2023 Wrap Up: what’s hot, what’s not, what’s coming…

This is our final update for 2023, so here’s a little roundup of the highlights and lowlights of the year, as well as a sneak peek into what’s coming in 2024. But first…

A note from the Digital Rights Watch Chair 

It’s been another big year at Digital Rights Watch HQ (on the internet). Over the course of 2023 we made fourteen submissions to government inquiries, bills and consultations, took part in more than ten roundtables, appeared at three parliamentary hearings, and appeared in the media over 80 times. To me, the critical importance of this work is self-evident. If we don’t fix how our online world is governed, it remains virtually impossible to build functioning community spaces, or a public space to debate difficult problems like climate change, racial injustice and our response to military violence. If we don’t improve our privacy laws, generations of kids will be surveilled by predatory businesses that do not have their best interests at heart. If we don’t get our approach to online safety right, vulnerable people will be pushed further to the margins. I remain hopeful that a rights based approach gives us the best chance at making good policy that puts the power of tech back in the hands of people. If you agree, please consider supporting our organisation however you can. We have some tough adversaries out there and we welcome your support. – Lizzie O’Shea, Digital Rights Watch Chair

What’s hot

Making waves on renter digital rights and RentTech 

Over the past 18 months we’ve been kicking up about renter privacy, digital security and RentTech. We’ve made submissions to federal, NSW, and South Australian and Victorian inquiries on rental reform, drawing policymakers attention to the ways that digital technologies and data gluttonous habits in the real estate sector are creating dangerous risks for renters. Our Head of Policy, Sam Floreani, gave evidence at two public hearings and we are thrilled to see both the Victorian and South Australian governments start to make changes to better protect renter privacy. You can read more about our work on this here. 

Turning campaigning for privacy reform into a team sport

Over 2023 we’ve been working behind the scenes to build a strong coalition of organisations to pushing for privacy law reform. In particular, we’ve been working with children’s rights groups and public health organisations to highlight the ways that protecting privacy is essential to both areas’ work. Privacy often gets treated as a niche issue, but it’s not! The way our personal information is collected, used, and exploited impacts everyone and intersects with a broad range of social issues. We’re demonstrating to the government that there is a broad public mandate for robust privacy law reform—we know there are powerful adversaries who want to water down improvements, so we are building power across organisations and expanding beyond the regular privacy suspects to put up a fight. If you want to support this work, sign onto the open letter calling for privacy reform to enhance the wellbeing of everyone, especially children. 

Finally listening to privacy and security experts on age verification and metadata 

Long term supporters might remember that the metadata retention scheme was the catalyst that led to Digital Rights Watch being founded in 2016. We led significant pushback on the scheme at the time, and since then have loudly noted that over-collection and storage of data creates significant privacy and security risks. It’s a shame that it has taken several severe data breaches for politicians to understand that data minimisation is important. Nonetheless, we love to see the ALP flagging their intention to reconsider the metadata retention scheme as well as reviewing other laws that require companies to collect and retain data. 

In a similar vein, been fighting the proposal for mandatory age verification for close to three years. Earlier this year, the federal government decided against moving ahead with the eSafety Commissioner’s roadmap for age verification. Read more about the risks of age verification, our advocacy work on it, and the decision here. There is strength in being able to reconsider an established policy agenda, so we welcome the instances when policymakers listen to advocates and decide to change course for the better. More of this in 2024, please! 

What’s not

Conducting 140 million unlawful identity verification checks

The Australian Government conducted hundreds of millions of identity checks without a legislative framework in place to govern it – making it likely unlawful. Yikes! The government attempted to rush through legislation to remedy the situation. The proposed bill contained abysmal privacy protections, and was completely out of line with the Digital Identity Bill which was also under consultation at the same time. What a mess. Happily, as a result of our advocacy and work of the Human Technology Institute, there were 38 amendments (that’s a lot for this kind of bill!) that vastly improved its privacy protections.  

Wanting the tech industry to scan people’s emails, messages and personal file storage 

Many of us watched in outrage as the UK and the EU debated whether it’s a good idea for tech companies to scan people’s emails, texts, personal file storage (and more!) to proactively detect illegal material. Now, the Australian eSafety Commissioner wants to do the same here. Client-side scanning (that is, scanning that happens on your device rather than the server) creates the capacity to scan files that might otherwise never leave your device, pushing across the boundary between what is shared and what is private. Regardless if it “breaks” encryption or not, it fundamentally undermines the promise of secure and private communications.  

Security experts, scientists and academics, privacy advocates, legal researchers, and digital rights organisations have all highlighted how this technology is dangerous. Child safety groups have also questioned the utility and risks of the tech. In late 2022, Apple rolled back its own plan to scan users’ photos stored in iCloud due to unreasonable privacy and security risks. In 2023, the UK government acknowledged that it’s not possible to scan end-to-end encrypted communications without undermining privacy. That’s a lot of well-informed people ringing the alarm on this tech. For Australia’s eSafety Commissioner to ignore these developments shows an alarming disregard for community concerns, the advice of technical experts, and ultimately, the safety of internet users (including children!). 

We’re still looking for organisations and individuals to sign onto our joint letter urging the eSafety Commissioner to protect digital security and privacy. Read more and sign on here. 

Being a hectic tech billionaire drama queen 

Which one are we talking about? Is it Elon Musk having a hissy fit every other day, making a string of terrible calls, and driving Twitter/X into the ground? Or could it be the soap opera surrounding Sam Altman’s dramatic firing and rehiring? Or perhaps when Marc Andreessen self-published his self-serving and absurd techno-optimist manifesto? Or what about when a bunch of them got together to crank the AI hype machine and freak everyone out over the “existential threat” of AI, in turn degrading the state of public and political debate about AI and how to regulate it? 

It would be funny if it wasn’t deeply alarming that these are people who hold disproportionate power in determining the trajectory of technology. We do not love to see it.  

What’s coming in 2024…

  • Online Safety – in addition to the current consultation on the draft Industry Standards (submissions due 21 December!), new Basic Online Safety Expectations are also open for consultation over summer. In 2024 we’re also anticipating the review of the Online Safety Act, as well as the development of a new array of codes that will be focused on online pornography. 
  • Digital Identity – Much of the government’s digital agenda relies on the establishment of a robust digital ID framework, so we expect they will work hard to pass the Digital ID Bill which has been developed this year. There is an inquiry into the Bill happening over summer (submissions due 19 January!) which will likely lay the direction for the rest of the year’s work on this.  
  • Privacy reform – Alas we had hoped that we would finally see privacy reform in 2023, but rest assured we will continue to push for it in 2024. We are also feeling excited about what might come out of the OAIC under new leadership of former Ada Lovelace Institute Director, Carly Kind.  

Other than that? We’ve got our eye on movements in AI regulation, consultation on the new cyber security strategy, an inquiry into sovereign tech capability, and re-formed efforts to crack down on online mis- and dis-information. 

Have we missed anything? We’d love to hear from you on what you think are the big issues on the horizon, and what you’d like to see Digital Rights Watch work on. We’re always open to suggestions, feedback, and opportunities to partner or collaborate with other organisations. Our inbox is open! 

As always, we couldn’t do this work without our generous supporters. If you have the means, please consider making a donation to ensure we can continue to stand up for digital rights into 2024 and the future. 

Wishing everyone a restful festive period, see you in January! 

In solidarity,

Sam and the whole Digital Rights Watch team

P.S. If you’re buying Christmas gifts, don’t forget to check out Mozilla’s Privacy Not Included gift guide – no-one wants to accidentally give the gift of surveillance!