Australian businesses, governments and the broader community have increasing amounts of sensitive information stored electronically on and communicated across telecommunications networks and facilities. Australian telecommunications systems and networks are part of our national critical infrastructure and form the backbone for other critical infrastructure and services. For these reasons telecommunications networks and systems are actively targeted by those who wish to harm Australian interests.
National security risks in the form of espionage, sabotage, and foreign interference can arise in the global supply chain for telecommunications equipment, services, or the outsourcing of sensitive network management functions. It is vital that these security risks are managed to protect the availability and integrity of telecommunications networks and systems and the confidentiality of information stored and carried on these networks and systems.
Telecommunications Sector Security Reforms
On 27 November 2015, the Attorney-General and the Minister for Communications and the Arts released for public comment a second exposure draft of legislation that would establish a security framework for the telecommunications sector. The government also released the revised Explanatory Memorandum, which explains the proposed changes, and draft administrative guidelines, which provide practical guidance to industry on how to meet the proposed legislative requirements under the legislation.
A number of changes were made to improve the operation of the proposed legislation in response to feedback received during an earlier public consultation which commenced in June 2015. These changes include safeguards on the use of the proposed regulatory powers and clarification of the intended scope and application of requirements to be imposed on telecommunications providers.
Submissions were sought from interested organisations and individuals on the revised draft bill by 18 January 2016. The following parties provided permission for their submissions to be published on this website:
The Australian Government held a public consultation on the reforms between 26 June and 31 July 2015 and received detailed feedback. The following parties provided permission for their submissions to be published on this website:
Regulatory impact statement
A regulatory impact statement (RIS) was prepared by the Attorney-General's Department and assessed as compliant and consistent with best practice by the Office of Best Practice Regulation (OBPR). The RIS estimates the average annual additional regulatory cost to be $220,000 a year across the whole industry and identifies offsets. An unclassified version of the RIS has been published on the OBPR website.
Any queries in relation to these reforms or the submission process can be made to the department's Cyber and Identity Security Policy Branch at email@example.com.