Yep, this edition of WTF now?! is on AI, again! Copyright and AI has popped up again this week with Senator David Pocock sparring with Minister for Industry and Innovation and Minister for Science Tim Ayres in Question Time yesterday about whether a closed-door text and data mining deal is being considered. Despite Assistant Minister for Science, Technology and the Digital Economy Andrew Charlton talking up data centres last week, Ayres reiterated the government position that a TDM exception is not on the table. With the issue seemingly not put to bed it’s no surprise Screenrights is looking for a policy lead who will have responsibility for AI.
Also this week a big focus is on AI and cyber security prompted by the Five Eyes intelligence alliance joint statement warning of AI-accelerated cyber threats. It’s likely this is in response to the abrupt worldwide shuttering of Anthropic’s Mythos model. This got me thinking about cyber security in the arts, recent cyber attacks against international and local arts brands and how our IT teams might cope with this heightened cyber security demand.
Looking to Europe, the EU has a new declaration for culture while in the US Lachlan Murdoch’s Fox Corporation is looking to buy set-top box maker Roku. And there hasn’t been A bit on the side for awhile, but this week it’s back looking at OpenAI’s talent grab and two AI and film research projects: one sees Google DeepMind and A24 team up and the other sees Netflix focus on AI and film pain points.
Rapid-fire
A short list of other things:
- Ben Graetz has been appointed as the incoming Artistic Director of Darwin Festival. Shoot through
- The Foundation for Australian Literary Studies (FALS) at James Cook University (JCU) announced the 2026 Margaret and Colin Roderick Literary Award longlist. Congratulations to all the nominees. Shoot through
- Belvoir St Theatre’s Marrickville production workshop was destroyed by fire yesterday. The cause is not yet known. Shoot through
- Meta have released a cheaper range of smartglasses, trading the Ray-Ban brand for Kylie Jenner. Shoot through
- The screen industry collecting society Screenrights is looking for a Head of Policy & Stakeholder Relations to handle copyright, licensing and related AI policy issues. Shoot through
WTF’s been going on?
Here's WTF happened this week:
A whistleblower claims the government is secretly considering an AI training copyright exception
Senator David Pocock has accused the Albanese Government of secretly considering a text and data mining (TDM) exception despite repeated statements to the contrary.
Claims the government hasn’t actually ruled out a text and data mining (TDM) exception to permit AI training on copyright material continue to surface despite Attorney-General Michelle Rowland publicly stating (and reiterating) that a TDM is not on the table. Senator David Pocock has accused the Albanese Government of secretly considering two options to allow AI companies to train their systems on Australian copyright material: a TDM exception in exchange for data centre investment and a hundreds of millions of dollars creative fund or a licensing scheme ⟨ although it is unclear if Pocock was referring to a statutory licence for AI training or extended collective licensing (ECL) ⟩ Pocock got wind of the plans through a whistleblower and confronted Minister for Industry and Innovation and Minister for Science Tim Ayres during Question Time yesterday, asking:
Minister [Ayres], it has been put to me that the government is in fact considering competing proposals allowing some form of carve-out or an extension to the licensing system in exchange for a new creative arts fund and an additional multibillion-dollar investment in data centres, which you seem very keen on, with expedited approvals, and that the Prime Minister intends to announce this plan on or around 15 July. Is that, or any element of it, correct?
Ayres reiterated that ‘there will be no undermining of copyright protections’ and called Pocock’s intel ‘reckless speculation’. Later spokespersons for both Ayres’ and Assistant Minister for Science, Technology and the Digital Economy Andrew Charlton both called the claims ‘inaccurate’.
Cam Wilson
Five Eyes intelligence alliance warns of AI-superpowered cyber security risks
Against the vulnerabilities revealed by Anthropic’s ‘too powerful for the public’ Mythos Preview the Five Eyes intelligence alliance has made a rare joint statement warning that rapidly evolving AI is accelerating the speed and complexity of cyber risks, calling for an ‘fight fire with fire’ response.
The cyber security agencies in the countries in the Five Eyes intelligence alliance – Australia, the United States, Britain, Canada and New Zealand – are jointly warning business leaders and AI developers to act as frontier AI models get more sophisticated for better and worse. AI is ‘fundamentally transforming both offensive and defensive cyber capabilities’ in months, not years. While ‘AI offers powerful tools to strengthen defence’ it also ‘lowers barriers for malicious actors and increases the speed and complexity of attacks, shrinking the window between vulnerability discovery and exploitation ever more quickly.’
The Five Eyes cyber security agencies say managing cyber risk needs to be more than a ‘purely technical issue’. They caution cyber resilience is crucial to advancing business continuity and market confidence, making it a ‘core business risk and leadership responsibility’. Their advice is to:
- reduce unnecessary connections to the internet
- do security patching quickly to reduce the time between vulnerability discovery and exploitation
- retire unsupported systems as they are ‘strategic liabilities’, ‘not just technical debt’
- limit access to critical systems and enforce strong authentication
- assume breaches will happen and be ready for fast containment and recovery
- engage in deliberate use of AI to strengthen defence
It is easy to read this as fearmongering, but real risks from state-backed and criminal outfits exist. The Sydney Morning Herald ran a long-form piece yesterday looking at the potential for violence and harm coming from AI systems themselves, but also from their use by nefarious actors. The White House has raised foreign distillation of US AI models to a national security issue. Plus the risk of jailbreaking to bypass guardrails on AI models was reportedly behind the US Department of Commerce’s recent export control directive to Anthropic to suspend all access to Fable 5 and Mythos 5 to ‘any foreign national, whether inside or outside the United States, including foreign national Anthropic employees.’ To ensure compliance, Anthropic pulled access worldwide on Friday 12 June 2026, just three days after the models Anthropic earlier said were ‘too powerful for the public’ were released publicly.
The preview of Mythos and the ‘thousands of high-severity vulnerabilities’ it found in ‘every major operating system and web browser’ and other critical software infrastructure the internet depends on was the reason Anthropic teamed up with 11 other Big Tech and major companies including Amazon Web Services (AWS), Apple, Cisco, Google, Microsoft, NVIDIA and The Linux Foundation to form Project Glasswing , a collaborative effort to secure the world’s most critical software. It is not just the speed and scale at which Mythos can find zero-day vulnerabilities ⟨ tech speak for security flaws in software or hardware unknown to its developers that could be susceptible to malicious attacks ⟩ that has the tech industry spooked; it is also the fact that the model identified exploits for known vulnerabilities that have been patched ⟨ tech speak for when a bug or security vulnerability has been fixed ⟩ meaning issues long believed to be dealt with could become an issue again and the fact that Mythos demonstrated how multiple low-severity vulnerabilities could be linked to become workable exploits in ways traditional cyber security is not used to handling..
While other AI companies agreed to pre-release US government checks of frontier AI models last month, Anthropic isn’t one of them. Even so, they have said they believe governments should have ‘the legal authority to block or deter dangerous deployments,’ adding in their statement about the disabling of Fable 5 and Mythos 5 for all its customers that such government intervention should be ‘part of a statutory process that is transparent, fair, clear, and grounded in technical facts’. They claim that’s not what happened here. We may never know the exact reason for the directive or whether it was a retaliatory action given the very public falling out between Anthropic and the Trump administration at the end of February.
- Five Eyes cyber security agencies statement, Australian Cyber Security Centre (ACSC), Australian Signals Directorate (ASD), Australian Government, Monday 22 June 2026
David Swan
Sherryn Groch
The arts needs to drop the ‘we aren’t a target’ cyber security mentality
Arts and cultural organisations are not immune from cyber risks and are increasingly targets of cyber attacks. Having tech staff and budget may not be possible for every organisation, but implementing basic measures like password managers, multi-factor authentication and regular IT audits can help your cyber resilience.
Given the vulnerabilities revealed by the Mythos Preview and the Five Eyes joint warning on cyber security how will arts and culture and GLAMs (galleries, libraries, archives and museums) respond? How many IT managers in arts organisations and cultural heritage institutions have heeded the warnings? And what are they doing about it?
Up until now the IT backbone of most arts organisations and GLAMs is a cobbling together of legacy systems, band-aid solutions and a ‘we aren’t a target’ mentality. But these bodies are easy targets; they hold significant amounts of data, have complex public-facing technology such as online catalogues, ticketing systems and public wi-fi and they typically have underfunded IT teams exacerbating their technical debt.
The British Library learned this lesson publicly in October 2023 when the Rhysida ransomware group hammered their systems in an attempt to extort Bitcoin. While the UK’s national library didn’t pay they are still working to get all their services available again. Then in October last year the British Museum found out why you should regularly audit access to key systems when a former IT contractor shut down several systems on-site at the museum. Uffizi Galleries, Christie’s, Arts Centre Melbourne, Réunion des Musées Nationaux (RMN) and The Metropolitan Opera are all included in the list of arts and cultural organisations impacted by cyber crimes in the last five years. A recent addition mentioned in last week’s newsletter is the State Library of New South Wales which says it has largely come out the other side of a cyber security incident that took down the library catalogue at the beginning of May.
Even bigger arts organisations are unlikely to have a full complement of cyber security staff working with enterprise-grade security software. In small-to-medium arts organisations the ‘IT department’ is probably whoever knows how to fix the printer. How can we improve the digital security of our arts organisations?
Last week the Digital Preservation Coalition (DPC) announced a three-part Technology Watch Guidance Note series exploring cyber security and resilience for digital preservation and released the first Guidance Note, Part 1: Understand Cyber Threats to its members ⟨ which as a non-member I need to wait until the end of August to access. ⟩ In the meantime a few free fixes will at least start to improve your IT security:
- consider introducing a password manager that is budget-friendly, supports unique user accounts, is easy for non-technical staff or volunteers to use and is capable of securely sharing credentials through access permissions
- turn on multi-factor authentication (MFA) (sometimes also called two-factor authentication (2FA)) on every system you can, but be sure to securely store recovery codes so you don’t end up locked out of your accounts
- review and rationalise who has access to different systems, where possible use unique user accounts rather than a single username and password and update access regularly, removing users who should no longer have access
- turn on automatic updates for operating systems and web browsers to reduce the change of exploitation
- audit your systems at least quarterly and retire systems you no longer need.
Europe has declared to protect, promote and support culture
EU leaders signed ‘Europe for Culture, Culture for Europe’ committing to centering culture in European policy by supporting artists, increasing access to culture, improving diversity and inclusion in the arts and recognising the social and environmental benefits of culture and preserving cultural heritage.
Last Thursday the Presidents of the three major European Union institutions – the Council of the European Union, the European Parliament and the European Commission – signed the ‘Europe for Culture, Culture for Europe’ joint declaration committing to place ‘culture at the heart of the European project by protecting and promoting artistic freedom, cultural diversity, inclusion and fair conditions for artists’. The declaration ‘acknowledges the immense benefits that Europe’s cultural and creative sectors provide in terms of fostering a shared European identity, underpinning core EU values such as freedom, equality and respect for human rights, and boosting the EU’s competitiveness’.
Core principles focus on:
- supporting artists and cultural professionals including protecting freedom of expression, ensuring fair pay, improving arts and cultural working conditions and fostering an ethical human-centric, rights-based approach to using AI
- broadening inclusive access to culture and to the cultural and creative professions, particularly for young, vulnerable or marginalised persons, by promoting arts education
- amplifying the social and environmental benefits of culture by harnessing culture to improve health and well-being, driving regional development and sustainable tourism and highlighting the importance of culture in policy responses to ecological challenges
- promoting the EU’s cultural and linguistic diversity and protecting and preserving Europe’s cultural heritage by leveraging digital technologies.
- ‘Europe for Culture, Culture for Europe’: European institutions commit to placing culture at the heart of EU policy, Council of the European Union, Thursday 18 June 2026
Roku is set to become part of Lachlan Murdoch’s Fox Corporation
Fox Corporation will acquire set-top box maker Roku in a bid to create simpler, more unified experiences for streaming audiences and advertisers.
Fox Corporation has announced it will acquire set-top box maker Roku in a deal that will cost Fox about US$22 billion including debt. Roku will reportedly continue to be run independently ‘as an open, partner-friendly platform’ but will ‘bring together Fox’s live news and sports content with a streaming platform that has a large viewership’.
Beyond access to streaming subscribers, likely more valuable to Fox is the exposure to advertising. Fox Corporation CEO Lachlan Murdoch said:
Consumers are gravitating toward simpler, more unified experiences on their favourite platforms like Roku. Advertisers are reaching similar conclusions, seeking large audiences, improved digital targeting and more consistent measurement across platforms.
Roku founder, chairman and CEO Anthony Wood will have a role in the merged entity and will join Fox's board.
The deal is expected to close in the first half of next year. It still needs approval from Fox and Roku shareholders, as well as regulatory approval.
Michelle Chapman
A bit on the side
WTF else happened this week:
OpenAI attracts AI leaders to its ranks. Beyond models another important factor for AI developers is their talent. Recently there has been a number of staffing changes. Google Vice President of Engineering and Co-lead of Gemini Noam Shazeer announced on X last Thursday that he will be leaving for OpenAI. The ChatGPT maker is also reportedly bringing on former Trump White House AI policy official Dean Ball. Also, Emily Dalton Smith has left Meta just two months after it was announced she would lead a company-wide overhaul to center AI internally and in its user-facing offerings.
- Google Gemini co-lead Noam Shazeer to join IPO-bound OpenAI, Reuters, Thursday 18 June 2026
Rebecca Bellan
- Meta head of product for 'AI for work' transformation is leaving company, Reuters, Wednesday 17 June 2026
Google and Netflix announce AI and film research. Google’s AI research lab DeepMind and independent arthouse film company A24 have announced a ‘first-of-its-kind’ research partnership ‘to help artists develop new workflows and techniques’ and ‘ensur[ing] the tools of the future are shaped by the creators who use them.’ Netflix has also announced two research explorations that aim to give filmmakers precise creative control: Vera and VOID. Rather than regenerating an entire clip, Vera uses a layered video diffusion framework to isolate changes to specific objects while the rest of the clip remains untouched. VOID focus on object removal that performs physically-plausible inpainting.
Eli Collins
Netflix Technology Blog
Colophon
Reuse
Content published elsewhere
AI use
No part of the text of this blog post was generated using AI. The original text was not modified or improved using AI.
AI was used to generate an introduction and summaries of listings, but no AI-generated content was used verbatim.
The banner graphic (i.e. the first image at the top of the blog post) was adapted from vector graphics generated in Adobe Illustrator using Firefly 4 with 'Subject' content type selected and the lowest level of detail set. { Text to Vector Graphic prompt: Seamless pattern, very large simple shapes, 80s retro style, fluid organic elements, morphing, overlapping, blurred gradients, visible layers. }
Provenance
This blog post was first published on Wednesday 24 June 2026. It has not been updated. This is version 1.0.
