Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Regulation. Show all posts
Trust
AI Automation Biometrics consent Cybersecurity Data Ethics Intelligence Privacy Regulation Security surveillance Technology Transparency Trust

Public Wary of AI-Powered Data Use by National Security Agencies, Study Finds

 

A new report released alongside the Centre for Emerging Technology and Security (CETaS) 2025 event sheds light on growing public unease around automated data processing in national security. Titled UK Public Attitudes to National Security Data Processing: Assessing Human and Machine Intrusion, the research reveals limited public awareness and rising concern over how surveillance technologies—especially AI—are shaping intelligence operations.

The study, conducted by CETaS in partnership with Savanta and Hopkins Van Mil, surveyed 3,554 adults and included insights from a 33-member citizens’ panel. While findings suggest that more people support than oppose data use by national security agencies, especially when it comes to sensitive datasets like medical records, significant concerns persist.

During a panel discussion, investigatory powers commissioner Brian Leveson, who chaired the session, addressed the implications of fast-paced technological change. “We are facing new and growing challenges,” he said. “Rapid technological developments, especially in AI [artificial intelligence], are transforming our public authorities.”

Leveson warned that AI is shifting how intelligence gathering and analysis is performed. “AI could soon underpin the investigatory cycle,” he noted. But the benefits also come with risks. “AI could enable investigations to cover far more individuals than was ever previously possible, which raises concerns about privacy, proportionality and collateral intrusion.”

The report shows a divide in public opinion based on how and by whom data is used. While people largely support the police and national agencies accessing personal data for security operations, that support drops when it comes to regional law enforcement. The public is particularly uncomfortable with personal data being shared with political parties or private companies.

Marion Oswald, co-author and senior visiting fellow at CETaS, emphasized the intrusive nature of data collection—automated or not. “Data collection without consent will always be intrusive, even if the subsequent analysis is automated and no one sees the data,” she said.

She pointed out that predictive data tools, in particular, face strong opposition. “Panel members, in particular, had concerns around accuracy and fairness, and wanted to see safeguards,” Oswald said, highlighting the demand for stronger oversight and regulation of technology in this space.

Despite efforts by national security bodies to enhance public engagement, the study found that a majority of respondents (61%) still feel they understand “slightly” or “not at all” what these agencies actually do. Only 7% claimed a strong understanding.

Rosamund Powell, research associate at CETaS and co-author of the report, said: “Previous studies have suggested that the public’s conceptions of national security are really influenced by some James Bond-style fictions.”

She added that transparency significantly affects public trust. “There’s more support for agencies analysing data in the public sphere like posts on social media compared to private data like messages or medical data.”
Read more »
User Privacy
Australian Government Cyber Security Data protection Privacy Reforms Regulation User Privacy

Australian Government Plans Privacy Overhaul after Attacks on Multiple Organizations

 

Two weeks after the Medibank hack, the Australian government has decided to introduce legislative reforms on cybersecurity regulation that would increase penalties for companies that fail to guard customers’ personal data. 

Australia’s largest health insurer said on Wednesday a hacker accessed the data of all its 4 million customers which included personal information like names, dates of birth, addresses, and gender identities, as well as Medicare numbers and health claims. 

The malicious actor claimed to have extracted nearly 200GB of files and has provided 1,000 records to the insurer to prove they have the data claimed. The hacker also threatened to leak the diagnoses and treatments of high-profile customers if the insurer fails to pay the ransom. 

According to the Health insurer, its priority was to discover the specific data stolen in relation to each customer and to share that information with those customers. 

The company had previously said the breach was thought to be limited to its subsidiary AHM and foreign students. 

“Our investigation has now established that this criminal has accessed all our private health insurance customers' personal data and significant amounts of their health claims data,” Medibank chief executive David Koczkar stated. This is a terrible crime – this is a crime designed to cause maximum harm to the most vulnerable members of our community.” 

Legislative reform 

Cyberattacks on Optus, Medibank, and MyDeal have forced the Australian government to introduce legislative reforms on cybersecurity regulation. Last month on September 21, the hackers stole the personal data of almost 10 million current and former customers of Optus, the country’s second-biggest telecom. 

Two weeks later, the hackers targeted MyDeal, an online retail intermediary that lost the data of 2.2 million customers. 

“As the Optus, Medibank, and MyDeal cyberattacks have recently highlighted, data breaches have the potential to cause serious financial and emotional harm to Australians, and this is unacceptable. Governments, businesses, and other organizations have an obligation to protect Australians’ personal data, not to treat it as a commercial asset,” Attorney-General Mark Dreyfus stated during the introduction of amendments to the Privacy Act to Parliament. 

The government is keeping a close eye on firms that collect more customer data than necessary to make money from it in ways unrelated to the services for which the information was provided. The penalties for serious breaches of the Privacy Act would increase from 2.2 million Australian dollars ($1.4 million) now to AU$50 million ($32 million) under the proposed amendments, Dreyfus added.
Read more »
Subscribe to: Posts (Atom)