House debates
Wednesday, 21 June 2017
Private Members' Business
ThinkUKnow Program
12:01 pm
Nola Marino (Forrest, Liberal Party) Share this | Link to this | Hansard source
I move:
That this House:
(1) recognises the work of the Australian Federal Police (AFP) through the ThinkUKnow program, a free, evidence-based cyber safety program, to provide educational presentations to parents, carers and teachers, and students across Australia;
(2) further recognises that ThinkUKnow is Australia's first and only nationally delivered crime prevention program that is delivered in partnership with law enforcement and industry;
(3) thanks the dedicated volunteers and federal, state and territory police forces that have delivered ThinkUKnow presentations to more than 150,000 school students from year three through to year 12; and
(4) congratulates the Government and the AFP for leading the way by partnering with state and territory police forces, and the private sector, to develop new measures to keep our children safe in the online environment.
Mark Coulton (Parkes, Deputy-Speaker) Share this | Link to this | Hansard source
Is the motion seconded?
Julian Leeser (Berowra, Liberal Party) Share this | Link to this | Hansard source
I second the motion and reserve my right to speak.
12:02 pm
Nola Marino (Forrest, Liberal Party) Share this | Link to this | Hansard source
I think all of us understand why there is a great need for resources in relation to children's safety online. ThinkUKnow is a free, evidence based cybersafety program that provides presentations to Australian parents, carers, teachers and students. It provides information on the technologies young people use, on the challenges they may face and, importantly, on how those challenges can be overcome. Presentations are delivered face to face or digitally.
ThinkUKnow aims to provide parents with the tools to create a safer online environment for young people in their care. The presentations cover what young people say, see and do online. They cover topics such as social-media reputation management, cyberbullying, sexting, online grooming, online gaming, inappropriate content, privacy management, identity theft, how to protect devices and how to report matters when things go wrong. The program bridges the knowledge gap between adults and young people so that everyone has an understanding of the roles they play and what they can do if something goes wrong online. The adult and youth presentations have been designed to align to ensure adults receive complementary information to assist them in communicating with children and young people about the technology they use. It is becoming increasingly urgent to bridge the digital generational gap—I know this through the presentations I do myself—ensuring parents, teachers and carers are vigilant for the signs of online dangers.
In 2015, the AFP received more than 11,000 reports of online child exploitation. Predators are very clever at exploiting vulnerable young people exploring the online environment, so it is more important than ever that we know the risks our children may be exposed to and how to minimise these risks, including where to report problems.
Educating parents and teachers about how to keep our children safe online has never been more vital. This is why I have given hundreds of cybersafety presentations to schools, community groups and parents.
In 2015-16, the ThinkUKnow volunteers delivered more than one presentation each day of the year, a total of 386, to more than 10,000 parents, carers and teachers. They are doing a great job. In 2015-16, state and territory police delivered ThinkUKnow presentations to more than 150,000 school students from year 3 through to year 12. ThinkUKnow is a vital initiative that demonstrates the commitment of the government to educating our children on how to stay safe, respectful and resilient online.
The majority of states and territories across Australia are signed partners with ThinkUKnow, including WA Police, Northern Territory Police, SA Police, the New South Wales Police Force, Tasmania Police and the Queensland Police Service. ThinkUKnow is yet another example of the work the government and the Australian Federal Police are doing working together to keep our children safe online, as is the work the government is doing with the eSafety Commissioner. When you look at the ThinkUKnow website you see the practical tools—how to have fun, how to stay in control, how to report—and a great cybercafe. It covers a range of different issues in how to have fun—in chatting, in instant messaging, in emails and mobiles, in chat rooms, on social networking sites, in file sharing and gaming—and gives very practical support for young people.
In the 'How to report' section it explains how a lot of young people do not understand who they could be talking to, where those people are and what they actually might want from that young person. They are told on the ThinkUKnow site that sometimes things make them feel upset, that people play games and share pictures. Some things make them upset: they may say nasty things and upset children, or they might see things they do not like. Of course it is not their fault. They need to tell their trusted adult straight away, to tell them about what is going on online. They need to save any messages that may have upset that child so that they know—you can show that to the person, your trusted adult, that you are telling it to, whether it is your school, your teacher, the local police: whoever is required. And there is no way these young people will get into trouble for this.
12:07 pm
Gai Brodtmann (Canberra, Australian Labor Party, Shadow Parliamentary Secretary for Defence) Share this | Link to this | Hansard source
As the shadow assistant minister for cybersecurity and Defence, I thank the member for Forrest for bringing forward this motion on cyber safety, because with the speed at which technology evolves, we can never talk about and we can never hear enough about cyber safety. Programs like these are really important. They make a valuable contribution to our community. They make a valuable contribution in covering a range of topics of concern to the community, including sexting, cyberbullying, online child exploitation, online privacy and what steps need to be taken when things go wrong.
A cyber safety presentation covering the perspectives of both the law enforcement and the industry provides our communities with a greater understanding of what the cyber threats are, whether there are criminal implications and what enforcement or other outcomes could result. While there is a range of these programs for very small and teenage Australians and Australians in their twenties, we also need to spend as much time focusing on parents and grandparents. In my first term of parliament I ran a series of cyber safety presentations where we actually introduced and discussed with grandparents in particular what was taking place online, the challenges that their grandchildren were confronting and how they could play a role in ensuring that their grandchildren in particular were safe.
While our understanding of the cyber environment grows, we are seeing more of us develop a digital footprint with more of our personal lives and transactions occurring online. In light of this, we need to consider whether our legal frameworks are keeping up with the pace of change. Just last week we considered changes to the enhancing online safety and protecting minors online issue. In the enhancing online safety debate, we heard how the changes would enhance the soft powers of the eSafety Commissioner. In the protecting minors online debate, we heard how changes to the code could protect children from grooming and exploitation and where suspects could be apprehended or charged before an event took place. This is in response to that tragic circumstance surrounding what happened to Carly Ryan.
While the protecting minors online bill will be considered further, subject to the outcome of a Senate inquiry, we missed a significant opportunity with the Enhancing Online Safety for Children Amendment Bill. The bill did not create any new offences or civil penalties and it did not provide any new regulatory powers. It failed to take account of policy suggestions from Labor—from the member for Gellibrand—about criminalising the non-consensual sharing of private sexual material, or, as it is known, revenge porn.
In 2016, both a Senate inquiry and COAG recommended that the Commonwealth legislate for offences in relation to revenge porn, but the Turnbull government failed to act. In parallel, some states and territories have begun to criminalise the conduct at the state and territory level. They have responded in the past 12 months. But, even now, there is still no overarching Commonwealth law that can provide consistency, a baseline of protection across the nation that will address the inconsistencies from state to state and territory to territory. The Turnbull government will make the excuse that, in November 2016, COAG agreed to develop principles for harmonising revenge porn laws, but they have made no commitment to introducing or supporting Commonwealth legislation to criminalise this outrageously egregious behaviour. That is why Labor reintroduced its bill in October 2016. Labor will continue to fight for the criminalisation of revenge porn, including the creation of appropriate Commonwealth offences. Again, I commend the member for Gellibrand, who initiated that bill. Just because the Turnbull government has its head in the sand on these issues does not mean we are afraid to tackle them head-on. Labor members, like the member for Gellibrand, are tackling this head-on.
Until now, our focus has been on promoting education and awareness of internet safety and responsibility. Last week's consideration of the protecting minors online bill was the first time in many years that a government had pursued a legislative enforcement option to address online predators. Labor wants to ensure that all Australians feel safe online and recognises that parents should be able to feel safe knowing that their children will not meet the same tragic fate as Carly Ryan. Our legal frameworks need to continually adapt to the technological environment and community expectations—they are vitally important—as they evolve over time to ensure that enforcement and safeguards are in place so that Australian children are safe and parents can have peace of mind knowing that their children are being kept safe.
12:11 pm
Nola Marino (Forrest, Liberal Party) Share this | Link to this | Hansard source
I seek leave to continue my comments.
Leave granted.
I continue my remarks around the ThinkUKnow program and the need for parents to be very well aware of what their children are involved with online. ThinkUKnow is one initiative of this government; the Office of the Children's eSafety Commissioner is another, and a very valuable resource it is, too.
One of the elements of ThinkUKnow is a wonderful children's line, a free service that is available for young people. The number, for those who might be interested, is 0800 1111. What young people will find at the end of this line is a counsellor who is going to listen, who will not make judgements and who will be able to give them good advice. When young people do something silly, make a mistake or come across things that scare them, they often will not talk to mum or dad. From my experience of hundreds of cybersafety presentations and just listening to children in those presentations, I know a number of them choose not to tell mum or dad or even a trusted adult—and that is what I asked them to do, to find that trusted adult—because they are worried that mum and dad might punish them, take away the device or limit the amount of time they can have to use the device. When that is the case for a young person, I really encourage them to call either the Kids Helpline or Childline, which is part of ThinkUKnow. Not only is it, as I said, a free call for these young people who are worried about what is going on; it does not actually show up on their phone bill either. Given that that can frequently be a very important issue for a young person, it is a very good service to help them deal with what they need to deal with online.
We know that the majority of people using the wonderful resource that is the internet are there for the right reasons, but, with the proportion that are not, children need to know how to stay safe, where to go for help and who to ask for help, which is where the Children's eSafety Commissioner comes in.
When I talk to young people, I cover items such as Facebook and Twitter, their digital and online footprint, cyberbullying and the issue of online grooming for sex, which, unfortunately, is too common. I talk about sexting and scams as well. It is interesting that the youngest person that we have had so far was a young girl of 11. Her mother rang my office after one of my presentations to say that after listening to the presentation her 11-year-old daughter had come home to say, 'I've just realised I'm being groomed online for sex'—she is 11. In some of the other presentations I have done, the young people who have come forward were 13 and 14. When we talk about the issues around image based abuse and we see young people who take naked or semi-naked photos and share them, it is also a great concern. Only a couple of weeks ago, I did a presentation to a school in the southern part of my electorate and I had a parent ring me since who said, 'My 13-year-old daughter has just told me that she shared a completely naked photo of herself with her boyfriend. They have now separated and he has chosen to share those photos with his new girlfriend and others.' The thought of a 13-year-old girl sharing those photos in the first place is an issue, but then what happens to those photos and the fact that they are basically there forever is of real concern. The fact that the child was able to talk to her father about this problem was a positive, and the fact that he was then going to talk to the eSafety Commissioner about how to get this dealt with was even better. It is very important that young people assume that whatever they share could well be available for others to see, use and share almost indefinitely. That is something that I frequently find young people do not understand, and even adults do not understand, in this space. Simply pressing 'Delete' on your particular device is not enough because this is out on the internet. Subject to the opposition's support, I will continue my remarks later.
12:17 pm
Tim Watts (Gellibrand, Australian Labor Party) Share this | Link to this | Hansard source
I thank the member for moving this motion. Protecting ourselves in the digital age is a challenge that most Australians, young and old, are still coming to grips with. SoThinkUKnow, a free program of cybersafety presentations for parents, carers, teachers and students, is a valuable resource. It is pleasing to see that the initiative was a partnership of the AFP, the Commonwealth Bank, Microsoft and Datacom working closely with state and territory police and Neighbourhood Watch Australasia. Government, business and the general public all benefit from a more secure and resilient info security environment, so collaborations of this kind are important. ThinkUKnow presentations addresses themes, including reputation management, bullying, sexting, grooming, online gaming, privacy management, identity theft, how to protect your devices and what to do when things go wrong.
Australian children are not the only ones who need to educate themselves about how to protect themselves online from online risks. To this end, I encourage all members and staff to participate in the cybersecurity training currently being offered by the Department of Parliamentary Services because, in recent times, members of parliament, their staff and campaign volunteers have become prominent targets for cyberthreats. All MPs should understand that info security is not just a matter for ministers and our security agencies. Infosec is not about protecting classified government information anymore. Hackers now routinely target elected representatives, candidates and staff in political systems around the world with a wide range of motivations. As public figures, politicians are uniquely vulnerable to doxing, ransomware attacks and old-fashioned blackmail.
As influential figures in government policymaking, we are also major targets of influence operations from foreign adversaries using online tools. A report from the US Office of the Director of National Intelligence outlining the US intelligence community's assessment of Russian efforts to use cyberoperations to influence the recent US election told a damning story in this respect. The success of Russian cyberoperations in the US election should be a warning to political actors around the world. Indeed, before the high-profile attacks on Hillary Clinton and the DNC, there were major spear phishing attacks on politicians from Germany, Taiwan, Japan and a range of South American nations. Recent events in the US will only encourage further attacks. It would be naive not to think that Australian political figures are not targets for these kinds of attacks. This risk will only grow as the global geostrategic environment, and Australia's role in it, becomes more complex and contested.
Despite the periodic release of much-ballyhooed cybersecurity strategies, little of this has seeped into the consciousness, and more importantly, into the behaviours of people working in and around Australian politics. You would get mostly blank looks if you tried to start up a conversation in this building about the implications of the Mirai botnet or the Shadow Brokers information dumps—two of the most significant InfoSec developments of the past 12 months. The real-world impact of the WannaCry ransomware worm has attracted some attention in this chamber, thanks to its significant impact on the UK National Health Service. But you would think people would be more interested in exploring the implications of what appears to have happened here: namely, an NSA-developed exploit being stolen by a hacking group that is widely viewed as being a front for a government actor, that exploit being dumped online publicly and then the North Korean government seemingly picking it up and operationalising in a ransomware attack.
It is only a matter of time before we see our own political InfoSec scandals. Indeed, we have already seen evidence that the online security of MPs has been compromised. MPs, staff and campaign volunteers routinely use online platforms outside those administered by DPS: social media platforms like Facebook, Twitter and Instagram; private email accounts like Gmail and Yahoo; collaboration platforms like Slack; and a range of CRM platforms. Almost all of these services would contain sensitive information that would be of value to third-party attackers.
The Have I been pwned website, operated by Australian web security expert and Microsoft regional director, Troy Hunt, aggregates data comprised of these data breaches and allows users to search for their usernames or emails within it. You can find a number of compromised accounts associated with Australian members of parliament official APH email addresses on this site. No doubt, many more accounts associated with the private email addresses of MPs and their staff will have been compromised in this way. I encourage members and their staff to check their email addresses and usernames on this site, to change the passwords associated with any of the accounts that have been compromised and to cease using the compromised passwords on any other accounts.
To build resilience against online threats across our political system we need to invest in awareness, competence building and information sharing about attacks within the political community. That is a responsibility that falls on every one of us in this chamber.
12:22 pm
Ed Husic (Chifley, Australian Labor Party, Shadow Parliamentary Secretary to the Shadow Treasurer) Share this | Link to this | Hansard source
I am happy to speak on this resolution. It is an important resolution that has been moved by a member of parliament who has expressed views about this, has had concerns about this and has thought a lot about this. It was very good that she brought it to the parliament.
I want to expand on a point that was made by the member for Gellibrand—he did it in a lot more of a diplomatic way than I will—which is that this is an important issue, particularly for members of parliament that are setting a policy on this. Our side has stumped up with a number of members to actually speak on this. We had to have the mover of the resolution speak on this a number of times. Why? Because none of those opposite, who are in government and who have more MPs than us, could be bothered to speak on this resolution. That, of itself, is a problem. And here is why: we need—as the member for Gellibrand rightly reflected in his contribution—more MPs to be thinking about this. The more MPs realise that they are vulnerable and the more that they realise it in the areas where they become more and more responsible—for example, when moving from being MPs to actual ministers—then they have to make decisions that will potentially impact or deal with some of the issues that are at the very heart of what we are discussing here.
What the member for Forrest has raised is really important. It is something that occupies the minds of parents across the country and, I dare say, a lot of parents who are in this building. It is important that we support initiatives that concern the way in which young Australians, and particularly those that are impressionable, engage with technology. There is not a parent in the country who does not see their young kids already embracing technology very early in their life. You can see two-year-olds—I see it with my own son, but you see it with others—that embrace technology and can navigate around it. When you see a four-year-old using Siri on an iPad, you know that they are starting to become a lot more au fait and comfortable with technology. I completely endorse this resolution and what is behind it in terms of the way that the member for Forrest addressed that, as well as the other members who have contributed in this.
Moving beyond cybersecurity and moving into the broader issue of digital transformation within government, the problem is that a lot of MPs do not engage. There is a lot at stake financially, and also from a security perspective, if they do not do it. We need more and more interest in it.
Again, as the member for Gellibrand rightly pointed out, you could name a number of different attacks and a number of different players on the international stage who are knowingly exploiting vulnerabilities in a way that would cause governments and politicians grief. Elsewhere we have seen, as has been reflected most prominently in the US election, this being done in a way that could potentially impact or influence the outcome of those elections while we are blithely walking along thinking that it will not happen to us—until we get tripped up. We need ministers around the cabinet table who are actively engaged in making decisions that will protect governments, departments and businesses. Also, it is hard for us to say to businesses, 'You need to take this seriously,' if the people who are sending that message are not doing it themselves at a government level. That needs to be done as well.
We have been critical, too. To her great credit, Prime Minister Gillard moved to build on some of the work in cybersecurity from a government perspective, releasing some of the initiatives and the strategies that we wanted to see in this place. We have had a lot of talk out of this government, but it has taken a very long period of time to act on it. It took a long time to appoint key personnel into positions regarding cybersecurity, and there are still concerns about how fast government is moving on this. I think that is something that needs to be pursued here but, again, if you cannot get interest from the government—from its own MPs—to support a resolution like this and to step up today, you have to wonder whether or not that is reflected at senior levels as well. They might have some people appointed to it, but there is only one. You rarely hear many of the others actually working on it.
I also wonder why we have an assistant minister focused on this area and why we also have another body in the DTA. It has now set up its own cybersecurity arm within it—all to make it look like they are doing a lot. We are asking the question, 'How effective is it?' It would be great to have a clear, concise demonstration of will being directed to outcome, so that we do not have more of this happening and impacting on government. But, again, I do commend the member for Forrest for raising this. This is very important for us to focus on.
Michelle Rowland (Greenway, Australian Labor Party, Shadow Assistant Minister for Communications) Share this | Link to this | Hansard source
Thank you. There being no further speakers on that motion, the time allotted for this debate has expired. The debate is adjourned and the resumption of the debate will be made an order of the day for the next sitting.