Draft Rules Register of Critical Infrastructure & Mandatory Reporting Scheme | 1 February 2022
Following the amendment of the Security of Critical Infrastructure Act 2018 (SOCI Act) in December 2021, the Minister is proposing to apply additional security obligations, including requiring certain new assets to provide operational and ownership information to the Register of Critical Infrastructure Assets, and the introduction of mandatory cyber incident reporting. The telecommunications sector will not be deemed subject to these obligations, as opposed to the initial recommendations and proposals. However, the Rules will apply to asset classes including broadcasting, domain name, and data storage or processing.
Exposure Draft Security Legislation Amendment (Critical Infrastructure Protection) Bill | 1 February 2022
The Exposure Draft proposes further amendments to the SOCI Act. This Bill is part two of the Security Legislation Amendment (Critical Infrastructure) Act enacted in December 2021. It will introduce a Risk Management Program and enhanced security obligations. IAA will respond regarding concerns about the expanded powers that would give the Minister the ability to privately declare an asset as of national interest which would increase the requirements and burdens on deemed businesses.
Electronic Surveillance Framework Discussion Paper | 11 February 2022
The Department of Home Affairs is embarking on an overhaul of Australia’s electronic surveillance framework. This review would repeal the various legislation which currently contains powers to create a comprehensive framework. Whilst IAA supports the harmonization of regulations to replace the current complex and inconsistent regime; there are concerns that the new framework will be overreaching and excessive.