Baby monitors are the front line for new digital safety rules
Tech giants that provide software to internet-connected devices such as baby monitors would be made liable for keeping images and other data safe from hackers under a major shift in cybersecurity strategy flagged by the Albanese government.
Home Affairs minister Clare O’Neil said software and device vendors such as Microsoft, Apple, Google and Amazon needed to take responsibility for the digital safety of their products, in what she said needed to be a “mindshift change”.
“We need to use the power of government and the power of big institutions to help protect people better from this problem, and shift responsibility to those who can actually literally change it,” Ms O’Neil told a forum at the National Security College on Monday evening.
Big tech could be made liable for the cybersecurity of the software in consumer digital devices.
“We need to make safety a core part of technology rather than just an optional add-on that you might be thinking about after the product is designed.”
The move to make the big tech vendors liable for cyber and privacy security marks a major change in policy thinking to make providers and software developers responsible, rather than customers having to deal with endemic cyber breaches, personal information leakages and banking scams.
Microsoft dominates enterprise desktop software, but often has to make dozens of bug patches to core operating systems on the first Tuesday of every month, known in the industry as “Patch Tuesday”. Other major software developers often are also forced to make major security updates.
Ms O’Neil’s comments come after bookseller Dymocks admitted to a breach of personal information, the latest in a string of major data breaches. Security analyst Troy Hunt said files with 1.3 million records, including 830,000 email addresses belonging to Dymocks customers, have been circulating on the dark web following the breach.
Mandatory labelling
Ms O’Neil said people were being left powerless and uninformed about cyber risks. At the same time, generative AI was driving major changes in technology.
“We’ve got to stop leaving citizens and small businesses and other people who are quite vulnerable and unable to do much to reshape the cyber environment around them,” she said.
Ms O’Neil drew an analogy with infant car seats.
“We would not allow an unsafe car seat to be sold in our country. We’ve spent a generation trying to make sure that people who design these products, that they are safe to use, when you need them.”
She signalled long-awaited mandatory labelling for smart home and internet of things devices, such as baby monitors, would also be part of Labor’s first cyber-security strategy, expected to be released in November.
The industry has been calling for Australia to follow Britain and make the current voluntary standards enforceable.
Ms O’Neil said internet-connected baby monitors were “wonderful technology but, in many cases, lousy cybersecurity”.
“We are talking about products here, which are integral for the lives of our children and yet no one has thought about the cybersecurity and what could be done with those images.
“What’s missing here is that secure-by-design software, which makes it really hard for hackers to get access to the device.
“And a safety standard sticker on the back that enables a consumer to see – a mum who goes into the shop or a dad who goes into the shop – at a glance, that the designer of that product has thought about security from the very beginning, just like the car seat manufacturer must comply with that set of mandatory standards if they want to be allowed to put a safety sticker on their product.
”You shouldn’t be allowed to put things on a shelf for an ordinary Australian to come by and pick them up and buy them if you know those products are inherently unsafe, or if you haven’t bothered to think about it.
“We can’t be so lax about how we think about these issues anymore.”
Ms O’Neil said there had been no real discussion and accreditation for products that tell consumers whether these were cyber secure.
Introducing your Newsfeed
Follow the topics, people and companies that matter to you.
Find out moreRead More
Latest In Federal
Fetching latest articles