Offshoring put on notice under proposed telco security law changes

Offshoring put on notice under proposed telco security law changes

The Federal Government accepts recommendations to amend the proposed legislation

George Brandis - Australian Attorney General (picture courtsey of Neil Duncan & Deutsche Messe via Flickr)

George Brandis - Australian Attorney General (picture courtsey of Neil Duncan & Deutsche Messe via Flickr)

The offshoring of data held by telcos and internet service providers (ISPs) is set to come under scrutiny amid recommended changes to the Government’s proposed telecommunications security legislation.

The Federal Government revealed on 9 August it had accepted several recommendations made by the Committee reviewing its controversial Telecommunications and Other Legislation Amendment Bill 2016, which was introduced into Parliament late last year.

The Bill is aimed at amending the Telecommunications Act 1997 to introduce a regulatory framework that is intended to better manage national security risks of unauthorised access to, and interference with, telecommunications networks and facilities.

Among the 13 recommendations made by the Parliamentary Joint Committee on Intelligence and Security (PJCIS) accepted by the Government was the recommendation that the proposed legislation be amended to include a specific obligation compelling telco carriers or carriage service providers to notify the Communications Access Co-ordinator (CAC) of any new or amended offshoring arrangements.

This requirement relates to data retained under Part 5-1A of the Telecommunications (Interception and Access) Act 1979.

In its response, the Government agreed to amend the Bill to include a specific obligation within the notification requirements for carriers and carriage service providers to notify the CAC if they “enter into any arrangements to have information or documents to which subsection 187A(1) of the Telecommunications (Interception and Access) Act 1979 applies kept outside Australia”.

The Government accepted several other recommendations, including the call for the proposed laws to be revised to provide comprehensive information, clarity and certainty to industry in a greater range of circumstances.

In particular, the revised administrative guidelines should provide further clarity regarding a company’s security obligation in circumstances where a company is providing or reselling an over the top service, telecommunications infrastructure is used (but not necessarily owned or operated) by the company.

It should also apply to circumstances where telecommunications infrastructure is used, but not necessarily owned or operated, by the service provider in question.

Likewise, the additional clarity should also apply where a company’s infrastructure is located in a foreign country, and used to provide services and carry or store information from Australian customers, and where a company provides cloud computing and cloud storage solutions.

The Government said in its response that revised guidance will be developed within the 12 month implementation period.

“The proposed reforms create an obligation on carriers and carriage service providers to do their best to protect their networks from unauthorised access and interference,” a joint release by the Minister for Communications, Mitch Fifield, and the Attorney-General, George Brandis, stated.

“This includes providing early advice to Government of any changes to their network that may be of security concern, so that agencies  can assess risks and cooperate with industry on mitigation strategies,” the statement said.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags ISPTelcoTelecommunicationsfederal governmentGeorge BrandisMitch Fifield


EDGE 2023

EDGE is the leading technology conference for business leaders in Australia and New Zealand, built on the foundations of collaboration, education and advancement.


ARN has celebrated gender diversity and recognised female excellence across the Australian tech channel since first launching WIICTA in 2012, acknowledging the achievements of a talented group of female front runners who have become influential figures across the local industry.

ARN Innovation Awards 2023

Innovation Awards is the market-leading awards program for celebrating ecosystem innovation and excellence across the technology sector in Australia.

Show Comments