Brandis reworks telco security reforms after industry outrage

By

Tightens up provisions to soothe telcos.

The federal government has altered plans to force telecommunications companies to inform it about network changes and procurement intentions after the sector reacted angrily to proposed legislation.

Brandis reworks telco security reforms after industry outrage

In June the Attorney-General's Department released its draft 'telecommunications security sector reforms', aimed at managing national security risks from interference with Australia's telecommunications networks.

The reforms were in part driven by concerns about foreign suppliers of telco equipment and managed services working on the critical national infrastructure.

The draft TSSR sought to lay down a regulatory framework to replace the 'goodwill' the government currently relies on to ensure telcos are properly addressing security threats.

At the moment, telcos are required under the TIA Act to notify the government of any planned network changes that could negatively impact security - but do not face penalties for non-compliance. 

The government therefore decided to impose new reforms which would legally require telcos to hand over any information on network changes and procurement plans that had the potential to compromise security, or face civil penalties.

But the industry fought back against the proposal, uniting in its universal opposition to the planned changes.

Australia's biggest telco Telstra, industry representative body the Communications Alliancefour other industry representative groups and the OAIC as well as individual companies all made submissions critical of the bill.

In response, the government has made a number of changes it hopes will soothe telco concerns.
 
Significantly, the new proposal introduces a higher test threshold before a direction to a telco can be made by the government.
 
A security agency must have provided an adverse security opinion on the specfic issue and the Attorney-General must be satisfied the problem is prejudicial to national security - and have consulted with the company - before a direction can be issued.
 
The new bill also allows telcos to apply for a judicial review of a government direction, and has removed the government's power to hand authority to make a telco direction to the head of ASIO. 
 
It has similarly tightened protections around how much data can be sought from a telco and who the government can share that information with.
 
The powers to issue directions now sits with the Attorney-General only, rather than the secretary of the department.

The department said the ongoing costs of resourcing and administering the scheme were estimated to be $1.6 million annually for the government.

The costs of compliance for telcos was previously estimated to be around $184,000 per organisation annually.

The Communications Alliance said it was still digesting the draft but noted the changes did reflect concerns expressed by the industry.

"[The new draft] certainly represents a more balanced approach to meeting the objectives outlined by government," the industry body said.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
brandissecuritytelco/isptssr

Sponsored Whitepapers

Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra

Events

Most Read Articles

NSW Police to embark on $126m IT overhaul

NSW Police to embark on $126m IT overhaul
CBA looks to GenAI to assist 1200 'security champions'

CBA looks to GenAI to assist 1200 'security champions'
Victoria's first government tech chief steps down

Victoria's first government tech chief steps down
WestJet probes cyber security incident

WestJet probes cyber security incident
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?