The Australian government is moving a step closer to having the attorney-general overseeing its telecommunications networks – even while the committee that looked at the bill says it lacks detail.
The Telecommunications and Other Legislation Amendment Bill 2016 gives AG George Brandis' department oversight of telecommunications network security, and requires carriers to tell the department if they plan making changes to their networks.
It comes after years of consultations that frequently involved carriers telling the government to back off.
The legislation has been revised in light of industry complaints about its wording, and there's also a recommendation that the government clarify security obligations for cloud computing and over-the-top services.
Likewise, the committee wants the government better define obligations where “a company’s infrastructure is located in a foreign country, and used to provide services and carry and/or store information from Australian customers”.
The bill still lacks enough definition of what should be excluded from its scope, seeking a “listing the sorts of changes that are envisaged to not require notification to the Communications Access Co-ordinator (CAC), as well as providing more detailed information about the sorts of changes that do require notification to the CAC”.
The various refinements sought by the committee should (not, we note, “must”) be completed before the end of the legislation's proposed 12-month implementation period.
The government's data retention regime gets a mention, with carriers required to notify the government of “any new or amended offshoring arrangements in relation to retained telecommunications data”.
The legislation will be subject to annual reporting to parliament. The full report is linked here. ®