Search

How Samantha Murphy's digital data could be a crucial clue

Last Friday, Victoria Police revisited the Mount Clear area after extracting information from her mobile phone data, as they continue to investigate the Ballarat mum's disappearance. Now, Former Australia Federal Police officer and professor of cybersecurity, Nigel Phair believes an "anomaly" or "change in the behaviour" of Murphy's data pattern may have prompted authorities to return to the area. Detectives have previously said that Murphy departed her residence and ran approximately 7km through Woowookarung Regional Park with data tracking her last location as Mount Clear. Phair who formerly headed investigations at the Australian High Tech Crime Centre (AHTCC), said that data from her iPhone and Apple Watch is particularly important as both devices constantly log her GPS coordinates, heart rate, altitude and can even detect falls among other biometric information. "From the second that she walked out of her door, when out on the street, they would be able to see where she was moving and how she was moving," Phair told told Liz Hayes on Channel 9's series Under Investigation. Additionally, her iPhone can be precisely located using triangulation from nearby cell phone towers. Phair said that this type of data is extremely reliable and accurate, and he believes that the disturbance in this data the 7km mark, where it stopped tracking the information, reveals some form of sophistication. "That means someone's done something active against those two devices and you have to know what you are doing to think I'm going to completely take these out," he said. "It's not just turning them off, it's destroying them and then getting rid of that piece of evidence." He added that tampering with these devices are particularly hard, because even if they may attempt to change SIM cards, mobile phones that are still on can still be traced. "A device has two signifiers. It has a phone number, which you can change, call that the software signifier," he said. "Then it has a hardware identifier, which is the IMEI number." He said that police would be notified if the IMEI number was still operational. "Regardless if you swap SIMs or don't use a SIM at all and just use it as a Wi-Fi-only device in a Wi-Fi area, it will always broadcast that IME number onto the network," he said. Phair said that it is "highly likely" that police have the data on potential predators and are tracking them, as they can see whether someone else was using a device in the Mount Clear area the day Murphy disappeared. Former Victorian detective Damian Marrett told Hayes the he believes Murphy's disappearance is the result of foul play, as changes in her digital data could suggest it was a "targeted attack". He also added that if anyone else had access to her Find My iPhone app or any of her other data, they could easily track her using this information. "Somebody who intimately knew the tracks that she takes or had access to be able to track her runs," he said. "So she could have been tracked without those people having to physically surveil her." Images: Under Investigation/ Facebook

Legal

Are Australia’s roads becoming more dangerous? Here’s what the data says

<a href="https://theconversation.com/profiles/mark-stevenson-330220">Mark Stevenson</a>, <a href="https://theconversation.com/institutions/the-university-of-melbourne-722">The University of Melbourne</a> and <a href="https://theconversation.com/profiles/jason-thompson-96100">Jason Thompson</a>, <a href="https://theconversation.com/institutions/the-university-of-melbourne-722">The University of Melbourne</a> In 2022, there were nearly <a href="https://www.bitre.gov.au/sites/default/files/documents/road_trauma_2022.pdf">1,200 road crash deaths</a> in Australia – a figure that has remained largely the same over the past decade. However, some states and territories have seen dramatic increases in just the last five years, such as the ACT (100%), Tasmania (59.4%) and Queensland (21.2%). Serious injuries from road crashes have also been <a href="https://app.powerbi.com/view?r=eyJrIjoiMGVlZDM0YzQtNWI3Mi00YzAyLWI5YjUtZGQyYzc3YjJmMmY3IiwidCI6ImFhMjFiNjQwLWJhYzItNDU2ZC04NTA1LWYyY2MwN2Y1MTc4NCJ9">on the rise</a>, from 35,000 in 2013 to 39,866 in 2019. These statistics highlight the need for an urgent rethink of road safety policies if we are to achieve Australia’s <a href="https://www.sbs.com.au/news/article/australias-road-deaths-rise-despite-push-to-halve-fatalities-by-2030/vcl7yj50g">target</a> of a 50% decrease in fatalities and a 30% decrease in serious injuries by 2030. We are clearly not on track to meet these targets. People are worth more than statistics, though. And it is not surprising we haven’t seen decreases in road deaths when we rely on strategies first implemented three to four decades ago. Change is needed to prevent the ongoing trauma caused by road crashes to Australian families. <iframe id="DTp1X" class="tc-infographic-datawrapper" style="border: none;" src="https://datawrapper.dwcdn.net/DTp1X/1/" width="100%" height="400px" frameborder="0"></iframe> <h2>Why have road trauma rates not declined?</h2> Australia has long had an international reputation for pioneering road safety measures, such as seat belt restraints, speed management strategies (including speed cameras) and drink-driving laws, among others. In fact, Australia was the <a href="https://link.springer.com/article/10.1007/BF00137361">first country</a> in the world to introduce laws for compulsory seat belt use. These initiatives have been highly successful in reducing road deaths from their peak in 1970, when <a href="https://www.abs.gov.au/ausstats/abs@.nsf/Previousproducts/1301.0Feature%20Article412001?opendocument&tabname=Summary&prodno=1301.0&issue=2001&num=&view=">3,798</a> were recorded. But in the past two decades, further progress has stalled. We must ask ourselves why. One theory to explain why road deaths may have increased in many states in the past couple of years is the pandemic. The previously empty roads are now congested again, which may have led to impatience and speeding. Or perhaps, some people have seemingly forgotten how to drive safely. However, there is another, perhaps simpler explanation. This chart shows how closely road deaths have tracked with domestic fuel sales in Australia – measured in millions of litres of fuel – since 2019. In simple terms, when driving rates decreased at the beginning of the pandemic, deaths and injuries went down. When driving rates increased again in early 2021, deaths and injuries went up. In fact, there is scant evidence to suggest people’s driving behaviours changed during this time. Our recent unpublished research followed approximately 800 drivers from January 2020 to March 2023 using monitoring systems inside their cars to measure their behaviour. We found no differences in driver behaviours during this time. Rather, there’s a more likely reason why road deaths and injuries continue to be so high: the amount of time we spend driving continues to increase, while our strategies to target the risks associated with driving haven’t changed. Unfortunately, government agencies continue to rely on strategies implemented over the past 20-30 years, which were effective when they were first introduced, but are now subject to the law of diminishing marginal returns. This means continually throwing more resources at existing speed management strategies, for example, will likely only see marginal benefits. <h2>A new approach not focused on cars</h2> There is increasing urgency to investigate and implement new road safety strategies based on emerging technologies and a redesign of our cities instead. For example, a <a href="https://www.sciencedirect.com/science/article/abs/pii/S0001457521003092">recent Australian trial</a> using new driving monitoring technology showed promise in reducing risky driving behaviours that could cause crashes. The monitoring systems provided feedback to the driver (via a smartphone app) and encouraged safer driving using financial incentives akin to insurance premiums. This new strategy is being explored further in three states: New South Wales, Queensland and Western Australia. Encouraging people to transition from private car trips to public transport is another road safety strategy that has seldom been considered by governments. Rather, the driver, car and road remain the focus. This <a href="https://www.roadsafety.gov.au/nrss/fact-sheets/vision-zero-safe-system">“safe system” approach</a> puts an emphasis on building safe road infrastructure for cars, while ignoring urban design changes that de-emphasise the need for cars. We should be encouraging more people to commute by rail, tram and bus (all lower-risk modes per kilometre travelled), while at the same time delivering safe infrastructure for sustainable transport such as bicycles/e-bicycles or walking. If we continue to tinker with strategies implemented many decades ago, we will never get close to achieving the lofty government targets on road deaths and injuries by 2030.<img style="border: none !important; box-shadow: none !important; margin: 0 !important; max-height: 1px !important; max-width: 1px !important; min-height: 1px !important; min-width: 1px !important; opacity: 0 !important; outline: none !important; padding: 0 !important;" src="https://counter.theconversation.com/content/213240/count.gif?distributor=republish-lightbox-basic" alt="The Conversation" width="1" height="1" /> <a href="https://theconversation.com/profiles/mark-stevenson-330220">Mark Stevenson</a>, Professor of Urban Transport and Public Health, <a href="https://theconversation.com/institutions/the-university-of-melbourne-722">The University of Melbourne</a> and <a href="https://theconversation.com/profiles/jason-thompson-96100">Jason Thompson</a>, Associate Professor, Faculty of Medicine and Melbourne School of Design, <a href="https://theconversation.com/institutions/the-university-of-melbourne-722">The University of Melbourne</a> Image credits: Getty Images This article is republished from <a href="https://theconversation.com">The Conversation</a> under a Creative Commons license. Read the <a href="https://theconversation.com/are-australias-roads-becoming-more-dangerous-heres-what-the-data-says-213240">original article</a>.

Domestic Travel

The $500 million ATO fraud highlights flaws in the myGov ID system. Here’s how to keep your data safe

<a href="https://theconversation.com/profiles/rob-nicholls-91073">Rob Nicholls</a>, <a href="https://theconversation.com/institutions/unsw-sydney-1414">UNSW Sydney</a> The Australian Tax Office (ATO) paid out more than half a billion dollars to cyber criminals between July 2021 and February 2023, according to an <a href="https://www.abc.net.au/news/2023-07-26/ato-reveals-cost-of-mygov-tax-identity-crime-fraud/102632572">ABC report</a>. Most of the payments were for small amounts (less than A$5,000) and were not flagged by the ATO’s own monitoring systems. The fraudsters exploited a weakness in the identification system used by the myGov online portal to redirect other people’s tax refunds to their own bank accounts. The good news is there’s plenty the federal government can do to crack down on this kind of fraud – and that you can do to keep your own payments secure. <h2>How these scams work</h2> Setting up a myGov account or a myGov ID requires proof of identity in the form of “<a href="https://www.afp.gov.au/sites/default/files/PDF/NPC-100PointChecklist-18042019.pdf">100 points of ID</a>”. It usually means either a passport and a driver’s licence or a driver’s licence, a Medicare card, and a bank statement. Once a myGov account is created, linking it to your tax records requires two of the following: an ATO assessment, bank account details, a payslip, a Centrelink payment, or a super account. These documents were precisely the ones targeted in three large data breaches in the past year: at <a href="https://theconversation.com/what-does-the-optus-data-breach-mean-for-you-and-how-can-you-protect-yourself-a-step-by-step-guide-191332">Optus</a>, at <a href="https://theconversation.com/medibank-hackers-are-now-releasing-stolen-data-on-the-dark-web-if-youre-affected-heres-what-you-need-to-know-194340">Medibank</a>, and at <a href="https://asic.gov.au/about-asic/news-centre/news-items/guidance-for-consumers-impacted-by-the-latitude-financial-services-data-breach/">Latitude Financial</a>. In this scam, the cyber criminal creates a fake myGov account using the stolen documents. If they can also get enough information to link to the ATO or your Tax File Number, they can then change bank account details to have your tax rebate paid to their account. It is a sadly simple scam. <h2>How government can improve</h2> One of the issues here is quite astounding. The ATO knows where salaries are paid, via the “<a href="https://www.ato.gov.au/business/single-touch-payroll/what-is-stp-/">single touch</a>” payroll system. This ensures salaries, tax and superannuation contributions are all paid at once. Most people who have received a tax refund will have provided bank account details where that payment can be made. Indeed, many people use precisely those bank account details to identify themselves to myGov. At present, those bank details can be changed within myGov without any further ado. If the ATO simply checked with the individual via another channel when bank account details are changed, this fraud could be prevented. It might be sensible to check with the individual’s employer as well. Part of the problem is the ATO has not been very transparent about the risks. If these risks were clearly set out, then calls for changes to ATO procedures would have been loud and clear from the cyber security community. The ATO is usually good at identifying when a cyber security incident may lead to fraud. For example, when the recruitment software company <a href="https://www.abc.net.au/news/2018-06-06/australian-data-may-be-compromised-in-pageup-security-breach/9840048?itm_campaign=newsapp">PageUp was hacked in 2018</a>, the ATO required people who may have been affected to reconfirm their identities. This was done without public commentary and represents sound practice. Sadly, the millions of records stolen in the Optus, Medibank and Latitude Financial breaches have not led to a similar level of vigilance. Another action the ATO could take would be to check when a single set of bank account details is associated with more than one myGov account. A national digital identity would also help. However, this system has been in development for years, is not universally popular, and may well be <a href="https://www.themandarin.com.au/226280-gallagher-warns-community-support-for-digital-identity-not-ubiquitous/">delayed</a> until after the federal election due in 2024. <h2>Protecting yourself</h2> The most important thing to do is make sure the ATO does not use a bank account number other than yours. As long as the ATO only has your bank account number to transfer your tax rebate, this scam does not work. It also helps to protect your Tax File Number. There are only four groups that ever need this number. The first is the ATO itself. The second is your employer. However, remember you do not need to give your TFN to a prospective employer, and your employer only needs your TFN after you have started work. Your super fund and your bank may ask for your TFN. However, providing your TFN to your super fund or bank is optional – it just makes things easier, as otherwise they will withhold tax which you will need to claim back later. Of course, all the usual data safety issues still apply. Don’t share your driver’s licence details without good reason. Take similar care with your passport. Your Medicare card is for health services and does not need to be shared widely. Don’t open emails from people you do not know. Never click links in messages unless you are sure they are safe. Most importantly, know your bank will not send you emails containing links, nor will the ATO.<img style="border: none !important; box-shadow: none !important; margin: 0 !important; max-height: 1px !important; max-width: 1px !important; min-height: 1px !important; min-width: 1px !important; opacity: 0 !important; outline: none !important; padding: 0 !important;" src="https://counter.theconversation.com/content/210459/count.gif?distributor=republish-lightbox-basic" alt="The Conversation" width="1" height="1" /> <a href="https://theconversation.com/profiles/rob-nicholls-91073">Rob Nicholls</a>, Associate professor of regulation and governance, <a href="https://theconversation.com/institutions/unsw-sydney-1414">UNSW Sydney</a> Image credits: Shutterstock This article is republished from <a href="https://theconversation.com">The Conversation</a> under a Creative Commons license. Read the <a href="https://theconversation.com/the-500-million-ato-fraud-highlights-flaws-in-the-mygov-id-system-heres-how-to-keep-your-data-safe-210459">original article</a>.

Technology

Australia's most trusted brands revealed for 2023

When it comes to big brands, there are certain names that Aussies go back to time and time again for their reliability and trustworthy reputations. This year, according to recent data collated by <a href="https://www.trustedbrands.com.au" target="_blank" rel="noopener">Reader's Digest</a>, consumers are interacting differently with big name brands after recovering from the pandemic, but now being faced with the cost of living crisis. The survey, now in its 24th year, was carried out by independent market research company Catalyst Consultancy & Research and asked thousands of consumers of a mixed demographic to name the brands they trusted across more than 70 categories. The data suggests that our most trusted brands have "not only changed the way they interact with us during the past three years of the pandemic", but current "cost-of-living pressures mean the most successful organisations are making even further refinements". "With inflation putting price pressure on everyone at the moment, trust remains a hard-earned and vitally important commodity," Reader's Digest Australia Editor-in-Chief Louise Waterson said. "Many leading companies are rebranding their image, or reshaping their services, to hold on to existing customers and seek out new ones." Check out the list below of Australia's top 20 most trusted brands, and <a href="https://www.trustedbrands.com.au/" target="_blank" rel="noopener">head here for the full 2023 results</a>. 20. Woolworths 19. Sanitarium 18. Bridgestone 17. Ryobi 16. Dairy Farmers 15. Cancer Council Australia 14. Dyson 13. Bega 12. Selleys 11. Specsavers 10. Glen20 9. Dulux 8. Royal Flying Doctor Service 7. Band-Aid 6. Victa 5. Panadol 4. Bunnings Warehouse 3. Cadbury 2. Weber 1. Dettol Image credits: Trusted Brands

News

Can big data really predict what makes a song popular?

Music is part of our lives in different ways. We listen to it on our commutes and it resounds through shopping centres. Some of us seek live music at concerts, festivals and shows or rely on music to set the tone and mood of our days. While we might understand the genres or songs we appreciate, it’s not clear precisely why a certain song is more appealing or popular. Perhaps the lyrics speak to an experience? Perhaps the energy makes it appealing? These questions are important to answer for music industry professionals, and <a href="https://theconversation.com/how-data-is-transforming-the-music-industry-70940">analyzing data</a> is a key part of this. At Carleton University, a group of data science researchers sought to answer the question: “What descriptive features of a song make it popular on music/online platforms?” <h2>Revenue in the music industry</h2> Revenue in the music industry <a href="https://doi.org/10.1509/jm.14.0473">is derived from two sources that are affected by different factors: live music and recorded music</a>. During the pandemic, although live music income dropped due to the cancellation of in-person performances, the <a href="https://doi.org/10.1371/journal.pone.0267640">income from streaming</a> rose. As digital platforms like Spotify and TikTok have grown, <a href="https://doi.org/10.5753/sbcm.2019.10436">the majority of music revenue has come to be contributed by digital media, mostly music streaming</a>. How and whether this <a href="https://theconversation.com/artists-spotify-criticisms-point-to-larger-ways-musicians-lose-with-streaming-heres-3-changes-to-help-in-canada-176526">revenue reaches singers and songwriters at large</a> is another matter. <h2>Popularity on digital platforms</h2> The popularity of a song on digital platforms is considered a measure of the revenue the song may generate. As such, producers seek to answer questions like “<a href="https://doi.org/10.1098/rsos.171274">How can we make the song more popular?</a>” and “<a href="https://doi.org/10.1109/ICMLA.2019.00149">What are the characteristics of songs that make it the top charts?</a>” With collaborators <a href="https://www.linkedin.com/in/laura-colley/">Laura Colley</a>, <a href="https://www.linkedin.com/in/andrew-dybka/">Andrew Dybka</a>, Adam Gauthier, Jacob Laboissonniere, Alexandre Mougeot and Nayeeb Mowla, we produced a systematic study that collected data from YouTube, Twitter, TikTok, Spotify and Billboard (<a href="https://www.billboard.com/charts/hot-100">Billboard Hot-100</a>, sometimes also denoted by data researchers as “<a href="https://data.world/bigml/association-discovery">Billboard hot top</a>” or in our work and others’ work, “Billboard Top-100”). We linked the datasets from the different platforms with Spotify’s acoustic descriptive metric or “descriptive features” for songs. These features have been derived <a href="https://www.billboard.com/music/music-news/echo-nest-columbia-university-launch-million-song-dataset-1178990/">from a dataset which yielded categories for measuring and analyzing qualities of songs</a>. Spotify’s <a href="https://www.theguardian.com/technology/2014/mar/06/spotify-echo-nest-streaming-music-deal">metrics capture</a> <a href="https://doi.org/10.1098/rsos.171274">descriptive features such as</a>acousticness, energy, danceability and instrumentalness (the collection of instruments and voices in a given piece). We sought to find trends and analyze the relationship between songs’ descriptive features and their popularity. The rankings on the weekly <a href="https://www.billboard.com/charts/hot-100/">Billboard Hot-100</a> are based on sales, online streams and radio plays in the United States. The analysis we performed by looking at Spotify and Billboard revealed insights that are useful for the music industry. <h2>What predicts a Billboard hit?</h2> To perform <a href="https://ieeexplore.ieee.org/document/9842568">this study</a>, we used two different data sets pertaining to songs that <a href="https://www.npr.org/sections/therecord/2013/08/16/207879695/how-the-hot-100-became-americas-hit-barometer">were Billboard hits</a> <a href="https://data.world/kcmillersean/billboard-hot-100-1958-2017">from the early 1940s to 2020</a> and Spotify data related to over 600,000 tracks and over one million artists. Interestingly, we found no substantial correlations between the number of weeks a song remained on the charts, as a measure of popularity, and the acoustic features included in the study. Our analysis determined that newer songs tend to last longer on the charts and that a song’s popularity affects how long it stays on the charts. In a related study, researchers collected data for Billboard’s Hot 100 from 1958 to 2013 and found that <a href="https://doi.org/10.1007/978-3-319-13734-6_36">songs with a higher tempo and danceability often get a higher peak position on the Billboard charts</a>. <h2>Predicting Spotify song popularity</h2> We also used the songs’ features to generate machine learning models to predict Spotify song popularity. Preliminary results concluded that features are not linearly correlated, with some expected exceptions including songs’ energy. This indicated that the Spotify metrics we studied — including acousticness, danceability, duration, energy, explicitness, instrumentalness, liveness, speechiness (a measure of the presence of spoken words in a song), tempo and release year — were not strong predictors of the song’s popularity. The majority of songs in the Spotify dataset were not listed as explicit, tended to have low instrumentalness and speechiness, and were typically recent songs. Although one may think that some features that are innate to certain songs make them more popular, our study revealed that popularity can not be attributed solely to quantifiable acoustic elements. This means that song makers and consumers must consider other contextual factors beyond the musical features, as captured by Spotify’s measurables, that may contribute to the song’s success. <h2>Elements affecting popularity shift</h2> Our study reinforces that elements affecting the popularity of songs change over time and should be continuously explored. For example, <a href="https://doi.org/10.1098%2Frsos.171274">in songs produced between 1985 and 2015 in the United Kingdom, songs produced by female artists were more successful</a>. Other aspects may substantially contribute to the success of a song. Data scientists have proposed <a href="https://doi.org/10.1371/journal.pone.0244576">simplicity of the lyrics</a>, the advertising and <a href="https://www.ipr.edu/blogs/audio-production/what-are-the-elements-of-popular-music/">distribution plans</a> as potential predictors of songs’ popularity. <h2>Attached listeners</h2> Many musicians and producers make use of popular events and marketing strategies to advertise songs. Such events create social engagements and <a href="https://doi.org/10.3389/fpsyg.2018.02682">audience involvement</a> which attaches the listener to the song being performed. For the public, <a href="https://www.osheaga.com/en">live music events</a>, following long lockdowns, have been opportune for reuniting friends, and <a href="https://ottawabluesfest.ca/">enjoying live artistry and</a> entertainment. While attending a music event or listening to a song, we invite you to reflect on what it is about the song that makes you enjoy it. Image credits: Getty Images This arctic originally appeared on <a href="https://theconversation.com/can-big-data-really-predict-what-makes-a-song-popular-189052" target="_blank" rel="noopener">The Conversation</a>.

Music

“Have a second phone”: Aussie spy chief’s warning on social media use

MPs have been urged to use a second phone if they want to access social media apps such as TikTok, after one of Australia’s top spy bosses spoke about how these apps use our personal information. Rachel Noble, the Director-General of the Australian Signals Directorate (ASD), recommended that politicians and their staff should adopt the practice during a Senate estimates hearing. She also said that having a phone without access to social media was the only way to have “absolute certainty” of data privacy. “Our advice was, frankly, for people who are members of parliament who might be particularly targets of espionage … that if you wanted absolute certainty that your social media app couldn’t have access to those things … would be to have a second phone which you exclusively use for that,” Ms Noble said. The warning comes after it was reported earlier this year that the ASD had confidential meetings with politicians and their staff to warn them that some apps undertake excessive data collection and request access to contact lists, location data and photos. Last year, the Department of Home Affairs restricted TikTok use on work phones, joining the Department of Defence in doing so. During the hearing, Ms Noble said that in some cases social media apps were collecting additional information extending “beyond the content of messages, videos and voice recordings”. “Social media apps are monetising what you do on your phone, what you access, what you look at for how long, who your friends are – they will seek to get demographics of your friends in order to push you the information and get you to buy things,” she said. With some apps headquartered outside Australia, such as China, Ms Noble said the information collected could be accessed legally or be subject to covert collection. Sectors of the Australian public service aren’t the only ones restricting use of social media apps on work phones, with parliaments in the United States and New Zealand warning against using TikTok on government devices. Image: Getty Images

Technology

"Deplorable": Medibank hacker announces ransom demands

As more sensitive health data has been posted on the dark web, the Medibank hacker has shared their ransom demands for the information to be returned safely. Along with the unlawful release of the information, the hacker stated, "Society ask us about ransom, it's a 10 millions (sic) usd. We can make discount 9.7m 1$=1 customer." At current rates, US$9.7 million is worth $15.07 million. The alleged hacker, also posted: "Medibanks (sic) CEO stated, that ransom amount is 'irrelevant'. We want to inform the customers, that He refuses to pay for yours data more, like 1 USD per person. So, probably customers data and extra efforts don't cost that." Following the release of 200 users' personal health data yesterday, the hacker has today posted an additional file of information allegedly obtained in the hack. While the file is titled "abortions", it is understood that the diagnostic code listed in the file against the names of over 300 Australian men and women actually refers to an admission for "Supervision of high risk pregnancy, unspecified, first trimester", according to <a href="https://www.9news.com.au/national/medibank-hack-update-more-health-data-ransom-demand-posted/32e7d105-1b5f-4291-bbb4-32620cbe3456" target="_blank" rel="noopener">9News</a>. Medibank CEO David Koczkar has called the latest health data release as "deplorable", while assuring customers they are working to secure their information. He said, "The release of this stolen data on the dark web is disgraceful." "We take the responsibility to secure our customer data seriously and we again unreservedly apologise to our customers. "We remain committed to fully and transparently communicating with customers and we will be contacting customers whose data has been released on the dark web. "The weaponisation of people's private information in an effort to extort payment is malicious, and it is an attack on the most vulnerable members of our community. "These are real people behind this data and the misuse of their data is deplorable and may discourage them from seeking medical care." With so much information already leaked, there is a high risk of scams and individual ransom demands to come for the 500 or so Australians whose personal data has already been published. Those customers should be on high alert for scammers. Medibank has yet to reach out to the 500,000 customers whose health data is in jeopardy, to advise them whether more information has been lost to the scammers. Image credits: Getty Images

Legal

Optus data breach: regulatory changes announced, but legislative reform still needed

In response to Australia’s biggest ever data breach, the federal government will <a href="https://ministers.treasury.gov.au/ministers/jim-chalmers-2022/media-releases/changes-protect-consumers-following-optus-data-breach" target="_blank" rel="noopener">temporarily suspend regulations</a> that stop telcos sharing customer information with third parties. It’s a necessary step to deal with the threat of identify theft faced by 10 million current and former Optus customers. It will allow Optus to work with banks and government agencies to detect and prevent the fraudulent use of their data. But it’s still only a remedial measure, intended to be in place for 12 months. More substantive reform is needed to tighten Australia’s loose approach to data privacy and protection. <h2>Changing regulations, not legislation</h2> The changes – <a href="https://ministers.treasury.gov.au/ministers/jim-chalmers-2022/media-releases/changes-protect-consumers-following-optus-data-breach" target="_blank" rel="noopener">announced</a> by Treasurer Jim Chalmers and Federal Communications Minister Michelle Rowland – involve amending the <a href="https://www.legislation.gov.au/Details/F2022C00329" target="_blank" rel="noopener">Telecommunications Regulation 2021</a>. This a piece of “subordinate” or “<a href="https://peo.gov.au/understand-our-parliament/your-questions-on-notice/questions/whats-the-difference-between-a-legislative-act-and-a-regulation/" target="_blank" rel="noopener">delegated law</a>” to the <a href="https://www.legislation.gov.au/Series/C2004A05145" target="_blank" rel="noopener">Telecommunications Act 1997</a>. Amending the act itself would require a vote of parliament. Regulations can be amended at the government’s discretion. Under the Telecommunications Act it is a criminal offence for telcos to share information about “the affairs or personal particulars of another person”. The only exceptions are sharing information with the <a href="https://www.infrastructure.gov.au/media-communications-arts/phone/services-people-disability/accesshub/national-relay-service" target="_blank" rel="noopener">National Relay Service</a> (which enables those with hearing or speech disabilities to communicate by phone), to “authorised research entities” such as universities, public health agencies or electoral commissions, or to police and intelligence agencies <a href="https://www.homeaffairs.gov.au/about-us/our-portfolios/national-security/lawful-access-telecommunications/telecommunications-interception-and-surveillance" target="_blank" rel="noopener">with a warrant</a>. That means Optus can’t tell banks or even government agencies set up to prevent identity fraud, such as the little-known <a href="https://www.afr.com/companies/telecommunications/banks-treasury-team-up-to-protect-optus-customers-20220928-p5blm3" target="_blank" rel="noopener">Australian Financial Crime Exchange</a>, who the affected customers are. <h2>Important safeguards</h2> The government says the changes will only allow the sharing of “<a href="https://ministers.treasury.gov.au/ministers/jim-chalmers-2022/media-releases/changes-protect-consumers-following-optus-data-breach" target="_blank" rel="noopener">approved government identifier information</a>” – driver’s licences, Medicare and passport numbers. This information can only be shared with government agencies or financial institutions <a href="https://www.apra.gov.au/register-of-authorised-deposit-taking-institutions" target="_blank" rel="noopener">regulated by</a> the Australian Prudential Regulatory Authority. This means Optus (or any other telco) won’t be able to share information with the Australian branches of foreign banks. Financial institutions will also have to meet strict requirements about secure methods for transferring and storing personal information shared with them, and make undertakings to the Australian Competition and Consumer Commission (<a href="https://www.accc.gov.au/publications/section-87b-of-the-competition-consumer-act" target="_blank" rel="noopener">which can be enforced in court</a>). The information can be shared only “for the sole purposes of preventing or responding to cybersecurity incidents, fraud, scam activity or identify theft”. Any entity receiving information must destroy it after using it for this purpose. These are incredibly important safeguards given the current lack of limits on how long companies can keep identity data. <h2>What is needed now</h2> Although temporary, these changes could be a game changer. For the next 12 months, at least, Optus (and possibly other telcos) will be able to proactively share customer information with banks to prevent cybersecurity, fraud, scams and identity theft. It could potentially enable a crackdown on scams that affect both banks and telcos – such as <a href="https://www.ato.gov.au/General/Online-services/Identity-security-and-scams/Scam-alerts/" target="_blank" rel="noopener">fraudulent texts and phone calls</a>. But this does not nullify the need for a larger legislative reform agenda. Australia’s data privacy laws and regulations should put limits on how much data companies can collect, or for how long they can keep that information. Without limits, companies will continue to collect and store much more personal information <a href="https://theconversation.com/what-do-tiktok-bunnings-ebay-and-netflix-have-in-common-theyre-all-hyper-collectors-187274" target="_blank" rel="noopener">than they need</a>. This will require amending the federal Privacy Act – subject to a <a href="https://www.ag.gov.au/integrity/consultations/review-privacy-act-1988" target="_blank" rel="noopener">government review</a> now nearing three years in length. There should be limits on what data companies can retain, and how long, as well as bigger penalties for non-compliance. We all need to take data privacy more seriously. This article originally appeared on <a href="https://theconversation.com/optus-data-breach-regulatory-changes-announced-but-legislative-reform-still-needed-192009" target="_blank" rel="noopener">The Conversation</a>. Image: Shutterstock

Legal

7 tricks to use less phone data – and lower your phone bill

Turn off background app refresh <img src="https://oversixtydev.blob.core.windows.net/media/2022/10/01-background-simple-ways-use-less-data-770.jpg" alt="" width="770" height="514" /> When this feature is enabled, your apps are constantly refreshing so that they can show you the most recent content when opened. This includes email synching, weather widgets updating, and feeds refreshing. For the iPhone: Turn off the background app refresh by going to Settings > General > Background App Refresh. For Android: Go to Settings > Data Usage > Restrict app background data. This will allow you to turn the feature off for all apps or you can pick and choose which ones you want to turn off. Disable apps that use a lot of data <img src="https://oversixtydev.blob.core.windows.net/media/2022/10/02-disable-simple-ways-use-less-data-770.jpg" alt="" width="770" height="514" /> There are certain apps that use more data than others, whether you use them frequently or not. For ones that you don’t use often, turn off cellular data. For the iPhone: Go to Settings > Cellular > then under “Use Cellular Data For” switch certain apps to off. Turn off app updates <img src="https://oversixtydev.blob.core.windows.net/media/2022/10/03-updates-simple-ways-use-less-data-770.jpg" alt="" width="770" height="514" /> If your apps update automatically your phone will start the download whether you are connected to Wi-Fi or not. To turn this off on an iPhone, go to Settings > iTunes & App Stores > turn off Use Cellular Data. For an Android, go to Settings > under General click Auto-update apps > Auto-update apps over Wi-Fi only. Then, your apps will only update when you are connected to Wi-Fi. Turn off Wi-Fi assist <img src="https://oversixtydev.blob.core.windows.net/media/2022/10/04-wifi-simple-ways-use-less-data-770.jpg" alt="" width="770" height="514" /> Wi-Fi assist automatically uses your cellular data when the Wi-Fi signal is poor. To disable Wi-Fi assist for an iPhone go to Settings > Cellular > turn off Wi-Fi Assist. Turn off iCloud drive <img src="https://oversixtydev.blob.core.windows.net/media/2022/10/05-icloud-simple-ways-use-less-data-770.jpg" alt="" width="770" height="514" /> When iCloud is enabled it is constantly moving documents in and out of the cloud. Use less cell phone data by turning iCloud off. To do this on the iPhone got to Settings > iCloud > turn off iCloud Drive. Download music <img src="https://oversixtydev.blob.core.windows.net/media/2022/10/06-download-simple-ways-use-less-data-770.jpg" alt="" width="770" height="514" /> When you are on the go, streaming music, podcasts, or videos can really eat away at your data. Both the iPhone and Android phones let you restrict these apps to Wi-Fi only. Turning this setting on will force you to download them when connected to a Wi-Fi network and then allow for data free listening on the move. Turn off cellular data completely <img src="https://oversixtydev.blob.core.windows.net/media/2022/10/07-turn-simple-ways-use-less-data-770.jpg" alt="" width="770" height="514" /> If you know that you are about to reach you data limit or are saving it for the road trip you have coming up, you can simply turn off cellular data. This way, no data will be used, and certain apps will only work if you are connected to a Wi-Fi network. Written by Morgan Cutolo. This article first appeared in <a href="https://www.readersdigest.com.au/culture/7-tricks-to-use-less-phone-data-and-lower-your-phone-bill" target="_blank" rel="noopener">Reader’s Digest</a>. For more of what you love from the world’s best-loved magazine, <a href="http://readersdigest.innovations.com.au/c/readersdigestemailsubscribe?utm_source=over60&utm_medium=articles&utm_campaign=RDSUB&keycode=WRA87V" target="_blank" rel="noopener">here’s our best subscription offer.</a> Images: NICOLE FORNABAIO/RD.COM

Technology

How not to tell customers their data is at risk: the perils of the Optus approach

Optus fears data on up to 9.8 million of its customers has been accessed in a <a href="https://www.optus.com.au/about/media-centre/media-releases/2022/09/optus-notifies-customers-of-cyberattack" target="_blank" rel="noopener">sophisticated cyberattack</a> – including, for some customers, passport and drivers licence details, as well as phone numbers, dates of birth and email addresses. It made the announcement through the media, in the middle of Thursday’s national day of mourning public holiday, and during the four-day long weekend in Melbourne in the lead-up to the AFL grand final. At first, it didn’t text or email its customers. Instead, it issued a <a href="https://www.optus.com.au/about/media-centre/media-releases/2022/09/optus-notifies-customers-of-cyberattack" target="_blank" rel="noopener">press release</a> in the belief this was <blockquote> the quickest and most effective way to alert as many current and former customers as possible, so they could be vigilant and monitor for any suspicious activity. </blockquote> Trust in the media is at an all-time low. Communications authority Edelman reports that globally, only <a href="https://www.edelman.com/sites/g/files/aatuss191/files/2022-01/2022%20Edelman%20Trust%20Barometer%20FINAL_Jan25.pdf" target="_blank" rel="noopener">50%</a> of people trust the media, down from 62% a decade ago. Far more people (61%) trust businesses. <h2>Tweets rather than texts</h2> It has been <a href="https://studycorgi.com/the-role-of-integrated-marketing-communications-campaign/" target="_blank" rel="noopener">conventional wisdom</a> that brands should take an integrated approach to marketing communications. Many channels are better than one, increasingly so as audiences for traditional channels continue to fragment. An integrated marketing approach need not mean communicating through every available channel, but it should mean strategically selecting channels that are trusted and consumed by the brand’s customers. One of the best channels Optus has is its own phone network, and it is experienced in using it to contact its customers. Customers are likely to expect this where Optus has something important to say, and they are likely to trust a direct message from Optus more than one filtered through the media. They are even likely to spread it via word of mouth through friends who also use Optus, giving the company a continuing role in shaping the message. Instead, Optus backed up its press release with tweets. <blockquote> Hi Marie, we issued a press release and proactively reached out to media as this is the quickest way to inform all our existing and former customers so they can be on high alert for anything suspicious. Kartik — Optus (@Optus) <a href="https://twitter.com/Optus/status/1572949683332583428?ref_src=twsrc%5Etfw">September 22, 2022</a></blockquote> Optus has around 5.8 million active users, around 21% of the Australian population. They are a cross-section of the population, having little in common other than the fact they use Optus for communications. Some of Optus’ customers, especially those in Gen Z, might not use traditional news media. They wouldn’t have received the message through that channel. Former customers dating back to 2017 are also likely to be affected by the breach, taking the total affected to around <a href="https://www.smh.com.au/technology/sophisticated-attack-optus-hackers-used-european-addresses-could-be-state-linked-20220923-p5bkfn.html" target="_blank" rel="noopener">9.8 million</a>, about one third of the population. Twitter is used by about only about <a href="https://www.genroe.com/blog/social-media-statistics-australia/13492" target="_blank" rel="noopener">18%</a> of the population, and the overlap with Optus customers might not be large. <blockquote class="twitter-tweet"> We'll be contacting impacted customers soon with more information and details on how we'll support them. Optus will not be sending links in any emails or SMS messages. If you believe your account has been compromised, you can contact us on My Optus app (2/2) ^George — Optus (@Optus) <a href="https://twitter.com/Optus/status/1573136010904363008?ref_src=twsrc%5Etfw">September 23, 2022</a></blockquote> <h2>What can brands learn from Optus?</h2> As marketing and branding experts, we’ve distilled three lessons, each well known before the data breach. <ol> <li> When you have news affecting your customers, tell them before anyone else, in a personalised, one-to-one approach. </li> <li> Use channels that are trusted and consumed by your customers. </li> <li> Encourage word of mouth through your relationships with your brand community and loyal customers. </li> </ol> This article originally appeared on <a href="https://theconversation.com/how-not-to-tell-customers-their-data-is-at-risk-the-perils-of-the-optus-approach-191258" target="_blank" rel="noopener">The Conversation</a>. Image: Shutterstock

Legal

This law makes it illegal for companies to collect third-party data to profile you but they do anyway

A little-known provision of the Privacy Act makes it illegal for many companies in Australia to buy or exchange consumers’ personal data for profiling or targeting purposes. It’s almost never enforced. In a published <a href="https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4224653" target="_blank" rel="noopener">research paper</a>, I argue that needs to change. “Data enrichment” is the intrusive practice of companies going behind our backs to “fill in the gaps” of the information we provide. When you purchase a product or service from a company, fill out an online form, or sign up for a newsletter, you might provide only the necessary data such as your name, email, delivery address and/or payment information. That company may then turn to other retailers or <a href="https://www.oracle.com/au/cx/advertising/data-enrichment-measurement/#data-enrichment" target="_blank" rel="noopener">data brokers</a> to purchase or exchange extra data about you. This could include your age, family, health, habits and more. This allows them to build a more detailed individual profile on you, which helps them predict your behaviour and more precisely target you with ads. For almost ten years, there has been a law in Australia that makes this kind of data enrichment illegal if a company can “reasonably and practicably” request that information directly from the consumer. And at least <a href="https://consultations.ag.gov.au/rights-and-protections/privacy-act-review-discussion-paper/consultation/view_respondent?_b_index=60&uuId=926016195" target="_blank" rel="noopener">one major data broker</a> has asked the government to “remove” this law. The burning question is: why is there not a single published case of this law being enforced against companies “enriching” customer data for profiling and targeting purposes? <h2>Data collection ‘only from the individual’</h2> The relevant law is Australian Privacy Principle 3.6 and is part of the federal <a href="https://www.legislation.gov.au/Details/C2022C00199" target="_blank" rel="noopener">Privacy Act</a>. It applies to most organisations that operate businesses with annual revenues higher than A$3 million, and smaller data businesses. The law says such organisations: <blockquote> must collect personal information about an individual only from the individual […] unless it is unreasonable or impracticable to do so. </blockquote> This “direct collection rule” protects individuals’ privacy by allowing them some control over information collected about them, and avoiding a combination of data sources that could reveal sensitive information about their vulnerabilities. But this rule has received almost no attention. There’s only one published determination of the federal privacy regulator on it, and that was against the <a href="https://www.austlii.edu.au/cgi-bin/viewdoc/au/cases/cth/AICmr/2020/69.html" target="_blank" rel="noopener">Australian Defence Force</a> in a different context. According to Australian Privacy Principle 3.6, it’s only legal for an organisation to collect personal information from a third party if it would be “unreasonable or impracticable” to collect that information from the individual alone. This exception was intended to apply to <a href="https://www.oaic.gov.au/privacy/australian-privacy-principles-guidelines/chapter-3-app-3-collection-of-solicited-personal-information#collecting-directly-from-the-individual" target="_blank" rel="noopener">limited situations</a>, such as when: <ul> <li>the individual is being investigated for some wrongdoing</li> <li>the individual’s address needs to be updated for delivery of legal or official documents.</li> </ul> The exception shouldn’t apply simply because a company wants to collect extra information for profiling and targeting, but realises the customer would probably refuse to provide it. <h2>Who’s bypassing customers for third-party data?</h2> Aside from data brokers, companies also exchange information with each other about their respective customers to get extra information on customers’ lives. This is often referred to as “data matching” or “data partnerships”. Companies tend to be very vague about who they share information with, and who they get information from. So we don’t know for certain who’s buying data-enrichment services from data brokers, or “matching” customer data. Major companies such as <a href="https://www.amazon.com.au/gp/help/customer/display.html?nodeId=202075050&ref_=footer_iba" target="_blank" rel="noopener">Amazon Australia</a>, <a href="https://www.ebay.com.au/help/policies/member-behaviour-policies/user-privacy-notice-privacy-policy?id=4260&mkevt=1&mkcid=1&mkrid=705-53470-19255-0&campid=5337590774&customid=&toolid=10001#section4" target="_blank" rel="noopener">eBay Australia</a>, <a href="https://www.facebook.com/privacy/policy/?subpage=1.subpage.4-InformationFromPartnersVendors" target="_blank" rel="noopener">Meta</a> (Facebook), <a href="https://www.viacomcbsprivacy.com/en/policy" target="_blank" rel="noopener">10Play Viacom</a> and <a href="https://twitter.com/en/privacy#twitter-privacy-1" target="_blank" rel="noopener">Twitter</a> include terms in the fine print of their privacy policies that state they collect personal information from third parties, including demographic details and/or interests. <a href="https://policies.google.com/privacy?hl=en-US#infocollect" target="_blank" rel="noopener">Google</a>, <a href="https://preferences.news.com.au/privacy" target="_blank" rel="noopener">News Corp</a>, <a href="https://www.sevenwestmedia.com.au/privacy-policies/privacy" target="_blank" rel="noopener">Seven</a>, <a href="https://login.nine.com.au/privacy?client_id=smh" target="_blank" rel="noopener">Nine</a> and others also say they collect personal information from third parties, but are more vague about the nature of that information. These privacy policies don’t explain why it would be unreasonable or impracticable to collect that information directly from customers. <h2>Consumer ‘consent’ is not an exception</h2> Some companies may try to justify going behind customers’ backs to collect data because there’s an obscure term in their privacy policy that mentions they collect personal information from third parties. Or because the company disclosing the data has a privacy policy term about sharing data with “trusted data partners”. But even if this amounts to consumer “consent” under the relatively weak standards for consent in our current privacy law, this is not an exception to the direct collection rule. The law allows a “consent” exception for government agencies under a separate part of the direct collection rule, but not for private organisations. <h2>Data enrichment involves personal information</h2> Many companies with third-party data collection terms in their privacy policies acknowledge this is personal information. But some may argue the collected data isn’t “personal information” under the Privacy Act, so the direct collection rule doesn’t apply. Companies often exchange information about an individual without using the individual’s legal name or email. Instead they may use a unique advertising identifier for that individual, or <a href="https://help.abc.net.au/hc/en-us/articles/4402890310671" target="_blank" rel="noopener">“hash” the email address</a> to turn it into a unique string of numbers and letters. They essentially allocate a “code name” to the consumer. So the companies can exchange information that can be linked to the individual, yet say this information wasn’t connected to their actual name or email. However, this information should still be treated as personal information because it can be linked back to the individual when combined with other <a href="https://www.austlii.edu.au/cgi-bin/viewdoc/au/cases/cth/FCAFC/2017/4.html" target="_blank" rel="noopener">information about them</a>. <h2>At least one major data broker is against it</h2> Data broker <a href="https://www.experian.com.au/business/solutions/audience-targeting/digital-solutions-sell-side/digital-audiences-ss" target="_blank" rel="noopener">Experian Australia</a> has asked the government to “remove” Australian Privacy Principle 3.6 “altogether”. In its <a href="https://consultations.ag.gov.au/rights-and-protections/privacy-act-review-discussion-paper/consultation/view_respondent?_b_index=60&uuId=926016195" target="_blank" rel="noopener">submission</a> to the Privacy Act Review in January, Experian argued: <blockquote> It is outdated and does not fit well with modern data uses. </blockquote> Others who profit from data enrichment or data matching would probably agree, but prefer to let sleeping dogs lie. Experian argued the law favours large companies with direct access to lots of customers and opportunities to pool data collected from across their own corporate group. It said companies with access to fewer consumers and less data would be disadvantaged if they can’t purchase data from brokers. But the fact that some digital platforms impose extensive personal data collection on customers supports the case for stronger privacy laws. It doesn’t mean there should be a data free-for-all. <h2>Our privacy regulator should take action</h2> It has been three years since the consumer watchdog recommended <a href="https://www.accc.gov.au/system/files/Digital%20platforms%20inquiry%20-%20final%20report.pdf" target="_blank" rel="noopener">major reforms</a> to our privacy laws to reduce the disadvantages consumers suffer from invasive data practices. These reforms are probably still years away, if they eventuate at all. The direct collection rule is a very rare thing. It is an existing Australian privacy law that favours consumers. The privacy regulator should prioritise the enforcement of this law for the benefit of consumers. This article originally appeared on <a href="https://theconversation.com/this-law-makes-it-illegal-for-companies-to-collect-third-party-data-to-profile-you-but-they-do-anyway-190758" target="_blank" rel="noopener">The Conversation</a>. Image: Shutterstock

Legal

Even if TikTok and other apps are collecting your data, what are the actual consequences?

By now, most of us are aware social media companies collect vast amounts of our information. By doing this, they can target us with ads and monetise our attention. The latest chapter in the data-privacy debate concerns one of the world’s most popular apps among young people – TikTok. Yet anecdotally it seems the potential risks aren’t really something young people care about. Some were <a href="https://twitter.com/theprojecttv/status/1548962230741487617">interviewed</a> by The Project this week regarding the risk of their TikTok data being accessed from China. They said it wouldn’t stop them using the app. “Everyone at the moment has access to everything,” one person said. Another said they didn’t “have much to hide from the Chinese government”. Are these fair assessments? Or should Australians actually be worried about yet another social media company taking their data? What’s happening with TikTok? In a 2020 Australian parliamentary hearing on foreign interference through social media, TikTok representatives <a href="https://www.aph.gov.au/Parliamentary_Business/Hansard/Hansard_Display?bid=committees/commsen/1a5e6393-fec4-4222-945b-859e3f8ebd17/&sid=0002">stressed</a>: “TikTok Australia data is stored in the US and Singapore, and the security and privacy of this data are our highest priority.” But as Australian Strategic Policy Institute (ASPI) analyst Fergus Ryan has <a href="https://www.aspistrategist.org.au/its-time-tiktok-australia-came-clean/">observed</a>, it’s not about where the data are stored, but who has access. <blockquote class="twitter-tweet"> 'Where the data is stored is really immaterial if the data can be accessed from Beijing at any point, and that's what we have known for a couple of years' | <a href="https://twitter.com/ASPI_ICPC?ref_src=twsrc%5Etfw">@ASPI_ICPC</a>'s <a href="https://twitter.com/fryan?ref_src=twsrc%5Etfw">@fryan</a> spoke to <a href="https://twitter.com/abcnews?ref_src=twsrc%5Etfw">@abcnews</a> about Tik Tok & data security 📺 Watch the interview: <a href="https://t.co/iKIXqj2Rt2">https://t.co/iKIXqj2Rt2</a> — ASPI (@ASPI_org) <a href="https://twitter.com/ASPI_org/status/1549185634837102592?ref_src=twsrc%5Etfw">July 19, 2022</a></blockquote> On June 17, BuzzFeed published a <a href="https://www.buzzfeednews.com/article/emilybakerwhite/tiktok-tapes-us-user-data-china-bytedance-access">report</a> based on 80 leaked internal TikTok meetings which seemed to confirm access to US TikTok data by Chinese actors. The report refers to multiple examples of data access by TikTok’s parent company ByteDance, which is based in China. Then in July, TikTok Australia’s director of public policy, Brent Thomas, wrote to the shadow minister for cyber security, James Paterson, regarding China’s access to Australian user data. Thomas denied having been asked for data from China or having “given data to the Chinese government” – but he also noted access is “based on the need to access data”. So there’s good reason to believe Australian users’ data may be accessed from China. <blockquote class="twitter-tweet"> TikTok Australia has replied to my letter and admitted that Australian user data is also accessible in mainland China, putting it within reach of the Chinese government, despite their previous assurances it was safe because it was stored in the US and Singapore <a href="https://t.co/ITY1HNEo6v">pic.twitter.com/ITY1HNEo6v</a> — James Paterson (@SenPaterson) <a href="https://twitter.com/SenPaterson/status/1546957121274621952?ref_src=twsrc%5Etfw">July 12, 2022</a></blockquote> Is TikTok worse than other platforms? TikTok collects rich consumer information, including personal information and behavioural data from people’s activity on the app. In this respect, it’s not different from other social media companies. They all need oceans of user data to push ads onto us, and run data analytics behind a shiny facade of cute cats and trendy dances. However, TikTok’s corporate roots extend to authoritarian China – and not the US, where most of our other social media come from. This carries implications for TikTok users. Hypothetically, since TikTok moderates content according to Beijing’s foreign policy goals, it’s possible TikTok could apply censorship controls over Australian users. This means users’ feeds would be filtered to omit anything that doesn’t fit the Chinese government’s agenda, such as support for Taiwan’s sovereignty, as an example. In “shadowbanning”, a user’s posts appear to have been published to the user themselves, but are not visible to anyone else. It’s worth noting this censorship risk isn’t hypothetical. In 2019, information about Hong Kong protests was reported to have been <a href="https://www.theguardian.com/technology/2019/sep/25/revealed-how-tiktok-censors-videos-that-do-not-please-beijing">censored</a> not only on Douyin, China’s domestic version of TikTok, but also on TikTok itself. Then in 2020, ASPI <a href="https://www.aspi.org.au/report/tiktok-wechat">found</a> hashtags related to LGBTQ+ are suppressed in at least eight languages on TikTok. In response to ASPI’s research, a TikTok spokesperson said the hashtags may be restricted as part of the company’s localisation strategy and due to local laws. In Thailand, keywords such as #acab, #gayArab and anti-monarchy hashtags were found to be shadowbanned. Within China, Douyin complies with strict national content regulation. This includes censoring information about the religious movement Falun Gong and the Tiananmen massacre, among other examples. The legal environment in China forces Chinese internet product and service providers to work with government authorities. If Chinese companies disagree, or are unaware of their obligations, they can be slapped with legal and/or financial penalties and be forcefully shut down. In 2012, another social media product run by the founder of ByteDance, Yiming Zhang, was forced to close. Zhang fell into political line in a <a href="https://chinamediaproject.org/2018/04/11/tech-shame-in-the-new-era/">public apology</a>. He acknowledged the platform deviated from “public opinion guidance” by not moderating content that goes against “socialist core values”. Individual TikTok users should seriously consider leaving the app until issues of global censorship are clearly addressed. But don’t forget, it’s not just TikTok Meta products, such as Facebook and Instagram, also measure our interests by the seconds we spend looking at certain posts. They aggregate those behavioural data with our personal information to try to keep us hooked – looking at ads for as long as possible. <a href="https://www.aclu.org/news/privacy-technology/holding-facebook-accountable-for-digital-redlining">Some real cases</a> of targeted advertising on social media have contributed to “digital redlining” – the use of technology to perpetuate social discrimination. In 2018, Facebook came under fire for showing some employment ads only to men. In 2019, it settled another digital redlining <a href="https://www.theguardian.com/technology/2019/mar/28/facebook-ads-housing-discrimination-charges-us-government-hud">case</a> over discriminatory practices in which housing ads were targeted to certain users on the basis of “race, colour, national origin and religion”. And in 2021, before the US Capitol breach, military and defence product ads <a href="https://www.buzzfeednews.com/article/ryanmac/facebook-profits-military-gear-ads-capitol-riot">were running</a> alongside conversations about a coup. Then there are some worst-case scenarios. The 2018 Cambridge Analytica scandal <a href="https://www.nytimes.com/2018/04/04/us/politics/cambridge-analytica-scandal-fallout.html">revealed</a> how Meta (then Facebook) exposed users’ data to the political consulting firm Cambridge Analytica without their consent. Cambridge Analytica harvested up to 87 million users’ data from Facebook, derived psychological user profiles and used these to tailor pro-Trump messaging to them. This likely had an influence on the 2016 US presidential election. <figure class="align-center zoomable"><a href="https://images.theconversation.com/files/475064/original/file-20220720-19-dzfe0b.jpeg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img src="https://images.theconversation.com/files/475064/original/file-20220720-19-dzfe0b.jpeg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px" srcset="https://images.theconversation.com/files/475064/original/file-20220720-19-dzfe0b.jpeg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=400&fit=crop&dpr=1 600w, https://images.theconversation.com/files/475064/original/file-20220720-19-dzfe0b.jpeg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=400&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/475064/original/file-20220720-19-dzfe0b.jpeg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=400&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/475064/original/file-20220720-19-dzfe0b.jpeg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=503&fit=crop&dpr=1 754w, https://images.theconversation.com/files/475064/original/file-20220720-19-dzfe0b.jpeg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=503&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/475064/original/file-20220720-19-dzfe0b.jpeg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=503&fit=crop&dpr=3 2262w" alt="A phone shows a TikTok video playing on the screen, with a person mid-dance." /></a><figcaption>To what extent are we willing to ignore potential risks with social platforms, in favour of addictive content? Shutterstock</figcaption></figure> With TikTok, the most immediate concern for the average Australian user is content censorship – not direct prosecution. But within China, there are recurring instances of Chinese nationals being <a href="https://www.scmp.com/news/china/politics/article/3176605/crackdown-chinas-moderate-rights-voices-how-tweets-are-now">detained or even jailed</a> for using both Chinese and international social media. You can see how the consequences of mass data harvesting are not hypothetical. We need to demand more transparency from not just TikTok but all major social platforms regarding how data are used. Let’s continue the <a href="https://www.afr.com/policy/foreign-affairs/tiktok-s-privacy-fundamentally-incompatible-with-australia-20220713-p5b18l">regulation debate</a> TikTok has accelerated. We should look to update privacy protections and embed transparency into Australia’s national regulatory guidelines – for whatever the next big social media app happens to be.<img style="border: none !important; box-shadow: none !important; margin: 0 !important; max-height: 1px !important; max-width: 1px !important; min-height: 1px !important; min-width: 1px !important; opacity: 0 !important; outline: none !important; padding: 0 !important;" src="https://counter.theconversation.com/content/187277/count.gif?distributor=republish-lightbox-basic" alt="The Conversation" width="1" height="1" /> <a href="https://theconversation.com/profiles/ausma-bernot-963292" target="_blank" rel="noopener">Ausma Bernot</a>, PhD Candidate, <a href="https://theconversation.com/institutions/griffith-university-828" target="_blank" rel="noopener">Griffith University</a> This article is republished from <a href="https://theconversation.com" target="_blank" rel="noopener">The Conversation</a> under a Creative Commons license. Read the <a href="https://theconversation.com/even-if-tiktok-and-other-apps-are-collecting-your-data-what-are-the-actual-consequences-187277" target="_blank" rel="noopener">original article</a>. Image: Getty Images

Technology

Yet again, the census shows women are doing more housework. Now is the time to invest in interventions

The Australian Census numbers have been released, showing women typically do <a href="https://www.abs.gov.au/census/find-census-data/community-profiles/2021/AUS/download/GCP_AUS.xlsx">many more hours of unpaid housework</a> per week compared to men. It’s not a new development. In <a href="https://www.abs.gov.au/websitedbs/D3310114.nsf/home/2016+Census+National">2016</a>, the “typical” Australian man spent less than five hours a week on domestic work, while the “typical” Australian woman spent between five and 14 hours a week on domestic work. Before that, the <a href="https://www.abs.gov.au/ausstats/abs@.nsf/7d12b0f6763c78caca257061001cc588/c0e6e1069c8d24e9ca257306000d5b04!OpenDocument">2006 census</a>showed, again, that more of the domestic workload is shouldered by women. So, in the 15 years since the Australian Census <a href="https://www.theage.com.au/national/census-to-count-unpaid-work-20060226-ge1ty0.html">started collecting</a> unpaid housework time, women are shown to do more than men. Every. Single. Time. What is unique about these latest census numbers is Australians filled out their surveys during one of the greatest disruptors to work and home life – the COVID pandemic. <h2>Pandemic pressures</h2> We have a breadth of <a href="https://scholar.google.com.au/citations?hl=en&user=EHPbrxgAAAAJ&view_op=list_works&sortby=pubdate">research</a> showing the pandemic disrupted women’s – especially mothers’ – work and family lives, in catastrophic ways. Economic closures knocked women out of employment at <a href="https://arts.unimelb.edu.au/the-policy-lab/projects/projects/worsening">higher rates to men</a>, forcing them to rely more heavily on their savings and stimulus payments to make ends meet. All this while managing intensified housework, childcare and homeschooling. The <a href="https://read.dukeupress.edu/demography/article/59/1/1/286878/Research-Note-School-Reopenings-During-the-COVID">transition</a> to remote and hybrid learning meant mothers, not fathers, reduced their workloads to meet these newfound demands. Fathers picked up the slack in the home – doing <a href="https://theconversation.com/covid-forced-australian-fathers-to-do-more-at-home-but-at-the-same-cost-mothers-have-long-endured-154834">more housework</a> at the start of the pandemic and <a href="https://journals.sagepub.com/doi/full/10.1177/1097184X21990737">holding it</a> over time. Yet, as my colleagues Brendan Churchill and Lyn Craig <a href="https://onlinelibrary.wiley.com/doi/full/10.1111/gwao.12497">show</a>, fathers increased their housework but so did mothers, meaning the gender gap in that time remained. So, while men should be applauded for doing more during the unique strains of the pandemic, we <a href="https://onlinelibrary.wiley.com/doi/full/10.1111/gwao.12727">show</a> mothers were the true heroes of the pandemic, stepping into added labour at the expense of their health and well-being. Quite simply, the pandemic placed unparalleled pressures on Australian families. So it is perhaps no surprise our surveys are showing <a href="https://www.theage.com.au/national/victoria/the-juggle-is-real-parents-want-greater-flexibility-in-return-to-office-20220325-p5a820.html">Australians are burnt out</a>. (As discussed in <a href="https://theconversation.com/dont-give-mum-chocolates-for-mothers-day-take-on-more-housework-share-the-mental-load-and-advocate-for-equality-instead-182330">previous articles</a>, the chore divide in same-sex relationships is generally found to be more equal. But some critiques suggests even then, equality may suffer <a href="https://www.nytimes.com/2018/05/16/upshot/same-sex-couples-divide-chores-much-more-evenly-until-they-become-parents.html">once kids are involved</a>.) <h2>Time for action</h2> So, where to now? We pay upwards of <a href="https://www.abs.gov.au/AUSSTATS/abs@.nsf/mediareleasesbyReleaseDate/1B9C46E8DBFC05FFCA25847D0080F9A2?OpenDocument">$640 million dollars</a> every five years to document Australia through the census. And, in each of these surveys we find the same result – women are doing more housework than men. This <a href="https://theconversation.com/sorry-men-theres-no-such-thing-as-dirt-blindness-you-just-need-to-do-more-housework-100883">parallels decades of research</a> showing women do more housework, even when they are employed full-time, earn more money and especially <a href="https://onlinelibrary.wiley.com/doi/abs/10.1111/j.1741-3737.2008.00479.x">once kids hit</a>the scene. Men have increased their <a href="https://link.springer.com/chapter/10.1007/978-3-319-21635-5_2">housework</a> and <a href="https://aifs.gov.au/aifs-conference/fathers-and-work">childcare contributions</a> over time and <a href="https://journals.sagepub.com/doi/abs/10.1177/00113921211012737?journalCode=csia&fbclid=IwAR0Vgrre91fTarMY_EFLmDl1iJk7hPms6p3FhfM0E0y52Bbe9bZqmJ7Gs1A">younger men want</a> to be more present, active and attentive in the home. Simply put: men want to step into greater care giving and women are suffering from “doing it all”. We have documented these trends for decades – enough. Now it is time for action. <h2>Creating a fair future</h2> These are the critical questions we are asking through <a href="https://www.unimelb.edu.au/futureofwork">The Future of Work Lab</a> at the University of Melbourne – how do we create a future that is fair to everyone, including women and mothers? A few key projects illuminate some of the next steps towards clear interventions. The first is to provide Australian families with a comprehensive safety net to support their care-giving lives. All of us will be, at some point, called upon to care for a loved one, friend, family member or colleague. At these moments, work becomes difficult and housework demands soar. So, providing <a href="https://theconversation.com/if-were-serious-about-supporting-working-families-here-are-three-policies-we-need-to-enact-now-105490">care-giving resources</a> beyond just paid time off is critical. This underscores the need for <ul> <li>universal free high-quality childcare</li> <li>paid caregiver leave, and/or </li> <li>better and longer term cash payments for caregivers.</li> </ul> Second, we need comprehensive policies that allow <a href="https://pursuit.unimelb.edu.au/articles/flexible-families-workplace-equality">men to step</a> into care-giving roles without fear of retribution and penalty at work. Australians work more <a href="https://stats.oecd.org/Index.aspx?DataSetCode=AVE_HRS">annual hours</a>, on average, than their Canadian and United Kingdom counterparts, working hours more similar to the overwork culture of the United States. And, only <a href="https://www.theguardian.com/lifeandstyle/2019/may/28/only-one-in-20-fathers-take-primary-parental-leave-in-australia">one in 20 Australian fathers</a> take paid parental leave following childbirth, an abysmal rate relative to other high-income countries. We can do better. The pandemic created the space for many men to step into larger care-giving roles with great pleasure and showed workplaces that flexible work is feasible. Next, the Australian workplace must become more supportive of men’s right to care. <h2>Unpaid domestic work and the mental load</h2> Finally, we must redress the challenges of unpaid domestic work and the <a href="https://theconversation.com/planning-stress-and-worry-put-the-mental-load-on-mothers-will-2022-be-the-year-they-share-the-burden-172599">mental load</a> on women’s physical, mental and <a href="https://www.tandfonline.com/doi/abs/10.1080/13668803.2021.2002813">economic health and well-being</a>. Perhaps tech holds some solutions. The demand is clearly there with some super impressive women building out concrete tech solutions to reduce the mental load and unpaid domestic work - like <a href="https://getmelo.app/">Melo’s mental load app</a> or <a href="https://www.yohana.com/">Yohana’s virtual concierges</a>. Others are using old tech solutions – like <a href="https://www.fairplaylife.com/the-cards">Eve Rodsky’s Fair Play</a> cards – to help couples equalise the often unseen, and undervalued household chores. We are working on a research project to understand the impact of these different resources on families’ unpaid domestic loads and lives more broadly. The census is valuable in showing us we remain unchanged. But, now, is a time to invest in intervention and innovation to make us better versions of ourselves into the future. Image credits: Getty Images This article originally appeared on <a href="https://theconversation.com/yet-again-the-census-shows-women-are-doing-more-housework-now-is-the-time-to-invest-in-interventions-185488" target="_blank" rel="noopener">The Conversation</a>.

Home Hints & Tips

Bunnings and Kmart investigated for use of potentially "unethical" tech

Some of Australia’s biggest retailers are being investigated for potentially invading customer privacy with facial recognition technology. Kmart, Bunnings and The Good Guys have been found to be using facial recognition technology on unsuspecting customers. CHOICE has referred the retailers to the Office of the Australian Information Commissioner (OAIC) to investigate potential breaches of the Privacy Act. Facial recognition analyses images from video cameras to capture each person’s unique facial features, known as a faceprint. “The use of facial recognition by Kmart, Bunnings and The Good Guys is a completely inappropriate and unnecessary use of the technology,” CHOICE consumer data advocate Kate Bower said. “To make matters worse, we found 76% of Australians aren’t aware that retailers are capturing their unique facial features in this way.” Ms Bower slammed the use of the technology which she said is unethical and affects consumer’s trust. “Using facial recognition technology in this way is similar to Kmart, Bunnings or The Good Guys collecting your fingerprints or DNA every time you shop,” she went on. “Businesses using invasive technologies to capture their customers’ sensitive biometric information is unethical and is a sure way to erode consumer trust.” After conducting a survey, CHOICE found that four in five respondents agreed that retailers must inform consumers about the use of facial recognition. Four in five people had concerns about how the biometric data was stored, and three in four respondents were concerned that retailers would use the data to create customer profiles for marketing or profit purposes. “CHOICE observed that Kmart and Bunnings display small signs at the entrance of stores where the technology is in use. However, discreet signage and online privacy policies are not nearly enough to adequately inform shoppers that this controversial technology is in use,” Ms Bower said. “The technology is capturing highly personal data from customers, including infants and children. “CHOICE is concerned that Australian businesses are using facial recognition technology on consumers before Australians have had their say on its use in our community. “With the government currently undergoing a review of the Privacy Act, now is the perfect time to strengthen measures around the capture and use of consumer data, including biometric data.” Images: Shutterstock/Twitter

Technology

Data visualisations made more accessible to screen reader users

A type of assistive technology, screen readers are software programs that scan the contents of a computer screen and transform it into a different format – like synthesised voice or Braille – for people with complete or partial blindness, learning disabilities, or motion sensitivity. Now, scientists from the University of Washington (UW) in the US have designed a JavaScript plugin called VoxLens that allows people to better interact with these visualisations. VoxLens allows screen reader users to gain a high-level summary of the information described in a graph, listen to said graph translated into sound, or use voice-activated commands to ask specific questions about the data, such as the mean or the minimum value. The team presented their <a href="https://dl.acm.org/doi/fullHtml/10.1145/3491102.3517431" target="_blank" rel="noreferrer noopener">research</a> last month at the <a href="https://programs.sigchi.org/chi/2022" target="_blank" rel="noreferrer noopener">ACM CHI Conference on Human Factors in Computing Systems</a> in New Orleans in the US. <figure class="wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio"> <div class="wp-block-embed__wrapper"> <div class="entry-content-asset"> <div class="embed-wrapper"> <div class="inner"><iframe title="VoxLens - Paper Summary and Demo Video" src="https://www.youtube.com/embed/o1R-5D2WS4s?feature=oembed" width="500" height="281" frameborder="0" allowfullscreen="allowfullscreen"></iframe></div> </div> </div> </div> </figure> “If I’m looking at a graph, I can pull out whatever information I am interested in – maybe it’s the overall trend or maybe it’s the maximum,” says lead author Ather Sharif, a doctoral student in the Paul G. Allen School of Computer Science & Engineering at UW. “Right now, screen reader users either get very little or no information about online visualisations, which, in light of the COVID-19 pandemic, can sometimes be a matter of life and death. The goal of our project is to give screen reader users a platform where they can extract as much or as little information as they want.” The difficulty with translating graphs, according to co-senior author Jacob O. Wobbrock, a professor of information at UW, comes from deciphering information with no clear beginning and end. <div class="newsletter-box"> <div id="wpcf7-f6-p193459-o1" class="wpcf7" dir="ltr" lang="en-US" role="form"> <form class="wpcf7-form mailchimp-ext-0.5.61 spai-bg-prepared init" action="/technology/voxlens-accessibility-screen-readers/#wpcf7-f6-p193459-o1" method="post" novalidate="novalidate" data-status="init"> <input class="wpcf7-form-control wpcf7-text referer-page spai-bg-prepared" name="referer-page" type="hidden" value="https://www.google.com/" data-value="https://www.google.com/" aria-invalid="false" /> </form> </div> </div> “There is a start and an end of a sentence and everything else comes in between,” he explains. “But as soon as you move things into two dimensional spaces, such as visualisations, there’s no clear start and finish. “It’s just not structured in the same way, which means there’s no obvious entry point or sequencing for screen readers.” Working with screen reader users to improve accessibility The team worked with screen reader users who had partial or complete blindness when designing and testing the tool. During the testing phase, participants learned how to use VoxLens and then completed nine tasks, each of which involved answering questions about a data visualisation. The researchers found that participants completed the tasks with 122% increased accuracy and 36% decreased interaction time, compared to participants of a previous study who hadn’t had access to VoxLens. “We want people to interact with a graph as much as they want, but we also don’t want them to spend an hour trying to find what the maximum is,” says Sharif. “In our study, interaction time refers to how long it takes to extract information, and that’s why reducing it is a good thing.” VoxLens can be implanted easily by data visualisation designers with a single line of code. Right now it only works for visualisations created using <a href="https://www.javascript.com/" target="_blank" rel="noreferrer noopener">JavaScript</a> libraries – such as <a href="https://d3js.org/" target="_blank" rel="noreferrer noopener">D3</a>, <a href="https://www.chartjs.org/" target="_blank" rel="noreferrer noopener">chart.js</a> or <a href="https://www.google.com.au/sheets/about/" target="_blank" rel="noreferrer noopener">Google Sheets</a> – but the team is working towards expanding to other popular platforms. “This work is part of a much larger agenda for us – removing bias in design,” adds co-senior author Katharina Reinecke, associate professor in the Paul G. Allen School of Computer Science & Engineering at UW. “When we build technology, we tend to think of people who are like us and who have the same abilities as we do. “For example, D3 has really revolutionised access to visualisations online and improved how people can understand information. But there are values ingrained in it and people are left out. It’s really important that we start thinking more about how to make technology useful for everybody.”  <img id="cosmos-post-tracker" style="opacity: 0; height: 1px!important; width: 1px!important; border: 0!important; position: absolute!important; z-index: -1!important;" src="https://syndication.cosmosmagazine.com/?id=193459&title=Data+visualisations+made+more+accessible+to+screen+reader+users" width="1" height="1" />  <div id="contributors"> <a href="https://cosmosmagazine.com/technology/voxlens-accessibility-screen-readers/" target="_blank" rel="noopener">This article</a> was originally published on <a href="https://cosmosmagazine.com" target="_blank" rel="noopener">Cosmos Magazine</a> and was written by <a href="https://cosmosmagazine.com/contributor/imma-perfetto" target="_blank" rel="noopener">Imma Perfetto</a>. Imma Perfetto is a science writer at Cosmos. She has a Bachelor of Science with Honours in Science Communication from the University of Adelaide. Image: Getty Images </div>

Technology

ACCC says consumers need more choices about what online marketplaces are doing with their data

Consumers using online retail marketplaces such as eBay and Amazon “have little effective choice in the amount of data they share”, according to the <a href="https://www.accc.gov.au/publications/serial-publications/digital-platform-services-inquiry-2020-2025/digital-platform-services-inquiry-march-2022-interim-report" target="_blank" rel="noopener">latest report</a> of the Australian Competition & Consumer Commission (ACCC) Digital Platform Services Inquiry. Consumers may benefit from personalisation and recommendations in these marketplaces based on their data, but many are in the dark about how much personal information these companies collect and share for other purposes. <a href="https://www.accc.gov.au/media-release/concerning-issues-for-consumers-and-sellers-on-online-marketplaces" target="_blank" rel="noopener">ACCC chair Gina Cass-Gottlieb</a> said: <blockquote> We believe consumers should be given more information about, and control over, how online marketplaces collect and use their data. </blockquote> The report reiterates the ACCC’s earlier calls for amendments to the Australian Consumer Law to address unfair data terms and practices. It also points out that the government is considering <a href="https://www.ag.gov.au/integrity/consultations/review-privacy-act-1988" target="_blank" rel="noopener">proposals for major changes to privacy law</a>. However, none of these proposals is likely to come into effect in the near future. In the meantime, we should also consider whether practices such as obtaining information about users from third-party data brokers are fully compliant with existing privacy law. Why did the ACCC examine online marketplaces? The ACCC examined competition and consumer issues associated with “general online retail marketplaces” as part of its <a href="https://www.accc.gov.au/focus-areas/inquiries-ongoing/digital-platform-services-inquiry-2020-2025" target="_blank" rel="noopener">five-year Digital Platform Services Inquiry</a>. These marketplaces facilitate transactions between third-party sellers and consumers on a common platform. They do not include retailers that don’t operate marketplaces, such as Kmart, or platforms such as Gumtree that carry classified ads but don’t allow transactions. The ACCC report focuses on the four largest online marketplaces in Australia: Amazon Australia, Catch, eBay Australia and Kogan. In 2020–21, these four carried sales totalling $8.4 billion. <figure class="align-center "><img src="https://images.theconversation.com/files/460716/original/file-20220502-18-4pvx0.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px" srcset="https://images.theconversation.com/files/460716/original/file-20220502-18-4pvx0.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=401&fit=crop&dpr=1 600w, https://images.theconversation.com/files/460716/original/file-20220502-18-4pvx0.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=401&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/460716/original/file-20220502-18-4pvx0.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=401&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/460716/original/file-20220502-18-4pvx0.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=503&fit=crop&dpr=1 754w, https://images.theconversation.com/files/460716/original/file-20220502-18-4pvx0.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=503&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/460716/original/file-20220502-18-4pvx0.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=503&fit=crop&dpr=3 2262w" alt="" /><figcaption>Online marketplaces such as Amazon, eBay, Catch and Kogan facilitate transactions between third-party buyers and sellers. <a class="source" href="https://www.shutterstock.com/image-photo/new-york-usa-november-1-2018-1219079038" target="_blank" rel="noopener">Shutterstock</a></figcaption></figure> According to the report, eBay has the largest sales of these companies. Amazon Australia is the second-largest and the fastest-growing, with an 87% increase in sales over the past two years. The ACCC examined: <ul> <li>the state of competition in the relevant markets</li> <li>issues facing sellers who depend on selling their products through these marketplaces</li> <li>consumer issues including concerns about personal information collection, use and sharing.</li> </ul> Consumers don’t want their data used for other purposes The ACCC expressed concern that in online marketplaces, “the extent of data collection, use and disclosure … often does not align with consumer preferences”. The Commission pointed to surveys about <a href="https://www.accc.gov.au/system/files/Consumer%20Policy%20Research%20Centre%20%28CPRC%29%20%2818%20August%202021%29.pdf" target="_blank" rel="noopener">Australian consumer attitudes to privacy</a> which indicate: <ul> <li>94% did not feel comfortable with how digital platforms including online marketplaces collect their personal information</li> <li>92% agreed that companies should only collect information they need for providing their product or service</li> <li>60% considered it very or somewhat unacceptable for their online behaviour to be monitored for targeted ads and offers.</li> </ul> However, the four online marketplaces analysed: <ul> <li>do not proactively present privacy terms to consumers “throughout the purchasing journey”</li> <li>may allow advertisers or other third parties to place tracking cookies on users’ devices</li> <li>do not clearly identify how consumers can opt out of cookies while still using the marketplace.</li> </ul> Some of the marketplaces also obtain extra data about individuals from third-party data brokers or advertisers. The <a href="https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3432769" target="_blank" rel="noopener">harms from increased tracking and profiling</a> of consumers include decreased privacy; manipulation based on detailed profiling of traits and weaknesses; and discrimination or exclusion from opportunities. Limited choices: you can’t just ‘walk out of a store’ Some might argue that consumers must not actually care that much about privacy if they keep using these companies, but the choice is not so simple. The ACCC notes the relevant privacy terms are often spread across multiple web pages and offered on a “take it or leave it” basis. The terms also use “bundled consents”. This means that agreeing to the company using your data to fill your order, for example, may be bundled together with agreeing for the company to use your data for its separate advertising business. Further, as my research has shown, there is <a href="https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3905693" target="_blank" rel="noopener">so little competition on privacy</a> between these marketplaces that consumers can’t just find a better offer. The ACCC agrees: <blockquote> While consumers in Australia can choose between a number of online marketplaces, the common approaches and practices of the major online marketplaces to data collection and use mean that consumers have little effective choice in the amount of data they share. </blockquote> Consumers also seem unable to require these companies to delete their data. The situation is quite different from conventional retail interactions where a consumer can select “unsubscribe” or walk out of a store. Does our privacy law currently permit all these practices? The ACCC has reiterated its earlier calls to amend the Australian Consumer Law to prohibit unfair practices and make unfair contract terms illegal. (At present unfair contract terms are just void, or unenforceable.) The report also points out that the government is considering proposals for major changes to privacy law, but <a href="https://theconversation.com/a-new-proposed-privacy-code-promises-tough-rules-and-10-million-penalties-for-tech-giants-170711" target="_blank" rel="noopener">these changes</a> are uncertain and may take more than a year to come into effect. In the meantime, we should look more closely at the practices of these marketplaces under current privacy law. For example, under the <a href="https://www.legislation.gov.au/Series/C2004A03712" target="_blank" rel="noopener">federal Privacy Act</a> the four marketplaces <blockquote> must collect personal information about an individual only from the individual unless … it is unreasonable or impracticable to do so. </blockquote> However, <a href="https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3905693" target="_blank" rel="noopener">some online marketplaces</a> say they collect information about individual consumers’ interests and demographics from “<a href="https://www.ebay.com.au/help/policies/member-behaviour-policies/user-privacy-notice-privacy-policy?id=4260&mkevt=1&mkcid=1&mkrid=705-53470-19255-0&campid=5338596835&customid=&toolid=10001#section4" target="_blank" rel="noopener">data providers</a>” and <a href="https://www.amazon.com.au/gp/help/customer/display.html?nodeId=202075050&ref_=footer_iba" target="_blank" rel="noopener">other third parties</a>. We don’t know the full detail of what’s collected, but demographic information might include our age range, income, or family details. How is it “unreasonable or impracticable” to obtain information about our demographics and interests directly from us? Consumers could ask online marketplaces this question, and complain to the <a href="https://www.oaic.gov.au/privacy/privacy-complaints" target="_blank" rel="noopener">Office of the Australian Information Commissioner</a> if there is no reasonable answer.<img style="border: none !important; box-shadow: none !important; margin: 0 !important; max-height: 1px !important; max-width: 1px !important; min-height: 1px !important; min-width: 1px !important; opacity: 0 !important; outline: none !important; padding: 0 !important;" src="https://counter.theconversation.com/content/182134/count.gif?distributor=republish-lightbox-basic" alt="The Conversation" width="1" height="1" /> <a href="https://theconversation.com/profiles/katharine-kemp-402096" target="_blank" rel="noopener">Katharine Kemp</a>, Senior Lecturer, Faculty of Law & Justice, UNSW, <a href="https://theconversation.com/institutions/unsw-sydney-1414" target="_blank" rel="noopener">UNSW Sydney</a> This article is republished from <a href="https://theconversation.com" target="_blank" rel="noopener">The Conversation</a> under a Creative Commons license. Read the <a href="https://theconversation.com/accc-says-consumers-need-more-choices-about-what-online-marketplaces-are-doing-with-their-data-182134" target="_blank" rel="noopener">original article</a>. Image: Getty Images

Technology

How does Spotify use your data? Even experts aren’t sure

Spotify has revolutionised the music industry, and its ability to recommend music tailored to your personal taste has been a standout feature. But it isn’t the only app to provide this kind of personalised experience, with Artificial Intelligence being used to create your personalised newsfeeds on Facebook and Twitter, recommend purchases on Amazon, or even the order of search results on Google. To achieve this, these apps and websites use our data in their recommendation algorithms - but they are so secretive about these algorithms that we don’t fully know how they work. In a search for answers, a team of New Zealand legal and music experts <a href="https://www.scimex.org/newsfeed/tinder-and-spotifys-fine-print-arent-clear-about-how-they-use-our-data-for-recs" target="_blank" rel="noopener">pored over</a> several versions of the privacy policies and Terms of Use used by Spotify and Tinder to determine how our data is being used as new features have been rolled out. Their work, published in the <a href="https://doi.org/10.1080/03036758.2022.2064517" target="_blank" rel="noopener">Journal of the Royal Society of New Zealand</a>, found that Spotify’s privacy policy has nearly doubled since its launch in 2012, which reflects an increase in the amount of data the platform now collects. The algorithm hungers for data Originally, Spotify collected basic information such as the kinds of songs played, the playlists created, and the email address, age, gender, and location of a user, as well as their profile picture, and the pictures and names of their Facebook friends if their profile was linked. In the 2021 policy, Spotify collects voice data, users’ photos, and location data - and the team of experts have connected this expansion to the patents the company owns. That same year, “Spotify was granted a patent that allows the company to promote ‘personalised content’ based on the ‘personality traits’ it detects from voice data and background noise,” the authors wrote, suggesting the algorithm has changed to capture voice data. As for its Terms of Use, the authors found both Spotify and Tinder used ambiguous wording and vague language, despite expectations that it would be somewhat transparent because it is a legal agreement between the platform and its users. They noted that the opaque style of the Terms of Use made analysis more difficult. Despite this, they found that from 2015, Spotify’s recommendations were also influenced by “commercial considerations”, including third-party agreements Spotify had with other companies. The team of experts argue that this particular change “provides ample room for the company to legally highlight content to a specific user based on a commercial agreement”. Meanwhile, Spotify has also started offering artists the option to lower their royalty rate “in exchange for an increased number of recommendations”. Taken together, the authors argue that this means that the playlists made specifically for us could be influenced by factors outside of our control, “like commercial deals with artists and labels”. Users deserve answers Though they made these findings, the authors note that some will still be speculative while companies stay tight-lipped about how their algorithms work. “When companies are uncooperative, and typical academic inquiry cannot be complete without breaching contractual agreements, we maintain that scholarly investigation can have a speculative character,” they wrote. “This suggestion does not mean that a less academic rigour can be expected or granted about making assumptions on the basis of partial, observable data. Instead, we propose that it is the companies’ remit and burden to refute such assumptions and communicating the clarity of their systems.” With many of us using services like Spotify, Tinder, Google and Amazon on a daily basis, it’s up to these companies to become more transparent in how they use our information with the understanding that we deserve to know what happens to the data that makes us, us. Image: Getty Images

Technology

The metaverse: three legal issues we need to address

The “<a href="https://www.wired.com/story/what-is-the-metaverse/" target="_blank" rel="noopener">metaverse</a>” seems to be the latest buzzword in tech. In general terms, the metaverse can be viewed as a form of cyberspace. Like the internet, it’s a world – or reality, even – beyond our physical world on Earth. The difference is that the metaverse allows us to immerse a version of ourselves as <a href="https://medium.com/@ppreddy576/digital-avatars-and-working-with-human-like-creatives-b84f24005a05" target="_blank" rel="noopener">avatars</a> in its environment, usually through <a href="https://hbr.org/2016/10/the-mainstreaming-of-augmented-reality-a-brief-history" target="_blank" rel="noopener">augmented reality</a> (AR) or <a href="https://www.britannica.com/technology/virtual-reality" target="_blank" rel="noopener">virtual reality</a> (VR), which people are and will increasingly be able to access using tools like VR goggles. While it all seems very exciting, a curious lawyer like me is inclined to ask: who or what governs the metaverse? The way I see it, there are three key areas which, at this stage, are legally murky. 1. A boundless marketplace Transactions in the metaverse are generally monetised using cryptocurrency or <a href="https://edition.cnn.com/2021/03/17/business/what-is-nft-meaning-fe-series/index.html" target="_blank" rel="noopener">NFTs</a> (non-fungible tokens). An NFT is a unique digital asset: it could be an image, a piece of music, a video, a 3D object, or another type of creative work. The NFT market is booming – in some cases we’re talking about <a href="https://edition.cnn.com/style/article/beeple-first-nft-artwork-at-auction-sale-result/index.html" target="_blank" rel="noopener">sales</a> equivalent to millions of pounds. While it’s difficult to say whether this is simply a trend, or a new and exciting form of capital investment, these kinds of transactions raise some interesting legal questions. For example, in the “real” world, when it comes to purchasing a piece of art, property law dictates that <a href="https://www.reedsmith.com/en/perspectives/2021/05/reed-smith-guide-to-the-metaverse" target="_blank" rel="noopener">ownership</a> is two-fold. First, ownership can be attributed in the actual physical art work. And second, the buyer may or may not own the intellectual property of the art work, depending on the terms of the sale. But what kind of ownership is precisely included in a transaction of digital art? International law firm <a href="https://www.reedsmith.com/en/perspectives/2021/05/reed-smith-guide-to-the-metaverse" target="_blank" rel="noopener">Reed Smith</a> has said that “ownership” in the metaverse is nothing more than a form of licensing, or provision of services. In such instances, true ownership still lies with the owner. This may mean, for example, that the buyer cannot sell the item without permission from the true owner. Virtual real estate has also become an NFT, with individuals and companies <a href="https://theconversation.com/real-estate-in-the-metaverse-is-booming-is-it-really-such-a-crazy-idea-174021" target="_blank" rel="noopener">spending enormous sums</a> to own a “property” in the metaverse. Do the intricacies of land law apply here? For example, will real-world legislation cover trespassers on private land in the metaverse? Can you take out a mortgage on your virtual property? The metaverse may also be susceptible to hosting a virtual marketplace somewhat like <a href="https://www.newscientist.com/article/mg24933260-400-silk-road-review-the-true-story-of-the-dark-webs-illegal-drug-market/" target="_blank" rel="noopener">Silk Road</a>, which was a dark web marketplace dealing in illegal drugs, weapons and, allegedly, “<a href="https://www.bbc.co.uk/news/av/technology-24378137" target="_blank" rel="noopener">murder for hire</a>”. What kinds of laws can be put in place to safeguard against this happening in the metaverse? It would be ideal to have a global regulatory authority overseeing the metaverse, although this would be difficult to implement. 2. Data Another possible legal implication of the metaverse is around data and data protection. The metaverse will expose new categories of <a href="https://www.cms-lawnow.com/ealerts/2022/01/legal-advice-in-the-metaverse" target="_blank" rel="noopener">our personal data</a> for processing. This might include facial expressions, gestures and other types of reactions an avatar could produce during interactions in the metaverse. The EU’s General Data Protection Regulation (<a href="https://gdpr.eu/" target="_blank" rel="noopener">GDPR</a>) could arguably apply to the metaverse, as could the <a href="https://www.legislation.gov.uk/ukpga/2018/12/contents/enacted" target="_blank" rel="noopener">UK’s Data Protection Act</a>. But given the novel nature of the metaverse, to ensure that users’ rights are protected, the processes governing informed consent around data processing may need to be revisited. <figure class="align-center "><img src="https://images.theconversation.com/files/443780/original/file-20220201-17-1a83bq0.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px" srcset="https://images.theconversation.com/files/443780/original/file-20220201-17-1a83bq0.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=338&fit=crop&dpr=1 600w, https://images.theconversation.com/files/443780/original/file-20220201-17-1a83bq0.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=338&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/443780/original/file-20220201-17-1a83bq0.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=338&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/443780/original/file-20220201-17-1a83bq0.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=424&fit=crop&dpr=1 754w, https://images.theconversation.com/files/443780/original/file-20220201-17-1a83bq0.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=424&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/443780/original/file-20220201-17-1a83bq0.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=424&fit=crop&dpr=3 2262w" alt="A rendering of two avatars shaking hands." /><figcaption>Interactions in the metaverse will expose new types of personal data. <a class="source" href="https://www.shutterstock.com/image-illustration/business-man-wear-virtual-glasses-shaking-2089653463" target="_blank" rel="noopener">Athitat Shinagowin/Shutterstock</a></figcaption></figure> Further, the “no-boundaries” nature of the metaverse means that while we might want to assume the GDPR will apply, the clauses dealing with transfer and processing of data outside the EU may need to be clarified. The GDPR applies <a href="https://www.metaverselaw.com/category/gdpr/" target="_blank" rel="noopener">based on</a> the location of the subject when their data is processed, not on their home country or citizenship. So can we look to the location based on the person operating the avatar, or is it more appropriate to look at the avatar itself, since it’s the avatar’s data that will be processed? And if we look to the avatar’s location, how would we determine which jurisdiction the metaverse falls under? 3. User interactions When users interact through their avatars, we may have situations where some kind of altercation occurs that would equate to breaking the law, if it took place between people in the real world. Such incidents could be in breach of tort law (which covers civil claims such as negligence or nuisance) or criminal law (involving illegal acts and crime such as assault, murder, burglary or rape). Imagine one avatar assaults another. Could we apply criminal laws of assault and battery to this situation? How could we make an avatar responsible for their actions in the metaverse? This would be complicated, because it would mean that we need to attribute a <a href="https://www.cms-lawnow.com/ealerts/2022/01/legal-advice-in-the-metaverse" target="_blank" rel="noopener">legal persona</a> to the avatar, giving them rights and duties within a legal system; allowing them to sue or be sued. Proving assault or battery would also be much more difficult because it usually requires “<a href="https://www.cps.gov.uk/legal-guidance/offences-against-person-incorporating-charging-standard#:%7E:text=The%20offence%20is%20committed%20when,or%20caused%20the%20bodily%20harm." target="_blank" rel="noopener">actual bodily harm</a>”. In the metaverse, there will naturally be no actual bodily harm. It would be challenging to prove harm, loss or injury suffered by an avatar. Worryingly, <a href="https://www.thetimes.co.uk/article/my-journey-into-the-metaverse-already-a-home-to-sex-predators-sdkms5nd3" target="_blank" rel="noopener">sexual predators</a> are already emerging in the metaverse, masking their identity behind an avatar that may not easily be traced back to its operator in the real world. For example, we’ve seen incidents of <a href="https://www.technologyreview.com/2021/12/16/1042516/the-metaverse-has-a-groping-problem/" target="_blank" rel="noopener">groping</a>. Users in the metaverse can wear haptic vests or other technologies which would actually allow them to feel the sensations if they were touched or groped. <a href="https://www.reeds.co.uk/insight/should-sexual-harassment-be-a-criminal-offence-in-the-uk/" target="_blank" rel="noopener">Sexual harassment laws</a> do not require physical contact to constitute sexual harassment. But are existing laws adequate to deal with this issue? Within the environment of VR and gaming, for example, upon whom rests the responsibility to ensure the safety of users? There is little doubt issues of sexual harassment will make their way into the metaverse, particularly if unscrupulous users know this is a grey area. Believing that their actions cannot be proved, or that they cannot be held responsible for events that take place in the metaverse, might embolden such behaviour. This comes back to the question of legal personas of avatars – is a legal persona necessary to make avatars responsible for their actions in the metaverse? And what kind of standards and criteria need to be in place to distinguish between a “legal” avatar and the true legal person who operates that avatar? These issues should all be addressed before the metaverse becomes mainstream.<img style="border: none !important; box-shadow: none !important; margin: 0 !important; max-height: 1px !important; max-width: 1px !important; min-height: 1px !important; min-width: 1px !important; opacity: 0 !important; outline: none !important; padding: 0 !important; text-shadow: none !important;" src="https://counter.theconversation.com/content/175891/count.gif?distributor=republish-lightbox-basic" alt="The Conversation" width="1" height="1" /> <a href="https://theconversation.com/profiles/pin-lean-lau-1282877" target="_blank" rel="noopener">Pin Lean Lau</a>, Lecturer in Bio-Law, Brunel Law School | Centre for Artificial Intelligence: Social & Digital Innovations, <a href="https://theconversation.com/institutions/brunel-university-london-1685" target="_blank" rel="noopener">Brunel University London</a> This article is republished from <a href="https://theconversation.com" target="_blank" rel="noopener">The Conversation</a> under a Creative Commons license. Read the <a href="https://theconversation.com/the-metaverse-three-legal-issues-we-need-to-address-175891" target="_blank" rel="noopener">original article</a>. Image: Getty Images

Legal

Smartphone security: everything you need to know to keep your phone safe

Smartphone safety Considering our smartphones are now home to everything from emergency contacts to banking information, keeping those assets out of the wrong hands is more important than ever. Read on for all the mobile security threats you need to be on the alert for and what steps experts recommend you take to protect your device. The key principles of smartphone security No matter which type of smartphone you have, these are the four main security issues you should be mindful of. Virus protection: Like your laptop or desktop, phones are susceptible to hacking and viruses. Smartphone privacy: Whether it’s a nosy partner, friend, co-worker, or a hacker who is up to no good, maintaining your privacy on your device is paramount. Phone security: Your phone is often your lifeline and increasingly serves as your digital wallet, which makes it a top target for thieves. Personal data collection: Apps and even your phone itself are always trying to glean information about you. Find out how much is too much and how you can control what information is – and isn’t – shared about you. Phone security best practices: 1. Ignore and avoid phishing attacks Hackers and digital thieves are becoming craftier than ever in an attempt to steal the keys to your identity. Once you’re aware of their tricks and know about the latest scams, you won’t fall victim or mistakenly download a virus to your phone. Your first line of defence: immediately delete any questionable emails or texts and learn how to stop spam texts altogether. 2. Use antivirus for phones Did you know that even with the latest iPhone security updates, <a href="https://www.rd.com/article/can-iphones-get-viruses/">iPhones can get viruses</a>, too? Android users will want to know the ins and outs of <a href="https://www.rd.com/article/google-play-protect/">Google Play Protect</a>. If you should accidentally download a virus, we have you covered for that as well and can fill you in on <a href="https://www.rd.com/article/remove-virus-android-phone/">how to remove hidden malware on an Android phone</a>. Of course, investing in a secure phone is essential to preventing security problems in the first place. 3. Secure your message to maintain privacy Whether you’re in a career that demands privacy or you’re simply planning a surprise birthday party for a friend, you’ll want to know about these strategies for keeping your texts and phone calls secure. <a rel="noopener" href="https://www.rd.com/article/how-to-hide-text-messages-on-an-iphone/" target="_blank">Start by learning how to hide text messages on an iPhone.</a> Then consider if you need an <a rel="noopener" href="https://www.rd.com/article/encrypted-phones/" target="_blank">encrypted phone</a> – find out what this buzzword actually means and why and how to encrypt your iPhone or Android phone. The most secure messaging apps are a must for anyone with privacy concerns. 4. Manage your app permissions Your smartphone and the apps you download to your phone know a lot about you, sometimes even too much. One of the quickest ways to keep your personal information private is by paying attention to your app permissions. For example, does your rideshare app really need access to your contact list or your calendar? Both iPhones and Androids have made it easier than ever to control app permissions, but you still need to do your homework in order to limit them to the ones the app truly needs. 5. Lock your phone According to a 2017 Pew Report, almost 30 percent of smartphone owners do not even use a screen lock or other security features; yet the easiest and most obvious way to keep your phone protected is to regularly lock your home screen and use two-factor authentication. Additionally, experts recommend that you go the extra mile, so make sure you don’t have a weak password and learn how to lock apps on your phone. 6. Be wary of public Wi-Fi Sure, it can be convenient to check your email while waiting for your train or bus and you may occasionally go to the coffee shop down the street to work. But logging on to an open Wi-Fi network could potentially open your device up to hackers – if you’re not careful. 7. Use a recovery app to find a lost phone A lost or stolen iPhone may feel like the worst thing in the world that can happen, but there are steps you can take immediately to protect yourself and your information. Plus the built-in Find My iPhone app can help you reconnect with your lost phone. Don't jailbreak or root your device Finally, experts strongly recommend against jailbreaking your iPhone or rooting your Android. Jailbreaking is the term used to describe hacking into Apple’s mobile operating system iOS and tweaking it so you can customise the appearance and performance of your iPhone. When similar modifications are made to an Android smartphone, the process is called rooting. Why? Even though jailbreaking your phone may seem appealing, no customisation is worth making your phone vulnerable to hacking or other viruses. Bottom line While iPhone and Android are constantly employing better and more sophisticated security measures, at the end of the day, keeping your phone and personal data safe is largely up to you. If you get a suspicious scam text or an iPhone virus warning, think twice before automatically clicking on any links to open it. Look to see if there are any telltale misspellings? Does the URL start with “https:”? And remember, that Apple (and other legitimate companies, such as your bank) will never ask for your password in a text message. Common sense will always be your best defence. Image credits: Getty Images This article originally appeared on <a href="https://www.readersdigest.com.au/true-stories-lifestyle/science-technology/smartphone-security-everything-you-need-to-know-to-keep-your-phone-safe?pages=1">Reader's Digest</a>.

Technology

A failure at 6? Data-driven assessment isn’t helping young children’s learning

Children’s <a href="https://www.education.vic.gov.au/Documents/childhood/providers/edcare/veyldframework.pdf">early years</a> from birth to the age of eight are crucial for their social, emotional and intellectual development. However, early years education in Australia is fragmented. It operates across two spaces, the pre-compulsory period, often called early childhood education, and the first three years of compulsory schooling. In recent times the focus in these three years has been on assessment that produces numerical data. Teachers need to demonstrate children are meeting standards. In contrast, in the pre-compulsory years the focus is on observing and interacting with the child. Practices are based on the belief that all children have agency and are capable learners. A chasm has opened up between these <a href="https://www.routledge.com/Early-Childhood-and-Compulsory-Education-Reconceptualising-the-relationship/Moss/p/book/9780415687744">separate education systems</a>. Children go from playing to being tested in the blink of an eye. This abrupt change in young children’s education is problematic. <h2>What does research tell us about the early years?</h2> A <a href="https://research-repository.griffith.edu.au/bitstream/handle/10072/391647/Dunn356707Accepted.pdf?sequence=2&isAllowed=y">2015 review</a> of research on best practices in the early years identified key factors in successful teaching and learning. The review noted the importance of: <ul> <li> a smooth transition between pre-school education and compulsory school education </li> <li> play-based learning </li> <li> seeing children as capable and having agency in their learning </li> <li> <a href="https://www.education.vic.gov.au/school/teachers/teachingresources/discipline/english/literacy/speakinglistening/Pages/teachingpracdialogic.aspx">dialogic interactions</a> involving <a href="https://earlychildhood.qld.gov.au/earlyYears/Documents/language-dialogic-in-action.pdf">rich discussions</a> between children and between children and teachers. </li> </ul> Australia has introduced a mandated curriculum and a national assessment program in primary schools. The review noted this meant many early years teachers have adopted a more formalised and narrow approach to learning in schools. It isn’t appropriate for young children. We can see the resulting <a href="https://researchnow.flinders.edu.au/en/publications/where-are-the-early-years-of-school-in-contemporary-early-childho">divide between non-compulsory and compulsory</a> early years education in Victoria. On the one hand, teachers need to acknowledge the needs of children from birth to eight years. On the other hand, for those between the ages of five and 12, the <a href="https://victoriancurriculum.vcaa.vic.edu.au/">Victorian Curriculum</a> requires teachers to assess and report against curriculum standards. The focus on formal assessment and numerical data in the early years of schooling means children as young as six can be labelled as failing. In countries like Finland and Singapore, which have been <a href="https://www.oecd.org/pisa/pisaproducts/strongperformers/">identified</a> as <a href="http://timssandpirls.bc.edu/pirls2016/international-results/pirls/student-achievement/pirls-achievement-results/">high-performing</a>, children do not even <a href="https://expatchild.com/school-starting-ages-around-world/">begin formal schooling</a> before the age of six or seven. <iframe src="https://data.worldbank.org/share/widget?indicators=SE.PRM.AGES&type=shaded&view=map" width="100%" height="380" frameborder="0" scrolling="no"></iframe> <a href="https://journals.sagepub.com/doi/pdf/10.2304/ciec.2014.15.2.185">One study</a> has described the early years in countries like the United Kingdom, America and Australia as being at the mercy of top-down policy development, leading to “a highly prescriptive and assessment-driven early years climate”. <a href="https://www.routledge.com/The-Datafication-of-Primary-and-Early-Years-Education-Playing-with-Numbers/Bradbury-Roberts-Holmes/p/book/9781138242173">UK researchers</a> have identified the “datafication” of early years education and its impacts on children and teachers. And <a href="https://researchoutput.csu.edu.au/en/publications/a-sociological-analysis-of-australias-naplan-and-my-school-senate">Australian researchers</a> used the term “adultification” to describe the unrealistic expectations placed on young children. <h2>So what happens in our schools?</h2> My doctoral <a href="https://minerva-access.unimelb.edu.au/handle/11343/268186">research</a> found “datafication” and “adultification” defined the early years of schooling in Victoria. I engaged with more than 100 early-years teachers to explore their literacy teaching and assessment practices. The recurring theme was these teachers were expected to frequently assess young children in formal ways that provided numerical data. Teachers voiced frustration. One described the early years as “death by assessment”. Another lamented that community expectations were unreasonable, saying “people are hung up on data, numbers”. There was an overwhelming sense that the teachers knew their children best and should be given the agency to assess and plan for literacy teaching rather than being required to use a suite of commercially produced assessment tools. The Victorian Early Years Learning and Development Framework (<a href="https://www.education.vic.gov.au/Documents/childhood/providers/edcare/veyldframework.pdf">VEYLDF</a>) is designed to support early years teachers working with children and families. Its premise is that children have the greatest opportunities to develop neural pathways for learning and are also most vulnerable to negative experiences from birth to eight years. The framework is based on research into best practice for children in these years. Rather than formal assessment based on numbers, the VEYLDF advocates for assessment that is authentic and responsive to how all children can best demonstrate their learning and development. The Victorian Education Department <a href="https://www.education.vic.gov.au/childhood/professionals/learning/Pages/veyldf.aspx">encourages</a> teachers in schools to use the framework. However, little is known about how many actually use the framework to inform teaching and learning. Making it mandatory to report against curriculum standards from the time children begin compulsory schooling sets the boundaries for how many teachers operate. It is hard to have a foot in both camps when reporting against these standards is mandatory and you feel compelled to prepare children for what comes next – which includes <a href="https://www.nap.edu.au/">NAPLAN</a>, the national assessment program. <img src="https://images.theconversation.com/files/432555/original/file-20211118-18-1xgrfo5.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" alt="Group of laughing and smiling children together among trees" /> ‘Death by assessment’ threatens the joy young children find in learning. Shutterstock <h2>Schools can still let children be children</h2> However, some schools are turning their backs on the relentless measuring of young children’s attainments. <a href="https://www.sjfootscray.catholic.edu.au/">St John’s</a>, a multicultural primary school in Melbourne’s inner west, is one example. You only need to look at the school <a href="https://www.sjfootscray.catholic.edu.au/learning/">website</a> to see its philosophy differs from many others. <blockquote> “St John’s Horizon [a school community-developed vision] clearly states ‘KIDS AT THE HEART’ which encapsulates our focus and belief in the image of the child – the child who is capable, curious, full of wonder, rich in knowledge, able to construct and co-construct his or her own learning. We believe in JOY – Joy in learning.” </blockquote> A conversation with the then principal, Gemma Goodyear, gave me an insight into these beliefs, which are inspired by teaching and learning in schools in <a href="https://www.reggiochildren.it/en/reggio-emilia-approach/">Reggio Emilia</a>, Italy. Goodyear said children do not come to school to be “fixed”, and the teachers engage them by providing meaningful, contextualised learning experiences. And, yes, through their focus on rich learning they still get great results without relentless testing. It is time to revisit the early years of schooling and ensure teachers have the skills and understandings they need to support learners in this phase. These years should be a time when children become engaged and excited about learning, a time of great joy, and a time when children are allowed to be children.<img style="border: none !important; box-shadow: none !important; margin: 0 !important; max-height: 1px !important; max-width: 1px !important; min-height: 1px !important; min-width: 1px !important; opacity: 0 !important; outline: none !important; padding: 0 !important; text-shadow: none !important;" src="https://counter.theconversation.com/content/169463/count.gif?distributor=republish-lightbox-basic" alt="The Conversation" width="1" height="1" /> <a href="https://theconversation.com/profiles/martina-tassone-1270226">Martina Tassone</a>, Early Childhood and Primary Course Coordinator and Language and Literacy Lecturer, <a href="https://theconversation.com/institutions/the-university-of-melbourne-722">The University of Melbourne</a> This article is republished from <a href="https://theconversation.com">The Conversation</a> under a Creative Commons license. Read the <a href="https://theconversation.com/a-failure-at-6-data-driven-assessment-isnt-helping-young-childrens-learning-169463">original article</a>. Image: Shutterstock

Family & Pets

Our Partners

Over 60

News

Shop

Catalogues

Newspaper

Contests

Entertainment

Travel

Health

Lifestyle

Finance

Property

Compare

Games

Information

Keep up to date

Search

How Samantha Murphy's digital data could be a crucial clue

Are Australia’s roads becoming more dangerous? Here’s what the data says

The $500 million ATO fraud highlights flaws in the myGov ID system. Here’s how to keep your data safe

Australia's most trusted brands revealed for 2023

Can big data really predict what makes a song popular?

“Have a second phone”: Aussie spy chief’s warning on social media use

"Deplorable": Medibank hacker announces ransom demands

Optus data breach: regulatory changes announced, but legislative reform still needed

7 tricks to use less phone data – and lower your phone bill

How not to tell customers their data is at risk: the perils of the Optus approach

This law makes it illegal for companies to collect third-party data to profile you but they do anyway

Even if TikTok and other apps are collecting your data, what are the actual consequences?

Yet again, the census shows women are doing more housework. Now is the time to invest in interventions

Bunnings and Kmart investigated for use of potentially "unethical" tech

Data visualisations made more accessible to screen reader users

ACCC says consumers need more choices about what online marketplaces are doing with their data

How does Spotify use your data? Even experts aren’t sure

The metaverse: three legal issues we need to address

Smartphone security: everything you need to know to keep your phone safe

A failure at 6? Data-driven assessment isn’t helping young children’s learning

Our Partners

News

Shop

Catalogues

Newspaper

Contests

Entertainment

Travel

Health

Lifestyle

Finance

Property

Compare

Games

Information

Keep up to date

Search

How Samantha Murphy's digital data could be a crucial clue

Are Australia’s roads becoming more dangerous? Here’s what the data says

The $500 million ATO fraud highlights flaws in the myGov ID system. Here’s how to keep your data safe

Australia's most trusted brands revealed for 2023

Can big data really predict what makes a song popular?

“Have a second phone”: Aussie spy chief’s warning on social media use

"Deplorable": Medibank hacker announces ransom demands

Optus data breach: regulatory changes announced, but legislative reform still needed

7 tricks to use less phone data – and lower your phone bill

How not to tell customers their data is at risk: the perils of the Optus approach

This law makes it illegal for companies to collect third-party data to profile you but they do anyway

Even if TikTok and other apps are collecting your data, what are the actual consequences?

Yet again, the census shows women are doing more housework. Now is the time to invest in interventions

Bunnings and Kmart investigated for use of potentially "unethical" tech

Data visualisations made more accessible to screen reader users

ACCC says consumers need more choices about what online marketplaces are doing with their data

How does Spotify use your data? Even experts aren’t sure

The metaverse: three legal issues we need to address

Smartphone security: everything you need to know to keep your phone safe

A failure at 6? Data-driven assessment isn’t helping young children’s learning

Our Partners

Join Over60