Griffin on Tech: Aussie's ransomware crackdown could make us a bigger target
You have to hand it to the 'Scotty from marketing'.
Despite the low-regulation, free-market bent of the Australian Government, Scott Morrison's administration has shown no hesitancy to intervene in all things digital.
The Liberals-led government has overseen the introduction of new laws specifically criminalising the spread of violent material with hefty fines for digital platforms that don't take action quickly to stop it.
Earlier this year it went toe to toe with Facebook over a move to force the social media giant to share some of its advertising revenue with traditional media outlets. That resulted in Facebook briefly blocking the web pages of all Australian news outlets before a resolution was negotiated.
It initiated a major investigation into the digital advertising industry, which revealed in detail the dominance of Google in the Aussie ad market. It has proposed new laws to counter the dominance of the likes of Google and Apple in the digital payments space.
This week, the Australian Government also introduced the Ransomware Action Plan, which will allow for new legislation outlining additional criminal offences that specifically relate to this type of tech-enabled extortion. Companies with annual revenue of A$10 million or more will now be required to inform the Government when they experience a cyber-attack or pay a ransom.
What are we doing?
At the same time, we've done very little in comparison to combat the overwhelming power of the Big Tech platforms even though we face the exact same issues in the digital space that Australia does. We've beefed up the Privacy Act somewhat, introduced a law against live streaming violence and are in the process of changing hate speech laws, which could have a moderating effect on social media discourse.
But as with our unique response to the pandemic, our largely hands-off approach to digital regulation could be viewed one of two ways - a masterful move that will see New Zealand better able to deal with these issues in the future, or a lost opportunity to lay the groundwork for a more equitable and productive digital economy.
Covid-19 response minister Chris Hipkins has been fond of telling us what a great position we are in, being able to watch how the rest of the world has gone about opening back up for business before forging our own path. So maybe holding back on regulating Big Tech or pushing for legislative change to better protect citizens from cybercrime and anti-competitive behaviour follows the same logic.
Or are we wasting precious time and deferring the tough decisions? What is objectively clear is that our thinking on digital issues is not as well developed as Australia's. It is hard to make piecemeal decisions that may require changes to legislation until we have a robust plan for the future. The digital strategy the government is currently consulting on is an important part of confirming and articulating that.
Digital strategy - have your say
IT Professionals NZ will next Thursday host a webinar with MBIE Policy Director Robyn Henderson, who has been charged with putting the strategy together. You can register for the webinar here and submissions on the strategy document are invited up until November 10.
When it comes to ransomware attacks, we are just as vulnerable as Australian businesses. Attacks have escalated in the last two years. The difference, once the new laws are passed by the Australian Federal Parliament, is that Australia will have sharper tools to go after ransomware criminals. The country is also investing to a much greater degree in cybersecurity capability to prevent attacks.
Their latest plan will also see the government introduce more law reforms to allow law enforcement agencies to seize or freeze the proceeds of ransomware gangs - such as crypto funds in digital wallets.
In reality, making such laws work against anonymous hackers in foreign countries will be very difficult.
But Australia has indicated to the world it will do everything it can to meet this threat. That's not necessarily the case here. The result is that we have now become a softer target than the Aussies.
You must be logged in in order to post comments. Log In
Ransomware targets are only valuable if they can pay, and all significant ransomware payments are via cryptocurrency. A ban on cryptocurrency would have an impact (though it might also affect the price of Bitcoin as ransomware payments seems to be a large part of its value proposition)
"a robust plan for the future"
One of the things not even Australia can legislate is what the future will be. A robust plan would then be one that could change to reflect circumstances, and thus would probably be modular and perhaps even distributed.
That begins to sound like piecemeal, not as a pejorative, but as a sensible way to deal with rapid change.
The confidence that Australia's grandstanding will lead to "the groundwork for a more equitable and productive digital economy" is impressive. After all the appropriation of advertising revenues from large foreign companies to prop up Murdoch's empire is hardly beneficial to any but a very elite few.