news A coalition of industry groups has raised concerns over pending national security legislation for the telco sector – the draft Telecommunications and Other Legislation Amendment Bill 2015.
Dubbed the Telecommunications Sector Security Reforms, the legislation has been in development by the Attorney-General’s Department for at least a year. It will give the Government sweeping powers over private sector telco networks, requiring, among other powers, telcos to notify security agencies of key changes to networks and giving the Attorney-General’s Department the power to request information from and issue directions to telcos.
Malcolm Turnbull has confirmed that the bill could result in telcos being informed they cannot buy equipment from certain manufacturers. This would be likely to mean that companies such as Chinese network manufacturer Huawei — which has already been banned from contracting to the National Broadband Network on un-named security concerns — may lose contracts worth tens to hundreds of millions of dollars with key suppliers such as Telstra, Vodafone and Optus.
This week the Communications Alliance, along with the Australian Industry Group (Ai Group), Australian Information Industry Association (AIIA) and the Australian Mobile Telecommunications Association (AMTA), released a submission to the Federal Government outlining their issues with the second exposure draft of the legislation.
“We welcome the fact that the Government has responded – by way of amendments – to some of the concerns raised by our industries during 2015 in respect of the first exposure draft,” said John Stanton, CEO of the Communications Alliance. “We do, however, maintain that further adjustment of the proposed reforms is needed to extend and maintain the security framework for the telecommunications industry in an effective and efficient manner.
“We remain especially concerned with the potentially negative consequences of the proposed reforms on businesses and innovation, particularly in the context of the Internet of Things (IoT),” he explained.
In their submission, the industry groups, which represent more than 60,000 Australian businesses, spelled out that the purpose of the proposed reform remains unclear, and that there remain several areas of “vague” wording, including uncertainty over the status of resale of overseas services and the ability of intermediaries to comply with the legislation.
That the “onerous nature” of the compliance requirements will hamper the responsiveness of providers to cyber threats, is also a concern.
Furthermore, the groups cite “inconsistencies” between the draft legislation and associated guidelines concerning the potential requirement for providers to retrofit or remove existing facilities.
These, they said, pose the risk that the industry could face “very high costs” to rebuild existing networks.
“We believe that the more collaborative approaches to dealing with cyber threat to communications infrastructure that are being taken or contemplated in major international markets such as the USA, UK and Canada would provide better avenues to improving cyber security,” said Stanton.
He suggested that these “less prescriptive strategies” be carefully examined in Australia before the government proceeds down the path currently proposed in the draft.
“Industry remains committed to working with Government to find the most efficient, effective and least prescriptive policy outcome whilst ensuring the robustness of our national communications infrastructure,” Stanton said.
Last summer, the same coalition of groups raised concerns over the first exposure draft of the TSSR legislation.
At the same time, Labor demanded the government produce a “revised exposure draft” of the bill, before it was examined by the Parliamentary Joint Committee on Intelligence and Security.
“Australia needs to better protect its critical telecommunications networks from national security threats such as espionage, sabotage and foreign interference,” a spokesperson for the Attorney-General said at the time. “The Government has consulted extensively with industry and we welcome their feedback on the exposure draft. We are working closely with industry to finalise the legislation.”
Now that the revised legislation has arrived, it seems the government has still not fully addressed some of the raised concerns.
Image credit: Parliamentary Broadcasting
Dear morons in charge.
If you want to protect Critical infrastructure stop selling it off.
Regards,
Everyone with half a brain in Australia.
It’s interesting, considering that the presence of backdoors or security flaws in chinese-manufactured network equipment is still conjecture, IIRC, while the presence of backdoors *and* built-in security flaws in US-manufactured network equipment is proven fact… and yet, I doubt gear from those US suppliers will be black-listed, outside the most sensitive gov’t uses.
Comments are closed.