860/obfuscation/ Paper by constitutional law professor on political donations https://papers.ssrn.com/sol3/papers.cfm?abstract_id=1743742

In this special episode of This Week in Digital Trust, we explore familiar themes, but with a twist.  On the podcast we often discuss concepts of agency and a sense of identity in the context of privacy, and how our grip on these concepts can be undermined when we lose control over our information.  For Australians who have experienced disadvantage, especially children that have grown up in out-of-home care, these challenges are even more pronounced. Many typically don't have any access to their own records or sufficient visibility about how they are used and for what ends. We speak with experts Frank Golding and Barbara Reed (bios below) to explore this experience and how recordkeeping is now being re-imagined, in a way that might have lessons for how personal data is managed by organisations more broadly. Bios: Dr Frank Golding OAM Frank Golding has a PhD from Federation University Australia and is a Life Member of CLAN, the national care leaver advocacy body. A social historian, Frank has contributed to formal inquiries dealing with the institutionalisation of children and to projects with the National Museum, the National Library of Australia, and the National Summit on Rights in Records. He has presented papers on child welfare in a number of countries. He has written more than a dozen books, as well as book chapters and refereed journal articles. Barbara Reed Barbara Reed is currently working as a part time Research Fellow on the Rights in Records projects of Monash University. As an independent archives and records consultant and Director of Recordkeeping Innovation,  she has worked with a range of government, non-government, private and non-profit organisations, in Australia and internationally. She has previously worked on issues empowering access to records for the Care Leaver Community and the Stolen Generation. Much of her consulting work has been focused on developing recordkeeping practices and competencies, transforming recordkeeping into digital practice, and working with a range of stakeholders to create strategic interventions through standards and best practice guidelines. Links: Dr Frank Golding OAM https://frankgolding.com/ Charter of Lifelong Rights in Childhood Recordkeeping in Out of Home Care https://www.monash.edu/it/clrc Bodies of Light (book) https://www.goodreads.com/book/show/58420822-bodies-of-light Credits: Music by Bensound.com

This week Arj and Jordan take a look back at the big issues of 2022 and how things have played out since they were discussed in earlier episodes. They cover topics including the crash of crypto, the extent of cyber war in the Ukraine/Russia conflict, the march of facial recognition technology, and Australian Government reforms in the cyber and privacy domains. This is our last episode of 2022. We'll be back in early Jan. Thank you all for listening to the first year of TWIDT! Links: Bitcoin crashes in 2022 (Yahoo Finance) https://au.finance.yahoo.com/news/bitcoin-price-crashes-2020-level-crypto-battering-continues-092507106.html Why Russia's cyber war in Ukraine hasn't played out as predicted (New Atlas) https://newatlas.com/military/russia-cyber-war-ukraine/ Cyber Conflict in the Russia-Ukraine War paper series (Carnegie Endowment for International Peace) https://carnegieendowment.org/programs/technology/cyberconflictintherussiaukrainewar Clearview AI facial recognition ruling (OAIC) https://www.oaic.gov.au/updates/news-and-media/clearview-ai-breached-australians-privacy Facial recognition technology: Towards a model law (UTS Human Technology Institute) https://www.uts.edu.au/human-technology-institute/explore-our-work/facial-recognition-technology-towards-model-law Cyber strategy revamp (The Mandarin) https://www.themandarin.com.au/208343-national-security-boffins-to-rally-around-major-reset-on-resilience-migration-cyber-and-democracy-policy/ Dreyfus pledges sweeping data privacy reforms (AFR) https://www.afr.com/politics/federal/dreyfus-pledges-sweeping-data-privacy-reforms-20220627-p5awvw Credits: Music by Bensound.com

This week, Arj and Jordan mark Human Rights Day (Dec 10) with an argument for making human rights a more central focus in Australia's public policy and reform discussions about privacy. The discussion offers a useful framing for analysing a recent decision by EU regulators against Meta's use of personalised advertising without explicit consent, a ruling expected to strike at the heart of the tech giant's business models. They also discuss how stronger privacy laws that make the acquisition of "third-party data" more difficult might be spurring a trend towards new reward schemes and wellbeing apps in the health sector, which the ACCC has warned are creating "big honeypots" of sensitive data. Links: Jordan's oped about privacy and human rights (InnovationAus) https://www.innovationaus.com/the-blindspot-in-australias-approach-to-privacy-reform/ Human Rights Day https://www.un.org/en/observances/human-rights-day EU set to bar Meta from ads based on personal data (Reuters) https://www.reuters.com/technology/eu-raises-concerns-over-metas-targeted-ad-model-wsj-2022-12-06/ Meta’s behavioral ads will finally face GDPR privacy reckoning in January (TechCrunch) https://techcrunch.com/2022/12/06/meta-gdpr-forced-consent-edpb-decisions/ Cyber risk in data honeypots from health insurance app craze: ACCC (The Australian - paywalled) https://www.theaustralian.com.au/business/financial-services/cyber-risk-in-data-honeypots-from-health-insurance-app-craze-accc/news-story/e98bf187286252a0f355980ef77c8cbd Credits: Music by Bensound.com

This week, Arj and Jordan dive into the collapse of cryptocurrency exchange FTX. It leads them to a broader discussion about Effective Altruism, a philosophy and a movement to govern charitable giving that has been taken up with gusto by influential tech billionaires (like FTX founder Sam Bankman-Fried). Arj and Jordan discuss how some of the thinking behind Effective Altruism may be having adverse effects on the direction of technology more broadly. Links: FTX collapse news story (ABC News) https://www.abc.net.au/news/2022-12-03/the-downfall-of-ftx-crypto-king-sam-bankman-fried/101714162 Effective Altruism website https://www.effectivealtruism.org/ Peter Singer pond thought experiment https://www.thelifeyoucansave.org.au/child-in-the-pond/#:~:text=If%20you%20don't%20wade,ll%20be%20late%20for%20work. Timnit Gebru oped about Effective Altruism (WIRED) https://www.wired.com/story/effective-altruism-artificial-intelligence-sam-bankman-fried/ Critique of longtermism (New Statesman) https://www.newstatesman.com/ideas/2022/11/elon-musk-william-macaskill-useful-philosopher Credits: Music by Bensound.com

This week, Arj and Jordan explore the concept of "safe harbour", a legal concept giving board directors a defence from liability from a privacy or cyber incident. With increased penalties recently introduced for privacy breaches and greater scrutiny on boards and executives, we're starting to hear this idea being floated more often. We explore its merits. We also chat briefly about the Australian Government's new "hack the hackers" gambit and the status of legislation to drastically increase fines for privacy violations. Links: Government announces standing operation to disrupt cybercrime (Home Affairs) https://minister.homeaffairs.gov.au/ClareONeil/Pages/standing-operation-against-cyber-criminal-syndicates.aspx New privacy penalty bill passes Parliament (InnovationAus) https://www.innovationaus.com/unworkable-data-breach-laws-pass-parliament/ Tech lobby exemptions sought to privacy fines (InnovationAus) https://www.innovationaus.com/tech-industry-wants-good-faith-data-breach-penalty-exemptions/ David Gonski calls for safe harbour (AFR) https://www.afr.com/companies/professional-services/gonski-pushes-for-new-cyber-risk-mechanism-to-protect-directors-20220822-p5bbqe Lawfirm calls for safe harbour for ransom payments (AFR) https://www.afr.com/technology/making-cyber-ransom-payments-unlawful-would-help-boards-20221120-p5bzp7 Credits: Music by Bensound.com

This week, Arj and Jordan dive into the Musk/Twitter saga. Opinions abound on this one - but Arj and Jordan look closely at how Musk is going with his promise to bring back free speech, the viability of Musk's blue-check verification thought-bubble, and likely repercussions of the departure of privacy, security and compliance officers from the platform. Links: Musk fires engineers after critical posts (CNBC) https://www.cnbc.com/2022/11/15/musk-fires-twitter-engineers-after-critical-posts-on-twitter-and-slack.html Musk halts blue check subscription plan (Reuters) https://www.reuters.com/technology/musk-says-his-companies-will-remain-well-positioned-2023-2022-11-11/ Oped by Twitter's former head of trust and safety (NYTimes) https://www-nytimes-com.cdn.ampproject.org/c/s/www.nytimes.com/2022/11/18/opinion/twitter-yoel-roth-elon-musk.amp.html Privacy and Security officers depart Twitter (The Verge) https://www.theverge.com/2022/11/10/23451198/twitter-ftc-elon-musk-lawyer-changes-fine-warning FTC settlement with Twitter https://www.ftc.gov/business-guidance/blog/2022/05/twitter-pay-150-million-penalty-allegedly-breaking-its-privacy-promises-again FTC warning to Twitter (TechCrunch) https://techcrunch.com/2022/11/10/ftc-warns-no-ceo-or-company-is-above-the-law-if-twitter-shirks-privacy-order/ Australia’s eSafety commissioner cautions Elon Musk (Guardian) https://www.theguardian.com/technology/2022/nov/08/australia-esafety-commissioner-elon-musk-twitter-moderation-concerns Credits: Music by Bensound.com

This week, Arj and Jordan dive into the vexed question of whether companies should pay ransoms to cybercriminals. The government's position is clear: do not pay. The reality on the ground for most companies is much more complex. Arj and Jordan step through these complexities and the competing imperatives organisations face when confronted with this difficult decision. Important note: This is a complex topic and it's important to emphasise that in this discussion we aren't advocating one way or the other in relation to paying ransoms generally - merely illustrating how businesses faced with a ransom demand do have various and competing considerations. Links: Medibank breach round-up (Guardian) https://www.theguardian.com/australia-news/2022/nov/12/medibank-v-the-hackers-how-the-health-insurer-fell-to-a-mass-data-theft National coordination mechanism invoked (IT News) https://www.itnews.com.au/news/gov-invokes-emergency-coordination-as-medibank-breach-worsens-586965 ACSC ransomware advice https://www.cyber.gov.au/ransomware Ransomware action plan https://www.homeaffairs.gov.au/cyber-security-subsite/files/ransomware-action-plan.pdf Labor call for National Ransomware Strategy https://timwatts.net.au/media/187357/beyond-the-blame-game-ransomware-discussion-paper.pdf Panama Papers https://en.wikipedia.org/wiki/Panama_Papers Credits: Music by Bensound.com