Policy on the use of generative AI

Use of generative AI software is allowed (but not required) for this assessment. Any output of

generative AI software that is used within your assessment must be attributed with full referencing.

Possible acceptable uses of generative AI software include improving the writing and argumentative style of your analysis or using AI assisted translation software to translate a first draft written in another language into English.

You will be assessed based on the content of the document that you submit. The outputs of AI tools are not always accurate, appropriate, or properly referenced. By using generative AI   software, you are assuming the responsibility of moderating and critically evaluating the outputs from the AI tools you use before submitting your assessment. Including inaccurate,   inappropriate, or falsely/incorrectly referenced content may result in a failing grade based on the marking rubric.

As generative AI and other tools make it increasingly easy to generate and distribute  convincing but false or misleading information, the importance of using and critically evaluating credible sources is more important than ever. This is reflected in the marking criteria for this assessment. Generative AI software is a potentially powerful tool when used appropriately, but it is not a credible source of information.

If the outputs of generative AI software are not appropriately attributed in your submission, your marker will determine whether the omission is significant. If so, you may be asked to explain your understanding of your submission. If you are unable to satisfactorily demonstrate your understanding of your submission, you may be referred to UNSW Conduct & Integrity

Office for investigation for academic misconduct and possible penalties.

Requireddocumentation

If you choose to use generative AI software at any stage of the planning, research and writing of your assessment, you must submit a separate document, which contains the following:

1.  A short (1 paragraph) description of how you used generative AI software for this

assessment. This should include a description of what prompts/inputs you used (e.g.,

questions, text from your original first draft, etc.) and how you evaluated, moderated, and incorporated the output into your final submission.

2.  A complete transcript of your interactions with all generative AI tools that you used. This should include the full “conversation” between you and the software from beginning to    end. If you have used translation software, this should include your original non-English   draft.

This document will not be marked. Instead, it serves two purposes. First, it is a reflective exercise for you to consider whether you have used generative AI tools in an appropriate and    effective way. Second, it will be a reference that your marker can consult for additional context when evaluating your submission against the marking criteria – for example, if there are any questions regarding your attribution of AI tools, your referencing of source material, or how you have applied course concepts.

There are 6 pages in this document. Read all 6 pages.

There are three questions on page 6, which are equally weighted.

Please answer all 3 questions.

You should consult, apply, and properly reference multiple sources we have provided to write a good answer. Several sources have been provided in the case description.

Additional sources (research) may be helpful but are not strictly required. We will not

award or deduct points based directly on number of sources, but answers that do not

support their arguments will multiple sources are not likely to meet the D/HD criteria. (We will deduct marks for improper referencing of sources.)

No resubmissions are allowed.

This is an individual assessment. Any evidence of collusion at any point after the release of the case study will result in an Academic Integrity investigation.

You must watch theAcademic Integrity Remindervideo before submitting your Case Study Analysis.

This is the case study analysis marking rubric.It is a useful tool to check your work and to ensure that you have addressed the questions in full.

Failure to comply with the overall word limit will reduce your score (via Criterion 4) by one mark for exceeding the limit by more than 10% and by two marks for exceeding it by more than 25%.

You can receiveacademic writing supporthere.

Studiocityis available If you wish to receive feedback on written work.

If you experience any technical difficulties in uploading your assignment, make sure to

document the issues (one way of doing this is by using screenshots) and contact UNSW IT immediately. The teaching team are notable to assist with technical issues. Make sure to allow yourself enough time to upload your assignment.

Late submission will incura penalty of 5% per day or part thereof (including weekends)

from the due date and time. The assessment will not be accepted after 5 days (120 hours) of the original deadline unless special consideration has been approved. For further information please referPolicies and Support.

. If your assignment is late due to technical difficulties, you will have to apply for Special Considerationand provide evidence - including time stamps - of the issues you

experienced and the actions you took to resolve these issues.

. Please refer theAssessment Guidefor more detailed information on this assessment

. If you have further questions, post them in the Discussion Forum on Moodle.

caseBackgroundand Information

On 22 September 2022, Optus – Australia’s second largest telecommunications provider –

reported that it had suffered acyber attackthat had resulted in amassive data breach. In the weeks after the data breach was announced, Optus reported that the personal information of more than2 millionof its 9.7 million customers was compromised. The data compromised    included names, dates of birth, phone numbers, and email addresses of Optus costumers, as well as “at least one number from a current and valid form of identification” for about 1.2

million customers.

The data breach resulted in Optus customers being targeted by cyber criminals “harassing    them with fake SIM card replacement requests, fake compensation claims and other general threats.”

When it first reported the cyber attack, the CEO of Optus, Kelly Bayer Rosmarin,released a statementwhich included the following:

We are devastated to discover that we have been subject to a cyber-attack… As soon as we knew, we took action to block the attack and began an immediate investigation.

While not everyone may be affected and our investigation is not yet complete, we want all of our customers to be aware of what has happened as soon as possible so that

they can increase their vigilance.

We arevery sorry and understand customers will be concerned. Please be assured that we are working hard, and engaging with all the relevant authorities and organisations,    to help safeguard our customers as much as possible.

Optus later released aletterdetailing its response to the data breach, setup awebsiteto

publish updates and support tools for its affected customers, and commissioned an external   review of the cyber attack by consulting firm Deloitte. Nevertheless, by some estimates, Optus had lost ten percent of its costumersin the weeks after the breach and could ultimately

experience hundreds of millions of dollars in financial losses.

In the aftermath of the data breach, Optus received criticism by government ministers, and the

Federal Government responded by announcing changes to the Telecommunications

Regulations 2021 and theAustralian Prudential Regulation Authority (APRA),Australian  Competition & Consumer Commission (ACCC), and Office of the Australian Information

Commissioner (OAIC) announced coordinated effort to better protect Australians following the Optus data breach.