The Weekly Cybers #43
Digital platforms are the target again this week, with under-16s to be banned from social media, and an anti-scam plan that shares the blame with banks, telcos, and more.
Welcome
The Australian government ratcheted up its war on the big digital platforms again this week, deciding on a social media ban for under-16s and a new framework to fight online scams.
They’re the biggies, but there’s a lot more this week. Read on!
PM announces social media ban for under-16s
“This one’s for the mums and dads,” said prime minister Anthony Albanese in Thursday’s press conference, kicking off the announcement of his intention to ban under-16s from social media.
“Social media is doing harm to our kids and I’m calling time on it. I’ve spoken to thousands of parents, grandparents, aunties and uncles. They, like me, are worried sick about the safety of our kids online. And I want Australian parents and families to know that the Government has your back. I want parents to be able to say, ‘sorry mate, it’s against the law for me to get you to do this’.”
The ban was endorsed by National Cabinet on Friday, and the Guardian listed the key elements.
- A minimum age of 16 to use social media;
- An obligation on social media services, not parents or young people, to take reasonable steps to prevent age-restricted users from having the account;
- Commencement 12 months after the bill’s passage, giving the platforms time to implement the ban;
- Exemptions to ensure young Australians retain access to the services they need;
- Robust protections for personal information and privacy issues with significant penalties for platforms that breach these provisions.
The Conversation has a solid backgrounder on the issues involved, calling the proposal “deeply flawed and [it] raises far more questions than it answers”, and noting the “many reasons” youths under 16 might need independent access to social media.
“Many teenagers hold down part-time jobs and have started thinking about future careers. Social media enables them to engage with educational institutions, potential employers and health services, as well as the personal networks of people with shared interests.”
Social media can also provide a sense of community for members of marginalised groups.
“The government’s decision not to exempt social media users under 16 years who have their parents’ consent will likely prove controversial.”
In another indication that this is more a pre-election hand-waving protect-the-kiddies feel-good exercise than a coherent strategy, Albanese dodged what might be considered a key philosophical question.
Q: “What social message do you think it sends that a 10-year-old can be sent to prison but will not be able to open an Instagram account?” A: “We are focused on this legislation that I have responsibility for. I have responsibility for this in showing national leadership and that is precisely what we are doing.”
Legislation will be introduced in the next session of parliament in about two weeks’ time.
The government is currently running a trial of biometric age-guessing technology, which will inform its process for deciding what counts as “reasonable steps” to prevent under-16s using the platforms.
As communications minister Michelle Rowland hinted last month, however, the platforms may be able to avoid the ban if they “develop age-appropriate versions of their apps, and embed safe and healthy experiences by design”.
On Friday she reinforced that message, saying YouTube would likely be age restricted but not YouTube Kids, as it’s a different product.
Anti-scam laws ‘strongest in world’, allegedly
Australia’s new “scams prevention framework” (SPF) will share the blame across social media platforms, telecommunications companies, broadcasters, banks, and insurance providers, with penalties up to $50 million.
This contrasts with the UK approach, something Australian consumer advocates were pushing for, which makes the banks solely responsible for reimbursing scam victims.
Instead, the SPF is described in terms of “clear pathways to compensation” and “clear, accessible and transparent” internal dispute resolution mechanisms.
The Scams Prevention Framework Bill 2024 would cover a wide range of platforms. From the explanatory memorandum (PDF):
“As the SPF would be intended to address where scams harms are most prevalent, the social media services that could be captured would include Facebook, YouTube, Instagram, Snap, TikTok, Pinterest, Reddit, LinkedIn, BeReal and X. This is based on the ACCC’s 6th interim report of the Digital Platform Services Inquiry, which identified services of Meta (Facebook, Instagram), Google (YouTube), ByteDance (TikTok), Snap (Snapchat) and Pinterest having over 5 million monthly active users in 2022.”
The definition of social media being used is the one in section 13 of the Online Safety Act 2021.
The government’s press release reckons the SPF is “the strongest defences against scammers in the world”.
Also in the news
- “Australia is axing a $7 billion military satellite project, leaving defence comms potentially vulnerable”. Apparently the three-satellite geostationary system would have been vulnerable to anti-satellite systems. Now Defence wants a mesh of micro satellites.
- “Jobseekers are being asked to adjust their reporting to employment service providers to avoid a government tech glitch or risk losing their payments, shifting more burden onto vulnerable people,” reports InnovationAus.
- The government will publish the secret section of the robodebt royal commission report, but the timing will depends on the “eminent person” who will be reviewing the National Anti-Corruption Commission’s decision not to investigate six people named in that section.
- The Australian Digital Health Agency (ADHA) has started exploring new solutions to upgrade My Health Record following a damning audit report into how it managed its contracts with Accenture.
- Treasury’s expenditure review committee has set its sights on agency IT proposals that don’t meet architectural standards or are otherwise non-compliant. Apparently some proposals have been skipping over the need for an assurance plan that’s been signed off by the Digital Transformation Agency (DTA).
- The House of Reps made a number of amendments (PDF) to the Communications Legislation Amendment (Combatting Misinformation and Disinformation) Bill 2024, although debate continues.
- Eight staff of an Australian Electoral Commission (AEC) contractor fabricated location data on Indigenous communities during last year’s Australian Indigenous Voice referendum.
- How Australian politicians are using Red, an emerging Chinese social media app.
- The government has quietly shelved plans for local content rules for the video streaming platforms. As ABC News notes, “The rules were at the centre of the federal government's plans to help rejuvenate the local arts sector”.
- Don’t be embarrassed! Small business minister Julie Collins has called for SMEs to report the cyber attacks they suffer.
- Services Australia CEO David Hazlehurst has been chastised for responding to Senate Estimates questions with “available on data.gov”. To be fair, the data they’d asked for apparently ran to millions of pages. An argument followed.
- Another big batch of government agencies tabled their annual reports this week. You can grab them all by filtering for them at parliament’s Tabled documents database.
IF YOU FIND THIS NEWSLETTER HELPFUL, PLEASE SUPPORT IT: The Weekly Cybers is currently unfunded, so it’d be lovely if you threw a few dollars into the tip jar at stilgherrian.com/tip. Or just forward this email to others who might like it.
Elsewhere
- Is “brain rot” a myth? UNSW psychologists say there’s “a lack of evidence showing excessive doomscrolling of social media is responsible for the mental fatigue, lack of focus, and reduced cognitive function”.
- An unnamed Sydney hospital has lost $2 million in an alleged business email compromise (BEC) fraud. A 49-year-old Yagoona man has been arrested, charged, and refused bail.
- Subsidiaries of Optus have paid more than $12 million in penalties for breaches of Triple Zero emergency call rules after an investigation by the Australian Communications and Media Authority (ACMA). Optus had failed to connect emergency calls for 2,145 people during last year’s outage, then failed to conduct welfare checks on 369 of those people.
- Smart glasses such as Ray-Ban Stories by Meta enhance your self-image, at least according to those who own them. But a survey of around 1000 Australian adults, of which more than half owned smart glasses, found that non-owners were more likely to have concerns about privacy and potential social disruptions. And already, 13.5% of owners admit to dangerous use and 17% to anti-social use.
- Craig “I Invented Bitcoin No Really” Wright is battling a contempt of court case in the UK. Wright rejects a judge’s ruling from May that he lied “extensively and repeatedly” and forged documents “on a grand scale”.
- Indonesia has banned Apple’s iPhone 16 because it doesn’t meet the 40% local content requirements.
- From The Conversation, “Why do organisations still struggle to protect our data? We asked 50 professionals on the privacy front line.”
- It’s from last month but I can’t resist the schadenfreude. The EU has decided that X is not important enough to be regulated under their Digital Markets Act.
DOES SOMETHING IN THE EMAIL LOOK WRONG? If there’s ever a factual error, editing mistake, or confusing typo, it’ll be corrected in the web archives.
Inquiries of note
Nothing relevant to this newsletter.
What’s next?
Parliament takes a break this week before returning on Monday 18 November for what are currently scheduled to be its final two weeks for the year.
On Friday 15 November there’s a public hearing in Canberra for the inquiry into the use and governance of AI systems by public sector entities.
The Weekly Cybers is a personal look at what the Australian government has been saying and doing in the digital and cyber realms, on various adjacent topics, and whatever else interests me, Stilgherrian, published every Friday afternoon (nearly).
If I’ve missed anything, or if there’s any specific items you’d like me to follow, please let me know.
If you find this newsletter useful, please consider throwing a tip into the tip jar.
This is not specifically a cyber *security* newsletter. For that that I recommend Risky Biz News and Cyber Daily, among others.