Australian businesses shouldn't have to clean up after other organisations' infosec oopsies. It’s time to get tough about data breach notification.
The Full Tilt
Stilgherrian delivers an undiluted dose of criticism and analysis of the ways digital technology is changing our world and the spin that goes with it.
Stilgherrian is a freelance journalist, commentator and podcaster interested in big-picture internet issues, especially security, cybercrime and hoovering up bulldust. He studied computing science and linguistics before a wide-ranging media career and a stint at running an IT business. He can write iptables firewall rules, set a rabbit trap, clear a jam in an IBM model 026 card punch and mix a mean whiskey sour.
Another week, another propaganda-driven proposal from the mind of Australian Attorney-General Brandis. This one assumes that ISPs need to fix other people's broken product distribution models.
Attorney-General Brandis is failing to join the dots when it comes to new ASIO powers and the push for mandatory data retention laws.
In one brief letter, the Australian government has shown that it's clueless about both technology and democracy.
Business has bought into the mythology of big data and pervasive "surveillance-based marketing and advertising", but its time is coming to an end, says 'Doc' Searls.
Some sections of the information security industry are finally realising that their whole approach is failing society, but fixing things will require a human touch.
Australia's Privacy Commissioner has shown he'll call out businesses that fail to protect personal data, and now he has the legislative teeth to punish them. But will it happen?
The latest changes to Android's app permissions takes a broken model and makes it worse. It's time for a complete overhaul.
We already know information security is in dire shape, so let's get on with fixing it — because we do know how.
More openness in Apple's mobile operating system is great for developers — and an enticement for hackers. Is Apple ready to face its new security challenge?
While the Internet of Things is clearly a security disaster waiting to happen, it could also be a massive opportunity for network management firms in the SMB sector.
Is the cloud the final computing architecture, as NetSuite CEO Zach Nelson claims? Even if it's not, the winners will be the transaction and infrastructure providers.
The idea that the internet generations don't care about privacy is a myth — so talk to them and find out the truth before collecting their personal data.
Yet another failure to tell users directly about security vulnerabilities highlights the need not just for mandatory data breach notification laws, but mandatory notification of security and privacy risks.
Uber, Lyft, Airbnb and the whole "sharing economy" are causing a rush of excitement, but don't confuse that thrill with any of them being good solutions for society's future.