Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

Oz carriers to Attorney General Brandis: get OUT of our networks

Telcos speak with one voice on telco security 'reforms'

Australia's telecommunications industry has spoken with one voice: George Brandis Attorney-General-as-Sysadmin legislation is a mess.

The Attorney-General's (AG's) department has published the submissions received on the legislation (here), and among the ten industry-written submissions there's not one in support of the Telecommunications and Other Legislation bill.

Seven submissions complain that the procedures by which the AG might decide to issue a direction to a carrier are unclear or lack procedural fairness, and the same number say the laws are too broad.

As pay television operator Foxtel notes, the legislation doesn't even explain how long a carrier might have to comply with an order: “There are no timeframes specified for the Attorney-General’s Secretary to make such assessments”, its submission states.

Since an order might range from “withdraw this service” to “get rid of all kit from Vendor X” to “rewrite your entire route table so traffic does not traverse New Zealand”, not knowing how fast an order might have to be implemented is a serious concern.

Internet service providers iiNet and TPG homed in on the vendor-ban possibilities in the bill. iiNet notes the bill could even allow the A-G to order a carrier “to cease using the equipment or service if it is already using it” (even if the carrier itself was perfectly happy with the equipment.

Optus noted that such idiotic orders could be made with no genuine risk assessment: “It would appear from the Exposure Draft that if a threat or risk merely exists, it provides an adequate basis for a Direction to be issued, without any qualification on the threat or risk assessment”, its submission states.

Telstra agrees, generously allowing that there might exist someone in Australia's Security Intelligence Organisation (ASIO) with a spoonful of clue: “a security assessment from ASIO should be obtained before a direction can be made and a statement of reasons issued alongside any directions”.

That's much more generous than TPG was willing to be: “TPG does not believe the Attorney-General or his secretary is the best placed authority to make decisions about a Telco’s network security. They lack the requisite knowledge of the intricacies of a Telco’s systems and are unlikely to possess the skills to determine the appropriate form and level of network security required”.

TPG also doesn't trust the A-G's department to keep politics out of its decisions, saying that as the law now reads, a direction could include: “Please stop supplying the Internet to people who are not citizens of Australia” or “We direct you to intercept carriage services supplied to this suspected terrorist”.

Trident Submarine Cable plays the industry development card, pondering potential impacts on Australian innovation into the mix: “Trident is also concerned that this power to arbitrarily override procurement decisions may have a detrimental effect on the willingness of the private sector to invest in new systems, processes and services and new businesses in the first place, driving such innovation and development offshore.”

None of the submissions like the idea of handing their network data over to the department without knowing what obligations are on the A-G to secure their data, and the industry also complains there's little indication of the implementation timeframe for the legislation.

There's also no safe harbour or review mechanisms in the bill (one wag went so far as to suggest carriers could appeal to the communications minister), and naturally enough, carriers already burdened by being made to implement copyright filters and metadata-retainers want to know who's going to pay for it all when the AG asks them to buy new kit, or adjust it according to government fiat. ®

 

Similar topics

TIP US OFF

Send us news


Other stories you might like