Isolation offers no cyber defence

Kiwis are too relaxed about handing over their personal data.
New Zealand could be good testing-ground for driverless cars. Photo / Bloomberg
New Zealand could be good testing-ground for driverless cars. Photo / Bloomberg

Technology might be breaking down the tyranny of distance, but there's still a distinctly New Zealand flavour to the way we use tech here at the end of the earth.

For a start, we're much more blase about handing over personal information than people in many nations, says Simpson Grierson partner Richard Watts.

Wearable technology that transfers masses of personal data, like the Fitbit, has been a hit here.

If you told a European you would like to take their Fitbit data, track their movements with GPS, then match it with relevant and personalised price specials at the local supermarket, they would go nuts, says the intellectual property and technology specialist.

"New Zealanders just say 'fantastic, sign me up' because I might get 10c off at Countdown." Geographic isolation has given New Zealanders a voracious appetite for technology and content, with a feeling of second-class citizenship if it's not delivered to the level our first-world peers enjoy.

We are upset that we can't get the American version of Netflix because we live in New Zealand, says Watts.

In fact, while teaching a tertiary class, he asked his students who would give up personal data in exchange for more Netflix content. Every person raised their hand.

The implications of the ease with which New Zealanders hand over personal data will become more pertinent when technology - which has already moved from the desktop to our pockets and from there to our wrists - makes the jump to "ingestibles".

These devices within our body have the potential to provide minute-by-minute data, not only to medical professionals, but to insurance companies, banks and retailers.

As well, it is estimated that by 2020, households will have as many as 50 connected devices, meaning 50 potential entry points that manufacturers and software developers need to keep protected from hackers.

Simpson Grierson partner Richard Watts.
Simpson Grierson partner Richard Watts.

The second issue, says Simpson Grierson senior associate Louise Taylor, is that it's virtually impossible for consumers to read, understand and track every single privacy policy.

"At some point, in order to comply with privacy legislation, the industry will have to take this seriously and help consumers manage their own data," she says.

Watts says part of the reason for our lax attitude to giving away personal data is that we haven't been exposed to major cyber-attacks.

While the hacking of adultery website Ashley Madison gained global media attention, there was little fallout here and no local equivalent has been widely publicised.

Taylor, a commercial lawyer who specialises in emerging technology, says our complacency is also driven by the misplaced view that our physical isolation means we're not on the hackers' radar.

"But geography doesn't matter," she says.

"There are no borders in cyber-land so we're just as exposed to security breaches as someone in Albania or Kazakhstan or wherever.

"Cybersecurity breaches have just no regard for borders.

"Because we've grown up feeling isolated, there has just been a general feeling that Ashley Madison, that happened over there, it's not going to happen to us.

"The potential scale of a cybersecurity breach is huge.

"It could shut down automated ports or milk processing plants.

"It has a potential major impact on industry as well as individuals."

We are suddenly becoming a quite interesting market from a technology perspective.

Richard Watts, Simpson Grierson partner

While cybersecurity is firmly on the radar of big businesses and boards, and the market is responding with more cybersecurity products and the first cyber insurance policies likely in the not-too-distant future, Taylor says it is still hard to make the topic of interest to the small to medium-sized enterprises that dominate New Zealand business.

"For those small businesses with limited resources, it might not become a priority until they do actually experience a breach."

Overseas, reporting regimes require significant security breaches to be publicly notified, something that could help raise awareness here, she says. But, with 97 per cent of business in the SME category, the need for growth and the desire for content, it all points to less rather than more regulation, Watts adds.

Internationally, we're regulatory followers rather than leaders, he says, which is the appropriate place to be given our market size and place.

Watts, who is often running a legal eye over local product releases from the global tech giants, says it is often a box-ticking exercise because if the product can launch in Europe, which is heavily regulated, it's okay for the New Zealand market.

"That's not a good reason not to regulate, but it has meant that we're at the end of the chain not the start of the chain." And regulation tends to stand still for a period, until big technology leaps force a re-write of the rulebooks.

Simpson Grierson senior associate Louise Taylor.
Simpson Grierson senior associate Louise Taylor.

An emerging example would be the use of blockchain in the financial services industry.

Originally developed for the virtual currency Bitcoin, the system, which Taylor describes as "a decentralised, consensus-based data structure", allows for fast, virtually tamper-proof transactions between users who may not know each other. It's technology that could potentially be put to use in land transfer systems, supply chains, authenticating diamonds and share transfers.

From an industry perspective, Watts say blockchain ticks all the boxes for things that keep people awake at night: security, speed and cost.

Rather than seeing it as a disruptor, traditional financial organisations are turning the technology to their advantage, Taylor says.

"Once the technology has been proven and the use cases have been proven within the industry, that's probably the point at which the regulators will step in and go 'okay, we need to make sure it's sufficiently secure and controlled'."

The potential scale of a cybersecurity breach is huge. It could shut down automated ports or milk processing plants.

Louise Taylor, Simpson Grierson senior associate

New Zealand's own appetite for technology and light-handed regulation that follows international best practice sets it up nicely to be at the forefront of technology development.

"I think businesses — and we're talking businesses overseas as well — should see New Zealand as a great place to innovate and test technology," says Taylor.

A good example, she says, is driverless cars.

Unlike other jurisdictions, a quirk of local law is that there is no requirement for cars to be driven by a human. That opens up the opportunity for driverless car testing across a range of conditions in a small market that has shown it is keen to adopt practical, non-gimmicky technology.

That test-market role was something New Zealand did well in the early 80s, says Watts.

"That very much fell away in the late 80s and the early 90s and is likely to come back now because we are suddenly becoming a quite interesting market from a technology perspective.

"Four million people is a great number to test things on, so that could be really positive."

- NZ Herald

Get the news delivered straight to your inbox

Receive the day’s news, sport and entertainment in our daily email newsletter


© Copyright 2016, NZME. Publishing Limited

Assembled by: (static) on production apcf04 at 26 Oct 2016 01:14:43 Processing Time: 1205ms