“China’s size and technological weight means that it has the potential to control the global operating system”.
Fleming’s main cybersecurity concern is China, but he has strong words to say about Russia. It has sophisticated world-class state-sponsored hacking. Russia was behind the attacks on the SolarWinds software used by US government departments.
He says China is working on emerging technologies, but it has a competing vision of the future. It’s a vision that doesn’t respect liberal western thinking.
His answer is for the west to develop its own technologies. He also wants allies to work more closely to build better cyber defence networks.
Up to a point this is an extension of the earlier campaign against Huawei. That resulted in western governments banning the company from building strategic 5G cellular networks.
At the same time it reflects increased tension between China and the west.
There’s a deepening rivalry between China and America. Western nations are being asked to pick sides. This now extends beyond commerce, both sides have increased their military activity.
Russia is opportunistic and threatens Eastern European nations. That presents the rest of Europe with a security problem.
Behind these rivalries nations are fighting a tech war online. Many of the threats facing computer users come from state controlled teams.
At OneZero Owen Williams writes about the Australian government’s proposed legislation that will make online giants pay local media.
…the News Media and Digital Platforms Mandatory Bargaining Code, would require social media platforms to negotiate with local media in order to use their content. For instance, whenever Google publishes headlines and summaries on Google News, Google would have to pay a small sum to the newspapers or magazines listed.
European governments have attempted similar laws and rules with little success.
Devastating for traditional media
There’s a huge disconnect with the plan. Yes, the likes of Google and Facebook have devastated traditional media. They, and other world scale media giants, have sucked almost all the advertising revenue that once paid for a vibrant and diverse market of newspapers, radio stations and television channels.
And yet today’s media companies depend on the same tech companies to drive online readers to their sites allowing them to pick up the few remaining revenue crumbs. Without that traffic they’d wither and die.
The analogy that comes to mind is that the media companies have a prescription drug dependency. The medicine reduces their pain and allows them to function, but in the long term it is killing them.
Australia’s proposed legislation isn’t only doomed to failure. It will almost certainly end up doing more harm than good. The likes of Google and Facebook need to be dragged into line, but this is not the way to do it.
What would I do? First, I’d flatten the playing field by making sure all revenue sucked out of the local market is subject to tax. If local media companies pay tax, but their more successful rivals do not, they don’t stand a chance of competing. While that train has already left the station, taxing the giants on an equal footing with local publishers might create local opportunities that would not otherwise exist.
Second, I legislate so that the likes of Google and Facebook have the same responsibilities for their content that more traditional publishers have. It’s not good enough for them to wash their hands of damaging and harmful material published on their sites. It’s not as if they don’t have the rivers of gold pouring into their coffers to help them pay for teams of editors.
In the meantime, I’m also concerned the Australian moves could have implications for New Zealand. Like it or not, the tech giants tend to treat us and Australia as a single, unimportant market.
Governments say they worry that criminals and terrorists can use encryption to keep illegal online activity private. There’s no question this goes on.
The difference this time is that the governments acknowledge encryption plays an important role. It gives people privacy and enables online commerce including banking. This would be difficult to do without encryption.
When Justice minister Andrew Little announced New Zealand’s support earlier this week he was clear that any access to encrypted data would require a warrant.
While New Zealand law applies to foreign technology giants, our system has little power to enforce warrants. An international agreement and a common legislative framework will make it easier for local law enforcement.
The UK and US have legislation to address this. Australia has anti-encryption legislation, which has not been effective because it can’t be enforce.
Five Eyes is not asking for carte blanch. At this stage it is making a request and asking the tech companies for their ideas.
The security partnership says it wants to embed public safety in system designs. This would let companies act against illegal content and activity without reducing user safety.
Five Eyes wants law enforcement access to content in a readable and usable format where an authorisation is lawfully issued. At the moment companies can respond to warrants with indecipherable encrypted data.
He rightly talked about the “threat surface” and security vulnerabilities. Yet encryption is on of the best tools we have to reduce these threats and vulnerabilities.
This action is not about making tech companies give government agencies back doors into encryption. That has been discussed in the past.
Back doors are a bad idea because the moment there is an entry point for government agencies there is one for criminals and terrorists. It takes one law enforcement officer anywhere in the world to hand those keys over to a criminal.
The charter might not seem a huge deal. Yet overseas experience suggests it could save lives.
Shaw’s press release says the charter will “give New Zealanders confidence that data is being used safely and effectively across government.”
Make that: “parts of government”. The charter is not compulsory. A total of 21 government departments have signed. The biggest data users are there: Inland Revenue and The Ministry of Social Development are important. The New Zealand Defence Force has signed, the Police has not.
New Zealanders would be more confident they would not be on the wrong end of a rogue algorithm if the charter was compulsory across government.
Ethical data use
The charter draws on work by the head of Statistics NZ, Liz MacPherson. She also has the title of chief data steward. MacPherson has been working on ethical data use in government.
Last year the government looked at how it used algorithms. It decided they needed more transparency. In July it set up a Data Ethics Advisory Group.
The thinking behind the charter is sound enough. Government departments use vast amounts of data. At times the software used to sift the data is complex, although it can be straightforward at times.
This can work fine, but humans write algorithms. They can be biased or based on false premises. Algorithms can be broken. People using them can make bad decisions.
There are plenty of stories of algorithms serving up inaccuracies and discriminatory decisions. The process is opaque, government employees have been known to hide behind bad decisions. The logic used to feed algorithms is often kept secret from the public.
When this happens, the consequences can be dire. At times the most vulnerable members of society can be at risk.
One of the worst examples of how bad this gets is Australia’s so called Robodebt saga. Australians who had received welfare payments were automatically sent debt notices, often without explanation if data matching between different departments showed inconsistencies.
Many Robodebt demands were wrong. Fighting or even questioning the demands saw people descend into a Kafkaesque digital distopia. There were suicides as a result.
Agencies signing the charter commit to explaining their algorithms to the people on the receiving end. The rules used are supposed to be transparent and published in plain English. Good luck with that one.
Fit for purpose
Elsewhere the New Zealand charter wants algorithm users to “make sure data is fit for purpose” by “understanding its limitations” and “identifying and managing bias”. It sounds good, but there is a danger public servants might push the meaning of those words to the limit.
Any agency signing the charter has to give the public a point of contact for enquiries about algorithms. The charter expects agencies to offer a way of appealing against algorithm decisions.
There’s a specific New Zealand twist. The charter asks agencies to take Māori views on data collection into account. This is important. Algorithms tend to be written by people from other cultures and Māori are disproportionately on the wrong end of bad decisions.
One area not covered in the documents published at the launch is how agencies might deal with data that is manipulated by external agencies. Given that government outsources data work, this could be a problem. There may even be cases where external organisations use proprietary algorithms.
“TICSA has been in place since 2014, and works well. We are confident that New Zealand’s telecommunications networks are secure, and that our regulatory model serves New Zealanders well.”He said every decision was made on a case-by-case basis, and in accordance with New Zealand laws.
This could change if there is a change of government either here or in the US. The National Party is closer to China than Labour, Green or New Zealand First. A Democrat lead government in the US may want to take the heat out of trade tension with China.
Currently, no telco providers are using Huawei technology as part of their 5G networks in New Zealand – with Vodafone and Spark both working with Nokia.
But Spark and 2 Degrees have refused to say whether they would rule out partnering with Huawei for 5G networks in the future.