The Coalition, Labor and the Nick Xenophon Team have voted for a bill that will implement the government’s Telecommunications Sector Security Reforms (TSSR).
The Senate today passed the Telecommunications and Other Legislation Amendment Bill 2016, which implements the TSSR scheme.
The legislation creates formal obligations for telecommunications carriers to protect their networks and to inform the government of any planned changes that could potentially affect the security of their infrastructure.
It also grants the government wide-ranging powers to issue directions to telcos “to do, or to refrain from doing, a specified act or thing within the period specified in the direction”.
The government earlier this month announced it had accepted the recommendations of a bipartisan report on the bill by the Parliamentary Joint Committee on Intelligence and Security (PJCIS).
Those recommendations include the release of additional guidelines for industry as well as a range of changes to clarify the functioning of the TSSR regime.
The legislation was opposed by the Greens and Liberal Democrat Senator David Leyonhjelm.
“This bill has been the subject of extensive consideration by the Parliamentary Joint Committee on Intelligence and Security,” Attorney-General Senator George Brandis said today during debate on the bill.
“The PJCIS has recommended a number of amendments which the government has agreed to and I want to thank the opposition both for its support for the bill and its contribution to the deliberative process through the PJCIS.”
The bill is the ninth tranche of significant national security legislation introduced by the Coalition government in the last three years, he said.
“The bill is a critically important piece of national security legislation because telecommunications networks form part of Australia’s critical infrastructure and also support other critical sectors such as health, finance, transport , water and power,” the attorney-general said.
“Cyber threats to Australia are persistent, whether they arise from sabotage, espionage, serious and organised crime, or other technology-enabled crime.”
Brandis said that the existing framework for managing those risks in the telco sector is “inadequate”. “It relies on voluntary cooperation and goodwill, which is not always sufficient given the nature of the risks to national security and the gravity of those risks,” the attorney-general said.
In a joint submission to the PJCIS’s inquiry, the Australian Industry Group, the Australian Information Industry Association, the Australian Mobile Telecommunications Association, and Communications Alliance said that the legislation was “onerous in terms of regulatory overhead and compliance risk”.
The TSSR regime is “excessive” in its focus on the risks associated with the introduction of new equipment or services, the association argued.
Instead of strengthening security, the legislation “may in fact divert scarce resources away from investing directly in addressing cyber security threats, to compliance overhead arising from the regime,” the submission stated. The bill is yet to be debated in the House of Representatives.