Five projects that are harnessing big data for good



File 20181101 78456 77seij.jpg?ixlib=rb 1.1
Often the value of data science lies in the work of joining the dots.
Shutterstock

Arezou Soltani Panah, Swinburne University of Technology and Anthony McCosker, Swinburne University of Technology

Data science has boomed over the past decade, following advances in mathematics, computing capability, and data storage. Australia’s Industry 4.0 taskforce is busy exploring ways to improve the Australian economy with tools such as artificial intelligence, machine learning and big data analytics.

But while data science offers the potential to solve complex problems and drive innovation, it has often come under fire for unethical use of data or unintended negative consequences – particularly in commercial cases where people become data points in annual company reports.

We argue that the data science boom shouldn’t be limited to business insights and profit margins. When used ethically, big data can help solve some of society’s most difficult social and environmental problems.

Industry 4.0 should be underwritten by values that ensure these technologies are trained towards the social good (known as Society 4.0). That means using data ethically, involving citizens in the process, and building social values into the design.

Here are a five data science projects that are putting these principles into practice.




Read more:
The future of data science looks spectacular


1. Finding humanitarian hot spots

Social and environmental problems are rarely easy to solve. Take the hardship and distress in rural areas due to the long-term struggle with drought. Australia’s size and the sheer number of people and communities involved make it difficult to pair those in need with support and resources.

Our team joined forces with the Australian Red Cross to figure out where the humanitarian hot spots are in Victoria. We used social media data to map everyday humanitarian activity to specific locations and found that the hot spots of volunteering and charity activity are located in and around Melbourne CBD and the eastern suburbs. These kinds of insights can help local aid organisations channel volunteering activity in times of acute need.

Distribution of humanitarian actions across inner Melbourne and local government areas. Blue dots and red dots represent scraped Instagram posts around the hashtags #volunteer and #charity.

2. Improving fire safety in homes

Accessing data – the right data, in the right form – is a constant challenge for data science. We know that house fires are a serious threat, and that fire and smoke alarms save lives. Targeting houses without fire alarms can help mitigate that risk. But there is no single reliable source of information to draw on.

In the United States, Enigma Labs built open data tools to model and map risk at the level of individual neighbourhoods. To do this effectively, their model combines national census data with a geocoder tool (TIGER), as well as analytics based on local fire incident data, to provide a risk score.

Fire fatality risk scores calculated at the level of Census block groups.
Enigma Labs

3. Mapping police violence in the US

Ordinary citizens can be involved in generating social data. There are many crowdsourced, open mapping projects, but often the value of data science lies in the work of joining the dots.

The Mapping Police Violence project in the US monitors, make sense of, and visualises police violence. It draws on three crowdsourced databases, but also fills in the gaps using a mix of social media, obituaries, criminal records databases, police reports and other sources of information. By drawing all this information together, the project quantifies the scale of the problem and makes it visible.

A visualisation of the frequency of police violence in the United States.
Mapping Police Violence



Read more:
Data responsibility: a new social good for the information age


4. Optimising waste management

The Internet of Things is made up of a host of connected devices that collect data. When embedded in the ordinary objects all around us, and combined with cloud-based analysis and computing, these objects become smart – and can help solve problems or inefficiencies in the built environment.

If you live in Melbourne, you might have noticed BigBelly bins around the CBD. These smart bins have solar-powered trash compactors that regularly compress the garbage inside throughout the day. This eliminates waste overflow and reduces unnecessary carbon emissions, with an 80% reduction in waste collection.

Real-time data analysis and reporting is provided by a cloud-based data management portal, known as CLEAN. The tool identifies trends in waste overflow, which helps with bin placement and planning of collection services.

BigBelly bins are being used in Melbourne’s CBD.
Kevin Zolkiewicz/Flickr, CC BY-NC

5. Identifying hotbeds of street harassment

A group of four women – and many volunteer supporters – in Egypt developed HarassMap to engage with, and inform, the community in an effort to reduce sexual harassment. The platform they built uses anonymised, crowdsourced data to map harassment incidents that occur in the street in order to alert its users of potentially unsafe areas.

The challenge for the group was to provide a means for generating data for a problem that was itself widely dismissed. Mapping and informing are essential data science techniques for addressing social problems.

Mapping of sexual harassment reported in Egypt.
HarassMap



Read more:
Cambridge Analytica’s closure is a pyrrhic victory for data privacy


Building a better society

Turning the efforts of data science to social good isn’t easy. Those with the expertise have to be attuned to the social impact of data analytics. Meanwhile, access to data, or linking data across sources, is a major challenge – particularly as data privacy becomes an increasing concern.

While the mathematics and algorithms that drive data science appear objective, human factors often combine to embed biases, which can result in inaccurate modelling. Digital and data literacy, along with a lack of transparency in methodology, combine to raise mistrust in big data and analytics.

Nonetheless, when put to work for social good, data science can provide new sources of evidence to assist government and funding bodies with policy, budgeting and future planning. This can ultimately result in a better connected and more caring society.The Conversation

Arezou Soltani Panah, Postdoc Research Fellow (Social Data Scientist), Swinburne University of Technology and Anthony McCosker, Senior Lecturer in Media and Communications, Swinburne University of Technology

This article is republished from The Conversation under a Creative Commons license. Read the original article.

Advertisements

Travelling overseas? What to do if a border agent demands access to your digital device



File 20181005 52691 12zqgzn.jpg?ixlib=rb 1.1
New laws enacted in New Zealand give customs agents the right to search your phone.
Shutterstock

Katina Michael, Arizona State University

New laws enacted in New Zealand this month give border agents the right to demand travellers entering the country hand over passwords for their digital devices. We outline what you should do if it happens to you, in the first part of a series exploring how technology is changing tourism.


Imagine returning home to Australia or New Zealand after a long-haul flight, exhausted and red-eyed. You’ve just reclaimed your baggage after getting through immigration when you’re stopped by a customs officer who demands you hand over your smartphone and the password. Do you know your rights?

Both Australian and New Zealand customs officers are legally allowed to search not only your personal baggage, but also the contents of your smartphone, tablet or laptop. It doesn’t matter whether you are a citizen or visitor, or whether you’re crossing a border by air, land or sea.




Read more:
How to protect your private data when you travel to the United States


New laws that came into effect in New Zealand on October 1 give border agents:

…the power to make a full search of a stored value instrument (including power to require a user of the instrument to provide access information and other information or assistance that is reasonable and necessary to allow a person to access the instrument).

Those who don’t comply could face prosecution and NZ$5,000 in fines. Border agents have similar powers in Australia and elsewhere. In Canada, for example, hindering or obstructing a border guard could cost you up to C$50,000 or five years in prison.

A growing trend

Australia and New Zealand don’t currently publish data on these kinds of searches, but there is a growing trend of device search and seizure at US borders. There was a more than fivefold increase in the number of electronic device inspections between 2015 and 2016 – bringing the total number to 23,000 per year. In the first six months of 2017, the number of searches was already almost 15,000.

In some of these instances, people have been threatened with arrest if they didn’t hand over passwords. Others have been charged. In cases where they did comply, people have lost sight of their device for a short period, or devices were confiscated and returned days or weeks later.




Read more:
Encrypted smartphones secure your identity, not just your data


On top of device searches, there is also canvassing of social media accounts. In 2016, the United States introduced an additional question on online visa application forms, asking people to divulge social media usernames. As this form is usually filled out after the flights have been booked, travellers might feel they have no choice but to part with this information rather than risk being denied a visa, despite the question being optional.

There is little oversight

Border agents may have a legitimate reason to search an incoming passenger – for instance, if a passenger is suspected of carrying illicit goods, banned items, or agricultural products from abroad.

But searching a smartphone is different from searching luggage. Our smartphones carry our innermost thoughts, intimate pictures, sensitive workplace documents, and private messages.

The practice of searching electronic devices at borders could be compared to police having the right to intercept private communications. But in such cases in Australia, police require a warrant to conduct the intercept. That means there is oversight, and a mechanism in place to guard against abuse. And the suspected crime must be proportionate to the action taken by law enforcement.

What to do if it happens to you

If you’re stopped at a border and asked to hand over your devices and passwords, make sure you have educated yourself in advance about your rights in the country you’re entering.

Find out whether what you are being asked is optional or not. Just because someone in a uniform asks you to do something, it does not necessarily mean you have to comply. If you’re not sure about your rights, ask to speak to a lawyer and don’t say anything that might incriminate you. Keep your cool and don’t argue with the customs officer.




Read more:
How secure is your data when it’s stored in the cloud?


You should also be smart about how you manage your data generally. You may wish to switch on two-factor authentication, which requires a password on top of your passcode. And store sensitive information in the cloud on a secure European server while you are travelling, accessing it only on a needs basis. Data protection is taken more seriously in the European Union as a result of the recently enacted General Data Protection Regulation.

Microsoft, Apple and Google all indicate that handing over a password to one of their apps or devices is in breach of their services agreement, privacy management, and safety practices. That doesn’t mean it’s wise to refuse to comply with border force officials, but it does raise questions about the position governments are putting travellers in when they ask for this kind of information.The Conversation

Katina Michael, Professor, School for the Future of Innovation in Society & School of Computing, Informatics and Decision Systems Engineering, Arizona State University

This article is republished from The Conversation under a Creative Commons license. Read the original article.

If privacy is increasing for My Health Record data, it should apply to all medical records



File 20180920 10499 1xu9t4w.jpg?ixlib=rb 1.1
Everyone was up in arms about a lack of privacy with My Health Records, but the privacy is the same for other types of patient data.
from http://www.shutterstock.com

Megan Prictor, University of Melbourne; Bronwyn Hemsley, University of Technology Sydney; Mark Taylor, University of Melbourne, and Shaun McCarthy, University of Newcastle

In response to the public outcry against the potential for My Health Record data to be shared with police and other government agencies, Health Minister Greg Hunt recently announced moves to change the legislation.

The laws underpinning the My Health Record as well as records kept by GPs and private hospitals currently allow those records to be shared with the police, Centrelink, the Tax Office and other government departments if it’s “reasonably necessary” for a criminal investigation or to protect tax revenue.

If passed, the policy of the Digital Health Agency (which runs the My Health Record) not to release information without a court order will become law. This would mean the My Health Record has greater privacy protections in this respect than other medical records, which doesn’t make much sense.




Read more:
Opting out of My Health Records? Here’s what you get with the status quo


Changing the law to increase privacy

Under the proposed new bill, state and federal government departments and agencies would have to apply for a court order to obtain information stored in the My Health Record.

The court would need to be satisfied that sharing the information is “reasonably necessary”, and that there is no other effective way for the person requesting it to access the information. The court would also need to weigh up whether the disclosure would “unreasonably interfere” with the person’s privacy.

If granted, a court order to release the information would require the Digital Health Agency to provide information from a person’s My Health Record without the person’s consent, and even if they objected.

If a warrant is issued for a person’s health records, the police can sift through them as they look for relevant information. They could uncover personally sensitive material that is not relevant to the current proceedings. Since the My Health Record allows the collection of information across health providers, there could be an increased risk of non-relevant information being disclosed.




Read more:
Using My Health Record data for research could save lives, but we must ensure it’s ethical


But what about our other medical records?

Although we share all sorts of personal information online, we like to think of our medical records as sacrosanct. But the law underpinning My Health Record came from the wording of the Commonwealth Privacy Act 1988, which applies to all medical records held by GPs, specialists and private hospitals.

Under the Act, doctors don’t need to see a warrant before they’re allowed to share health information with enforcement agencies. The Privacy Act principles mean doctors only need a “reasonable belief” that sharing the information is “reasonably necessary” for the enforcement activity.

Although public hospital records do not fall under the Privacy Act, they are covered by state laws that have similar provisions. In Victoria, for instance, the Health Records Act 2001 permits disclosure if the record holder “reasonably believes” that the disclosure is “reasonably necessary” for a law enforcement function and it would not be a breach of confidence.

In practice, health care providers are trained on the utmost importance of protecting the patient’s privacy. Their systems of registration and accreditation mean they must follow a professional code of ethical conduct that includes observing confidentiality and privacy.

Although the law doesn’t require it, it is considered good practice for health professionals to insist on seeing a warrant before disclosing a patient’s health records.

In a 2014 case, the federal court considered whether a psychiatrist had breached the privacy of his patient. The psychiatrist had given some of his patient’s records to Queensland police in response to a warrant. The court said the existence of a warrant was evidence the doctor had acted appropriately.

In a 2015 case, it was decided a doctor had interfered with a patient’s privacy when disclosing the patient’s health information to police. In this case, there no was warrant and no formal criminal investigation.




Read more:
What could a My Health Record data breach look like?


Unfortunately, there are recent examples of medical records being shared with government departments in worrying ways. In Australia, it has been alleged the immigration department tried, for political reasons, to obtain access to the medical records of people held in immigration detention.

In the UK, thousands of patient records were shared with the Home Office to trace immigration offenders. As a result, it was feared some people would become too frightened to seek medical care for themselves and children.

We can’t change the fact different laws at state and federal level apply to our paper and electronic medical records stored in different locations. But we can try to change these laws to be consistent in protecting our privacy.

If it’s so important to change the My Health Records Act to ensure our records can only be “unlocked” by a court order, the same should apply to the Privacy Act as well as state-based laws. Doing so might help to address public concerns about privacy and the My Health Record, and further inform decisions about opting out or staying in the system.The Conversation

Megan Prictor, Research Fellow in Law, University of Melbourne; Bronwyn Hemsley, Professor of Speech Pathology, University of Technology Sydney; Mark Taylor, Associate professor, University of Melbourne, and Shaun McCarthy, Director, University of Newcastle Legal Centre, University of Newcastle

This article is republished from The Conversation under a Creative Commons license. Read the original article.

My Health Record: Deleting personal information from databases is harder than it sounds



File 20180802 136646 tt4waq.jpg?ixlib=rb 1.1
Federal Health Minister Greg Hunt has announced that the My Health Record system will be modified to allow the permanent deletion of records.
Shutterstock

Robert Merkel, Monash University

Since the period for opting out of My Health Record began on July 16, experts in health, privacy and IT have raised concerns about the security and privacy protections of the system, and the legislation governing its operation.

Now federal health minister Greg Hunt has announced two key changes to the system.

First, the legislation will be amended to explicitly require a court order for any documents to be released to a law enforcement agency. Second, the system will be modified to allow the permanent deletion of records:

In addition, the Government will also amend Labor’s 2012 legislation to ensure if someone wishes to cancel their record they will be able to do so permanently, with their record deleted from the system.

But while this sounds like a simple change, permanently and completely deleting information from IT systems is anything but straightforward.




Read more:
My Health Record: the case for opting out


Systems designed for retention, not deletion

The My Health Record database is designed for the long-term retention of important information. Most IT systems designed for this purpose are underpinned by the assumption that the risk of losing information – through a hardware fault, programming mistake, or operator error – should be extremely low.

The exact details of how My Health Record data is protected from data loss are not public. But there are several common measures that systems like it incorporate to greatly reduce the risks.

At a most basic level, “deletion” of a record stored in a database is often implemented simply by marking a record as deleted. That’s akin to deleting something on paper by drawing a thin line through it.

The software can be programmed to ignore any such deleted records, but the underlying record is still present in the database – and can be retrieved by an administrator with unfettered permissions to access the database directly.

This approach means that if an operator error or software bug results in an incorrect deletion, repairing the damage is straightforward.




Read more:
My Health Record: the case for opting in


Furthermore, even if data is actually deleted from the active database, it can still be present in backup “snapshots” that contain the complete database contents at some particular moment in time.

Some of these backups will be retained – untouched and unaltered – for extended periods, and will only be accessible to a small group of IT administrators.

Zombie records

Permanent and absolute deletion of a record in such a system will therefore be a challenge.

If a user requests deletion, removing their record from the active database will be relatively straightforward (although even this has some complications), but removing them from the backups is not.

If the backups are left unaltered, we might wonder in what circumstances the information in those backups would be made accessible.

If, by contrast, the archival backups are actively and irrevocably modified to permit deletion, those archival backups are at high risk of other modifications that remove or modify wanted data. This would defeat the purpose of having trusted archival backups.

Backups and the GDPR’s ‘right to be forgotten’

The problem of deleting personal information and archival backups has been raised in the context of the European Union’s General Data Protection Regulation (GDPR). This new EU-wide law greatly strengthens privacy protections surrounding use of personal information in member states.

The “right to erasure” or “right to be forgotten” – Article 17 of the GDPR – states that organisations storing the personal information of EU citizens “shall have the obligation to erase personal data without undue delay” in certain circumstances.

How this obligation will be met in the context of standard data backup practices is an interesting question, to say the least. While the legal aspects of this question are beyond my expertise, from a technical perspective, there is no easy general-purpose solution for the prompt deletion of individual records from archived data.

In an essay posted to their corporate website, data backup company Acronis proposes that companies should be transparent about what will happen to the backups of customers who request that records be deleted:

[while] primary instances of their data in production systems will be erased with all due speed … their personal data may reside in backup archives that must be retained for a longer period of time – either because it is impractical to isolate individual personal data within the archive, or because the controller is required to retain data longer for contractual, legal or compliance reasons.

Who might access those backups?

Data stored on archival backups, competently administered, will not be available to health professionals. Nor will they be available to run-of-the-mill hackers who might steal a practitioner’s credentials to gain illicit access to My Health Record.

But it’s not at all clear whether law enforcement bodies, or anyone else, could potentially access a deleted record if they are granted access to archival backups by the system operator.

Under amended legislation, such access would undoubtedly require a court order. Nevertheless, were it to be permitted, access to a deleted record under these circumstances would be contrary to the general expectation that when a record is deleted, it is promptly, completely and irrevocably deleted, with no prospect of retrieval.




Read more:
Opting out of My Health Records? Here’s what you get with the status quo


Time required to work through the details

In my view, more information on the deletion process, and any legislative provisions surrounding deleted records, needs to be made public. This will allow individuals to make an informed choice on whether they are comfortable with the amended security and privacy provisions.

Getting this right will take time and extensive expert and public consultation. It is very difficult to imagine how this could take place within the opt-out period, even taking into account the one-month extension just announced by the minister.

The ConversationGiven that, it would be prudent to pause the roll-out of My Health Record for a considerably longer period. This would permit the government to properly address the issues of record deletion, as well as the numerous other privacy and security concerns raised about the system.

Robert Merkel, Lecturer in Software Engineering, Monash University

This article was originally published on The Conversation. Read the original article.

Is counter-attack justified against a state-sponsored cyber attack? It’s a legal grey area



File 20180327 188616 1ccmbhv.jpg?ixlib=rb 1.1
The US has charged and sanctioned nine Iranians and an Iranian company for cyber attacks.
Parmida Rahimi/Flickr, CC BY-SA

Sandeep Gopalan, Deakin University

On March 23, the US Department of Justice commenced perhaps the largest prosecution of a state-sponsored cyber attack. It indicted nine Iranians for carrying out:

a coordinated campaign of cyber intrusions into computer systems belonging to 144 US universities, 176 universities across 21 foreign countries, 47 domestic and foreign private sector companies … [and] the United Nations…

At least 31.5 terabytes of data was allegedly stolen and Australian universities were targeted, although specific institutions are not named.

History suggests that this response is unlikely to deter future attacks, and that counter-attacks are a more effective strategy. But would it be justified? Current international law focuses on armed attack, not cyber attack as a justification for state action taken in self-defence.

As cyber attacks become more common, international law needs to clear up this grey area.

How they did it and what was taken

The indictment alleges that defendants Gholamreza Rafatnejad and Ehsan Mohammadi are founders of Mabna Institute – an organisation established for the purpose of scientific espionage. Mabna is alleged to have contracted with Iranian governmental agencies (including the Islamic Revolutionary guard) to conduct hacking on their behalf.




Read more:
Following the developing Iranian cyberthreat


The defendants allegedly engaged in a conspiracy to compromise computer accounts of thousands of professors to steal research data and intellectual property, costing the US approximately US$3.4 billion. They allegedly conducted surveillance and sent professors targeted “spearphishing” emails to lure them into providing access to their computer systems.

Valuable data was transferred from the compromised IT systems to the hackers, according the the indictment. Over 100,000 professors were apparently targeted and approximately 8,000 email accounts compromised.

Private companies were also targeted – none Australian – via “password spraying”, said the US Department of Justice. This is a technique whereby the attacker identifies the email accounts of a target via public search and gains access to the account using common or default passwords.

Prosecution is an insufficient response

The defendants are charged with committing fraud and related activity in connection with computers, conspiracy, wire fraud, unauthorised access of a computer, and identity theft. Each charge carries a prison sentence ranging from two years to 20 years.

The prosecution is a necessary, but insufficient response to these cyber attacks.

The defendants are based in Iran and are unlikely to be brought to justice. Previously, US prosecutors have charged Iranian hackers with attacks against financial institutions and a dam in New York to no avail.

And hacking has escalated – the US accused Russia of compromising the US electricity grid and attacks against other countries are also alleged.

Counter-attack a better deterrent

Rogue states such as Iran, Russia, and North Korea are only likely to be deterred against conducting cyber attacks if their targets have robust self-defense and counter-attack capabilities. However, the legal status of cyber attacks and the appropriate responses are not clear in international law.

Under the UN Charter, states have an obligation to refrain “from the threat or use of force against the territorial integrity or political independence of any state”. Crucially, states possess an “inherent right of individual or collective self-defence if an armed attack occurs”.




Read more:
Cybersecurity of the power grid: A growing challenge


The key questions then are whether a cyber attack amounts to a “use of force”, whether hacking attributable to a state amounts to an “armed attack”, and if a cyber attack violates “territorial integrity”. Traditionally, international law has answered these questions with reference to acts of physical violence – conventional military strikes.

It’s likely that a large scale cyber attack against a state that has physical consequences within its territory may be characterised as a “use of force”, and may violate “territorial integrity” under the charter. For instance, attacks that turn self-driving cars into weapons, knock out nuclear stations or paralyse the power grid might reach this threshold.

But what if the attack is designed to sow confusion or generate internal discord, such as in the case of Russian hacking of the US election? Or attacks directed beyond a particular country? This is a harder question and not settled currently. Similarly, it’s not certain that even large scale hacking would rise to the level of an “armed attack”.

Precedent in international law

In 1984, Nicaragua brought proceedings against the US in response to American support for the Contras (rebels fighting the government). In that case, the International Court of Justice (ICJ) opined that armed attack might also include:

the sending by a State of armed bands on to the territory of another State, if such an operation, because of its scale and effects, would have been classified as an armed attack had it been carried out by regular armed forces.

Crucially, the ICJ underlined the principle of non-intervention:

Intervention is wrongful … [using] methods of coercion, particularly force, either in the direct form of military action or in the indirect form of support for subversive activities in another State.

Based on the Nicaragua case, if a cyber attack has sufficient “scale and effects” it may amount to an armed attack. More importantly, if the attacks are attributable to a state (in this case the Islamic Revolutionary Guard) – or are within its overall or effective control or direction – it would appear that the armed attack would give rise to the right to self-defence.




Read more:
Cyber peacekeeping is integral in an era of cyberwar – here’s why


However, this may be difficult to establish in practice – there may not be sufficient evidence connecting the hacker to the state to show control, and hence attribution.

So, what are the permissible self-defence responses under international law? Could the US launch military strikes against Iran or Russia for these incidents if they are found to be behind these attacks? The legality of such strikes is not clear even though the US might claim such status.

The ConversationThe international community should set bright line rules on this matter before an expansive reading of self-defence triggers war. The NATO Cooperative Cyber Defence Centre of Excellence’s Tallinn Manual 2.0 is a start, but a binding instrument is needed. John Bolton’s appointment as US President Donald Trump’s National Security Advisor makes this an urgent priority because a military strike in response to the next major cyber attack is a realistic prospect.

Sandeep Gopalan, Pro Vice-Chancellor (Academic Innovation) & Professor of Law, Deakin University

This article was originally published on The Conversation. Read the original article.

US approach to security is deeply troubling – and it’s not just about Trump



File 20180208 74512 1ctlotn.jpg?ixlib=rb 1.1
Is Donald Trump really the one setting the direction of US security policy?
Reuters/Jonathan Ernst

Joseph Camilleri, La Trobe University

Media coverage of Donald Trump’s presidency has fixated on his outlandish, off-the-cuff tweets, his ill-conceived and inflammatory positions on immigration, race relations and climate change, his “America First” mantra, and his unrelenting attacks on the various inquiries into collusion with Russia.

The image created has been of a man who, though ignorant, vulgar and deeply polarising, struts the political stage. But is Trump really setting the direction of US security policy?

Mounting evidence suggests the theatre around Trump is so mesmerising that we have lost sight of how the US security establishment wields power – and to what end.

The picture is becoming clear

The security establishment is no monolith, nor does it function as a conspiratorial cabal. Personalities and institutional interests compete for attention and resources.

Yet it has a reasonably coherent mindset, which has its origins in the early days of the Cold War. It is a sense of belonging to a club that connects first and foremost the Department of Defence, various arms of the intelligence community and law enforcement agencies, but also significant voices in other key government departments, areas of the judiciary and Congress, and some of America’s most influential think-tanks and corporations – in particular the leading arms manufacturers.

How this security establishment is handling the Trump phenomenon is an intriguing story, highly complex, and still unfolding. However, several pieces of the jigsaw are beginning to fall into place. Three merit special attention:

  • the competition for influence within the Trump administration

  • the Russia investigation

  • the unmistakable shift in US strategic planning.

Taken together these form a picture of a political and military elite intent on maintaining control of US security policy. They feel the need to immunise it from Trump’s erratic behaviour and his supposedly pro-Russian inclinations, and revive a Cold War mindset that views Russia and China as major adversaries.

The battle for influence

Though Trump and the security establishment may be suspicious of one another, there is also common ground. They disagree not about placing “America first”, but about how this should be done.

The security establishment prefers a carefully devised, longer-term strategy and a less confrontational approach toward friends and allies. It sees value in continuing to extol the virtues of free trade and democracy, though it does not necessarily practise what it preaches.

And it is generally suspicious of personal deal-making – especially where this involves Russia – to which Trump is drawn by instinct, and commercial interest and experience.

The security establishment has therefore made it a priority to gain influence within the administration. It took no more than six months for reliable establishment figures to be firmly in the saddle: Jim Mattis as defence secretary, John Kelly as White House chief-of-staff and H.R. McMaster as national security adviser.

Key Trump campaign advisers thought to have cultivated links with Russia or be otherwise unreliable – including Michael Flynn (whom Trump initially appointed as national security adviser), George Papadopoulos, Paul Manafort, Rick Gates, Stephen Bannon and even Trump’s daughter Ivanka and son-in-law Jared Kushner – have been gently or not-so-gently eased out of their previously influential roles.

Trump himself is seen at best as an unknown quantity, and at worst prone to dangerous illusions about the prospects of cultivating a fruitful personal relationship with Russian President Vladimir Putin.

Behind the lurid accusations of Russian meddling in the US presidential election and alleged collusion between the Trump campaign and the Kremlin, and more recently behind the claims and counterclaims of obstruction of justice by the Trump administration, we can now discern a far more significant jostling for control of US policy.

The ‘new’ Russian threat

The Russia investigations being conducted by congressional committees and by special counsel Robert Mueller are clearly designed to put Trump on the defensive. Congressional Democrats are doing all they can to prolong these inquiries – in some cases with the support of senior Republican senators close to the intelligence community.

Hundreds of witnesses have already given evidence to these inquiries. Many more are expected to appear. And in public comments and her recently published memoir, Hillary Clinton, well known for her antipathy to Putin and his reassertion of Russian influence, has been at pains to identify Russia’s meddling in the election as a key factor in her defeat.

Yet the hard evidence so far produced to support the charges of Russian interference has been scant to say the least.

Putin and his underlings are no angels. But as journalist Aaron Mate has argued:

In Russiagate, unverified claims are reported with little to no scepticism … developments are cherry-picked and overhyped, while countervailing ones are minimised or ignored. Front-page headlines advertise explosive and incriminating developments, only to often be undermined by the article’s content, or retracted entirely.

Whatever the outcome of these various inquiries, one thing is clear. The security establishment has concluded that a resurgent Russia needs to be contained and that any advocacy of dialogue with it must be nipped in the bud.

Allegations of Russian interference in the politics of the US and other Western countries are part of a larger strategy that aims to magnify the threat Russia poses and to thwart any intention on Trump’s part to reset the relationship.

Donald Trump has been keen to offer a hand of friendship to Vladimir Putin’s Russia.
Reuters/Carlos Barria

Back to the Cold War

The national defence strategy Mattis recently unveiled delivers a stark message. Countering China’s rise and Russia’s resurgence are now at the heart of US policy. The Cold War outlook is back with a vengeance.

To this end, the US military will confront its adversaries across the spectrum of conflicts – mainly in Europe and the Indo-Pacific region, but without neglecting the Middle East.

American armed forces will modernise and build its readiness for future conflicts and consolidate military ties with allies and partners around the world. But conspicuously absent is any notion of neo-isolationism or renewed dialogue with Russia – both of which featured prominently during Trump’s presidential campaign.

The national defence strategy should, in any case, be read in conjunction with the national security strategy released in December 2017 and the more recent nuclear posture review released last week.

The shift in US strategic priorities, which is well under way, will affect all aspects of defence budgeting, weapons development and force management. Training is already focused on high-intensity conflict with major adversaries. Heavily armed deployments are stationed continuously in Europe and across East and Central Asia.

The plan is to modernise all three arms of the US nuclear arsenal – land-based intercontinental ballistic missiles, strategic bombers and submarine-launched ballistic missiles – and design low-yield nuclear weapons that make them more readily usable. In other words, the US is boosting its capacity to escalate non-nuclear conflicts into nuclear war, thereby lowering the nuclear threshold.

Trump’s rhetoric of “fire and fury” is at first sight in accord with these developments. Whether he fully understands them is another matter.

The ConversationWe may not much like what Trump says or wants to do. But even more troubling is the US security establishment’s vision of the future. For US allies, not least Australia, it spells danger and much heartache.

Joseph Camilleri, Emeritus Professor of International Relations, La Trobe University

This article was originally published on The Conversation. Read the original article.

The US election hack, fake news, data theft: the cyber security lessons from 2017



File 20171219 4995 17al34.jpg?ixlib=rb 1.1
Cyber attacks have the potential to cause economic disruption, coerce changes in political behaviour and subvert systems of governance.
from http://www.shutterstock.com, CC BY-ND

Joe Burton, University of Waikato

Cyber security played a prominent role in international affairs in 2017, with impacts on peace and security.

Increased international collaboration and new laws that capture the complexity of communications technology could be among solutions to cyber security issues in 2018.


Read more: Artificial intelligence cyber attacks are coming – but what does that mean?


The US election hack and the end of cyber scepticism

The big story of the past year has been the subversion of the US election process and the ongoing controversies surrounding the Trump administration. The investigations into the scandal are unresolved, but it is important to recognise that the US election hack has dispelled any lingering scepticism about the impact of cyber attacks on national and international security.

From the self-confessed “mistake” Secretary Clinton made in setting up a private email server, to the hacking of the Democratic National Committee’s servers and the leaking of Democratic campaign chair John Podesta’s emails to WikiLeaks, the 2016 presidential election was in many ways defined by cyber security issues.

Many analysts had been debating the likelihood of a “digital Pearl Harbour”, an attack producing devastating economic disruption or physical effects. But they missed the more subtle and covert political scope of cyber attacks to coerce changes in political behaviour and subvert systems of governance. Enhancing the security and integrity of democratic systems and electoral processes will surely be on the agenda in 2018 in the Asia Pacific and elsewhere.

Anti-social media

The growing impact of social media and the connection with cyber security has been another big story in 2017. Social media was meant to be a great liberator, to democratise, and to bring new transparency to politics and societies. In 2017, it has become a platform for fake news, misinformation and propaganda.

Social media sites clearly played a role in displacing authoritarian governments during the Arab Spring uprisings. Few expected they would be used by authoritarian governments in an incredibly effective way to sow and exploit divisions in democratic countries. The debate we need to have in 2018 is how we can deter the manipulation of social media, prevent the spread of fake news and encourage the likes of Facebook and Twitter to monitor and police their own networks.

If we don’t trust what we see on these sites, they won’t be commercially successful, and they won’t serve as platforms to enhance international peace and security. Social media sites must not become co-opted or corrupted. Facebook should not be allowed to become Fakebook.

Holding data to ransom

The spread of the Wannacry virus was the third big cyber security story of 2017. Wannacry locked down computers and demanded a ransom (in bitcoin) for the electronic key that would release the data. The virus spread in a truly global attack to an estimated 300,000 computers in 150 countries. It led to losses in the region of four billion dollars – a small fraction of the global cyber crime market, which is projected to grow to $6 trillion by 2021. In the Asia Pacific region, cyber crime is growing by 45% each year.


Read more: Cyberspace aggression adds to North Korea’s threat to global security


Wannacry was an important event because it pointed not only to the growth in cyber crime but also the dangers inherent in the development and proliferation of offensive cyber security capabilities. The exploit to windows XP systems that was used to spread the virus had been stockpiled by the US National Security Agency (NSA). It ended up being released on the internet and then used to generate revenue.

A fundamental challenge in 2018 is to constrain the use of offensive cyber capabilities and to reign in the growth of the cyber-crime market through enhanced cooperation. This will be no small task, but there have been some positive developments.

According to US network security firm FireEye, the recent US-China agreement on commercial cyber espionage has led to an estimated 90% reduction in data breaches in the US emanating from China. Cyber cooperation is possible and can lead to bilateral and global goods.

Death of cyber norms?

The final big development, or rather lack of development, has been at the UN. The Government Group of Experts (GGE) process, established in 2004 to strengthen the security of global information and telecommunications systems, failed to reach a consensus on its latest report on the status of international laws and norms in cyberspace. The main problem has been that there is no definite agreement on the applicability of existing international law to cyber security. This includes issues such as when states might be held responsible for cyber attacks emanating from their territory, or their right to the use of countermeasures in cyber self-defence.

Some analysts have proclaimed this to be “the end of cyber norms”. This betrays a pessimism about UN level governance of the internet that is deeply steeped in overly state-centric views of security and a reluctance to cede any sovereignty to international organisations.

It is true that norms won’t be built from the top down. But the UN does and should have an important role to play in cyber security as we move into 2018, not least because of its universality and global reach.

The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn, Estonia recently launched the Tallinn Manual 2.0, which examines the applicability of international law to cyber attacks that fall below the use of force and occur outside of armed conflict.

These commendable efforts could move forward hand in hand with efforts to build consensus on new laws that more accurately capture the complexity of new information and communications technology. In February 2017, Brad Smith, the head of Microsoft, proposed a digital Geneva Convention that would outlaw cyber attacks on civilian infrastructure.

The ConversationIn all this we must recognise that cyber security is not a binary process. It is not about “ones and zeros”, but rather about a complex spectrum of activity that needs multi-level, multi-stakeholder responses that include international organisations. This is a cyber reality that we should all bear in mind when we try to find solutions to cyber security issues in 2018.

Joe Burton, Senior Lecturer, Institute for Security and Crime Science, University of Waikato

This article was originally published on The Conversation. Read the original article.

Turnbull proposes tougher security measures


Michelle Grattan, University of Canberra

Malcolm Turnbull this week is pushing for a further toughening of national security laws, including to allow police to hold suspects for longer without charges.

Turnbull and state and territory leaders on Thursday will hold a special Council of Australian Governments (COAG) meeting on measures to counter terrorism.

The Commonwealth is proposing action on three fronts: ensuring nationally consistent pre-charge detention laws; new Commonwealth offences for people who possess “instructional” terrorist material; and strengthening laws against terrorism hoaxes.

On pre-charge detention, in New South Wales people can be held for 14 days but other states have a maximum of seven days or less.

South Australia only allows eight hours without charge. Western Australia allows six hours, before extensions of eight hours can be sought from a magistrate. Queensland allows eight hours and then magistrate approval for every eight hours after that.

The Australian Federal Police and state counterparts want longer questioning and detention time between a person being arrested and either charged or released.

The federal government is proposing to develop Commonwealth laws that can apply nationwide.

Previously, legal and constitutional issues have been a problem but the federal government believes legal concerns can be overcome, with additional safeguards.

The proposal would:

  • increase the initial investigation period from four to eight hours before a person had to be released or an extension of the detention period sought;

  • increase the maximum investigative detention time for Commonwealth terrorism offences to 14 days; and

  • remove some legal complexities, making the law less onerous for police as well as clearer.

The Commonwealth uses the example of the recent plot to blow up a plane in Sydney to show why pre-charge detention laws need to be consistent. Under NSW law, suspects could have been held for up to 14 days but elsewhere the maximum would have been seven.

The proposed new federal offence to criminalise the possession of instructional material of practical use for a terrorist act is designed to enable authorities to intervene “at the lower end of the risk spectrum”.

The government argues this would be a strong deterrent – and uses the comparison of the possession of child pornography, an offence even if a possessor doesn’t intend themselves to abuse a child.

Law enforcement agencies are concerned at the amount of extremist material available online which doesn’t just radicalise people but sometimes gives specific instructions about how to commit a terrorist act.

The government also wants a nationally consistent regime against hoaxes, replacing the present various state and territory offences. It says a new federal offence would keep pace with the “evolving methodology of terrorists”, including false claims about knife and vehicle attacks, as well as traditional hoaxes about explosives and the like.

It would also make for consistent jail terms across the country.

Turnbull said Thursday’s COAG meeting was about staying ahead of the terrorist threat.

The Coalition government has enacted nine tranches of national security legislation; 74 people have been charged as a result of 31 counter-terrorism operations in the last three years.

Since the threat level was raised in September 2014, there have been five attacks and 13 major counter-terrorism disruption operations.

About 110 Australians are presently fighting or engaged with terrorist groups in Syria and Iraq.

Since 2012, about 220 Australians have travelled to Syria or Iraq to fight or support the fighting. At least 65 Australians, and possibly up to 83, have been killed. More than 30 people have come back to Australia after travelling to Syria/Iraq – most before the caliphate was declared.

About 220 people in Australia are being investigated for providing support to the Syrian/Iraq conflict, including through money and other help, or are wanting to travel.

The ConversationSome 220 passports have been cancelled or refused in relation to the conflict.

Michelle Grattan, Professorial Fellow, University of Canberra

This article was originally published on The Conversation. Read the original article.

Cyberspace aggression adds to North Korea’s threat to global security



File 20170814 28455 8xekpo
People participate in a Pyongyang mass rally held at Kim Il-sung Square.
KCNA/Reuters, CC BY-ND

Joe Burton, University of Waikato

Claims that North Korea could fire nuclear weapons at the continental US present a serious threat to global security. But its hostile activities don’t end there. North Korea has also become an aggressive cyber power, regularly using cyber attacks to advance its interests.

Last month, a threat intelligence firm, Recorded Future, reported that North Korea may have been using New Zealand’s internet networks as proxies to launch cyber attacks worldwide. The New Zealand government’s Communications Security Bureau is assessing the veracity of these claims.

The report suggests that North Korea may have both a physical and a virtual presence in New Zealand. It raised the possibility of a network of “patriot hackers” using New Zealand cyber networks to pursue the aims of the North Korean regime.

North Korea’s history of cyber attacks

Cyber attacks have become a wide-ranging tool in the arsenal of authoritarian governments to coerce and intimidate foreign governments, to subvert democratic processes, and to impose costs on their adversaries.

In North Korea’s case, this pattern of activity stretches back many years. North Korea is estimated to have an army of 6,000 hackers, engaging in malicious cyber activity regularly.

In March 2013, hackers linked to North Korea attacked South Korean banks and media agencies, causing widespread disruption. In November 2014, cyber attacks against Sony Pictures followed the release of the film The Interview, which caricatured and mocked the North Korean leader.

The attack led to the release of personal information on thousands of Sony employees and the cancellation of the film’s launch. The incident quickly escalated into a serious diplomatic dispute between the US and North Korea.

In 2016, a Bangladeshi bank became the victim of North Korean hackers. Reports said that US$81 million were lost through compromised financial transactions.

Most recently, the WannaCry ransomware attack, which affected computers in more than 150 countries, has been linked to the Lazarus group of hackers, which has links to the North Korean regime. This suggests North Korea is now using state-sponsored hackers to help raise revenue for a country starved of access to international markets and funding.

Cyber attacks further threat to nuclear security

Analysis of North Korea’s activities often misses the connections between cyber and nuclear security. North Korea’s nuclear program has itself become a victim of cyber attacks.

A report in the New York Times in March this year revealed that the Obama administration ordered a campaign of cyber subversion aimed at North Korea’s nuclear and missile programs. It mirrors the now infamous Stuxnet attacks directed against Iran in 2010.

In the absence of progress on North Korean disarmament, delaying its ability to pursue nuclear weapon programs through cyber attacks has become a feature of US strategy. It’s a strategy that may yield short-term results, but presents significant escalatory dangers.

Proliferation risks

Cyber attacks pose increasingly serious risks to classified nuclear information, the security of nuclear facilities, and the integrity of the components that nuclear arms and missile technologies rely on.

Last year, the UK government was warned that its trident nuclear submarine program was vulnerable to cyber intrusions. The think-tank report Hacking UK Trident: A Growing Threat argued that a cyber attack directed against the submarines could:

… neutralise operations, lead to loss of life, defeat or perhaps even the catastrophic exchange of nuclear warheads (directly or indirectly).

In June this year, the US government reported multiple cyber breaches of its own nuclear installations. This followed similar revelations about attacks directed against South Korea’s nuclear reactor operators Korea Hydro and Nuclear Power Co Ltd in 2015.

Another concerning aspect of the cyber-nuclear nexus is that hacking could facilitate the proliferation of nuclear materials and technology to other aggressive states and non-state actors.

Reining in North Korea

The growing connections between nuclear and cyber security are changing the strategic balance between nuclear powers in subtle and undetermined ways. Approaches to dealing with the North Korean regime must treat these issues as related.

So what can be done about North Korea’s aggressive use of the internet? Unfortunately, just as with its nuclear program, there few good options. Sanctions imposed on the regime for its cyber activity, such as those following the Sony hack, have proved ineffective at changing the regime’s behaviour.

China and Russia may have a role to play in persuading Kim Jong-un to “play nicely” in cyberspace, but both countries also have a long history of malicious cyber operations.

There are examples where states have given up destructive weapons programs. These include Colonel Gaddafi’s regime in Libya and the more recent Iran deal. However, the difficulty of verifying whether offensive cyber programs have been dismantled presents a major obstacle.

Cyber armies operating from a virtual realm can easily be hidden. Given that punishing the North Korean regime for its behaviour has not yielded results, it may be time to start thinking about a range of positive inducements to bring the country back into the international community, including offering diplomatic talks without precondition.

The ConversationRewarding North Korea for its errant behaviour may be unpalatable, but the combined danger of its nuclear and cyber capabilities would appear to warrant a significant shift in strategy.

Joe Burton, Senior Lecturer, Institute for Security and Crime Science, University of Waikato

This article was originally published on The Conversation. Read the original article.

Security gets $1.2b, community programs to counter violent extremism $40m – that’s a foolish imbalance



File 20170801 766 wd8iw
Police raided several Sydney properties over the weekend in relation to possible terror plots.
AAP/Dean Lewins

Clarke Jones, Australian National University

The arrests and raids in Sydney over the weekend, as well as the 12 so-called “terrorist plots” disrupted by police since September 2014, ought to raise questions over whether Australia’s efforts to counter violent extremism are actually working.

A spending and policy imbalance

Australia has spent more than A$1.2 billion since 2015 on strengthening sharp-end counter-terrorism arrangements such as increasing intelligence and security capabilities. Millions more will be spent when the government’s proposed Department of Home Affairs opens.

Over roughly the same period, only about $40 million has been spent on countering violent extremism and community cohesion programs.

Of this $40 million, only around $2 million was given out in 2015 to 42 of the 97 applicants. This money was to support grassroots organisations to develop new, innovative services to move people away from violent extremism. This funding round was developed to improve Australia’s capability to deliver localised and tailored intervention services.

So, there is a significant imbalance between sharp-end funding and piecemeal, short-term, community-level grants. The money is clearly not being invested wisely or even reaching the right places, such as those at-risk communities willing to engage and desperately seeking funding. Many more terror-related arrests will follow in the foreseeable future as a result.

All the while, it’s been full steam ahead in relation to security, legislation, corrections, police and intelligence. This has come at the expense of community resilience and building up protective mechanisms within vulnerable youth and communities.

From my research with Muslim communities over the past two years, the government’s approach is verging on being counter-productive. It now risks trampling on the basic rights and freedoms of young Muslims, their families and their communities more broadly.

This approach will actually worsen the many underlying issues – such as discrimination, alienation, marginalisation and rejection – that seem to contribute to offending in the first place.

The safety of all Australians should remain a key government priority. And getting the balance right between security and youth and community welfare is difficult. But the government seems hell-bent on pre-crime arrest, prosecution and punishment, while falling short on providing the necessary long-term support for the young vulnerable people it really needs to protect and prevent from engaging in serious anti-social behaviour.

For those from minority communities in particular, the criminal justice system is a very slippery slope. Once in it, the prospects of positive and meaningful futures are slim.

Where Australia’s approach is lacking

As with the UK’s Prevent program, Australia’s approach suffers from multiple, mutually reinforcing structural flaws. Its foreseeable consequence is a serious risk to the wellbeing of young Muslims and Australian multiculturalism more broadly.

Much of the centrepiece of the government’s countering violent extremism strategy rests on the theory of radicalisation and the social engineering of radical views and cultures to become more conservative and “Australian”.

However, for the concept of radicalisation alone, there seems to be very little clarity about the term and the tools that measure it. If such tools are used to help determine the destiny of a young Muslim person, whether it be in a school or criminal justice situation, then these must be made more available for wider peer review – rather than held in secrecy within the government.

For those deemed “radicalised” or on the pathway to radicalisation, there are very few community-based secondary-level intervention programs designed to support them. Nor are there programs they are willing to participate in voluntarily. This is largely because most current programs are led by government and police, which seem to lack a crucial understanding about the many cultural, religious and ethnic nuances required for effective intervention.

Without close community partnerships and community-led approaches, programs will never be able to fully understand the highly complex nature of families and communities.

Getting access to vulnerable youth and their families, and then encouraging them to participate in interventions, requires close and trusted community partnerships. To date, partnerships between government and the more conservative community groups have not been fully developed. This is particularly the case with the more hard-to-reach groups, which have many of the young people requiring support or intervention.

Put together, this has limited the government’s capacity to support and fund communities working with the most at-risk or vulnerable youth.

The government’s position on these communities is that they are too risky to work with. In reality, it is too risky not to work with them.

To make us truly safe – not just from terrorism, but from other serious crimes too – the government needs to go back to basics. Australia should invest a lot more in longer-term community partnerships and develop more preventive measures, such as community-led interventions. These interventions must be developed by those outside the government’s national security apparatus.

The ConversationA major government rethink is required if it is truly going to keep us safe.

Clarke Jones, Research Fellow, Research School of Psychology, Australian National University

This article was originally published on The Conversation. Read the original article.