We're consulting on the extension of legislative instruments to ensure continued security obligations for the telecommunications sector.
Why we want your input
The proposed extension will provide further clarity for the sector and reduce regulatory duplication. Carriers and eligible carriage service providers (CSPs) will continue to be required to report on asset and cyber security incidents, to align with the obligations other sectors have under the Security of Critical Infrastructure Act 2018.How you can voice your opinion
Read the consultation overview (and legislative instruments if you aren’t familiar with them) and provide your submission using the form below. You can also make a submission by email or post.What will be the outcome of this consultation?
Your submission will help inform the decision to extend the security information obligations for carriers and eligible CSPs.The Issue
In July 2022, instruments were put in place to require telecommunications carriers and CSPs to provide information to the Register of Critical Infrastructure Assets. This register supports the Australian Government to identify and manage risks to critical infrastructure assets which could cause significant harm to Australia.
The Security of Critical Infrastructure Act 2018 (SOCI Act) was amended in December 2021, introducing new positive security obligations for many sectors. These provisions did not cover the telecommunications sector.
On 7 July 2022, the Australian Government created parallel obligations for the telecommunications sector by putting in place the Telecommunications (Carrier License Conditions—Security Information) Declaration 2022 and the Telecommunications (Carriage Service Provider—Security Information) Determination 2022, as separate arrangements in the Telecommunications Act 1997.
The Australian Government is still deciding on the best approach in the longer term to address telecommunications security issues. Since the legislative instruments are due to sunset on 7 January 2024 and replacement legislative amendments will not be in place by that date, the Australian Government is seeking to extend the timeframe of the instruments to allow enough time for these reforms to take place.
The extension of these instruments by an additional 18 months will extend security information obligations for carriers and eligible carriage service providers from 7 January 2024 to 6 July 2025 (23.59).
We are seeking views from interested parties on the extension of legislative instruments for another 18 months, through an amendment to the wording in Part 4 of the legislative instruments to change the timeframe wording from 'eighteen months' to 'three years'.
Relevant documentation
Participate
13 Nov 2023 17:00 AEDT
13 Dec 2023 17:00 AEDT
Closed
This consultation is closed.