Member Portal
Categories

Welcome, Mark!

This month, we welcomed Mark Evans, IAA’s newest Developer. Previously working as a freelance developer for several years before joining IAA, his experience has been split between general business web apps and decentralised blockchain apps in the financial space. Prior to his career in coding, he worked in engineering design and management for over ten years.

Mark began coding as a hobby, where he learned to automate his work processes, as well as tools that analyse and trade financial markets automatically.

When he’s not busy working, Mark enjoys travelling and snowboarding and is licenced to fly light aircraft (and jump out of them!). It’s great to have you on board, Mark.

T’was the night before the portal launch

T’was the night before launch, when all through the stage,
Not one bug was stirring, lest it set off Nick’s rage.
The pages were ready, the code was well set,
With hopes for success; we’d no time to fret.

On the morning of launch with members deep in their slumber,
Nick, Tanzia and Emily were awake in their wonder.
How would it go, did we have this in the bag?
The time had arrived and Github hit a snag!

Nick sprang into action and bravely proceeded,
A wee bit of time was all Github needed.
In merely ten minutes, cut over complete,
IAA’s new Member Portal was live – now isn’t that neat?!

Members logged in not a moment too soon,
Positive feedback flooded in; we were over the moon.
Narelle logged in (and paid a bill),
Sabrina checked events – they were in there still!

As the excitement continued, the team was relieved,
After months of hard work, PHEW, no one was peeved!
The team will continue to work hard in this space,
Phase two will come on us – there’s no time to waste.

Emily Gallarde

September’s Advocacy Corner Update

IAA’s policy team have had another busy month, meeting with regulatory bodies and NBN Co mostly to reinforce IAA’s position within Australia’s Internet industry landscape. We’ve also engaged in consultations that are of relevance to our members, and prepared an educational guide to assist members in complying with new critical infrastructure obligations.

Recent submissions:

Discussion Paper – NBN Co Revised SAU Variation Proposal | NBN Co
The IAA policy team continued its involvement in the revised Special Access Undertaking after the NBN Co’s withdrawal of its previous proposal in late July. In this process, we participated in the industry forum, as well as met with the ACCC and NBN Co to express our concerns and seek greater clarity on the proposed SAU. In our response, we noted that although the Discussion Paper suggested the SAU was stepping in the right direction, lack of transparency seems to be a key issue. In particular, as NBN Co indicates that trade-offs will be necessary between service standards, and price to RSPs, we emphasised that NBN Co must be transparent in these decisions and seek industry collaboration to better inform their decisions. We will continue to be involved in this process as NBN Co seeks to lodge its revised SAU to ACCC by the end of the year.

Stage 2 Review of the Model Defamation Provisions – Part A | COAG
We also continued to be involved in the review of the model defamation provisions, with Stage 2 reflecting perspectives and suggestions made by IAA during the Stage 1 consultations held last year. IAA continued to argue for a statutory exemption to apply to ISPs, recognising that telcos are not involved in the content layer of the Internet and therefore should have assurance that they will not be liable for defamatory material published online. We’ve also argued that DNS registries, registrars and DNS cache operators should not be liable for the domain names people (registrants) register. 

Open submissions:

Exposure Draft—Telecommunications Legislation Amendment (Statutory Infrastructure Providers and Other Measures) Bill 2022 | DITRDCA | 30 September 2022
The Department of Communications is seeking feedback on proposed amendments to the Statutory Infrastructure Provider regime. The Bill indicates changes to various telecommunications laws to enhance the operation of the SIP regime. Overall, IAA approves of the principles and objectives guiding the amendments and will seek greater clarity on areas that require further explanation.

Industry Codes of Practice for the Online Industry (Class 1A and Class 1B Material) | 2 October 2022
Industry representatives have collaborated to draft the Industry Codes relating to Online Safety for the different sections of the Internet sector. This approach recognises the unique functions and roles of the various sections and thus the different responsibilities that should apply. IAA will predominately respond to Schedule 7 for Internet Carriage Services and make recommendations that will better ensure an appropriate balance between protecting end-user safety online, cost and limiting unnecessary burdens for ISPs.

5 Year Productivity Inquiry: Australia’s Data and Digital Dividend | Productivity Commission | 7 October 2022
The second interim report for the Productivity Inquiry has been released, focusing on data and the digital economy in Australia. The Commission has made various recommendations, including changes to government funding allocations for telecommunications services such as those within the Universal Service Obligation and Mobile Black Spot funding.

From the CEO’s Desk

Well, that was an action-packed month, wasn’t it! We started by catching up with pals at AusNOG, went on to launch our shiny new portal, and ended with a very real reminder about the importance of strong data security and privacy. The ongoing car crash that is the Optus data breach just keeps me glued to the coverage.

We may never find out the exact truth of what happened at Optus, but sadly it is entirely too credible that somebody, somewhere, allowed an unauthenticated API access to a very sweet honeypot from an unsecured network. I think we can all imagine the slippery slope of decision making that happened to enable this. It would have started with someone needing to build extensions on the database that holds the customer information, then someone needing to access it via an API, and then someone needing remote access to the API to change the colour scheme on something that used it, and hang it, this is just easier if I do this without credentials cos debugging is hard. Or some such. Which someone, somewhere, had authority (but not all the information) to allow… Err yeah. No. It really shouldn’t happen.

At the core of this is the question of why years old customer data still existed in this database, and why such important identifying information is even held at all. While people keep telling me the requirement sits in the credit management regulation and data retention legislation, it really does not seem justified, and nor does it seem reasonable that actual records such as passport, driver’s licence and medicare numbers are retained. The stern reminder for us as operators is that we need to examine the data we keep, why we keep it, and ensure our systems and processes for retaining it, managing it and removing it are sound: both at the technology and human levels. It also reminds us we need to have our data breach notification plans ready, and appropriate to the storm of excrement that will come down if it gets out. What should and would we do to make good to our customers if data were to leak?

On top of this sits how the government will react to the relatively low fines that sit within the Australian privacy legislation, especially when compared with the European GDPR. It has already flagged changes to the various cybersecurity obligations. It is certainly an area we will watch with some concern, both for over-regulation and to provide assistance to members in compliance when it inevitably appears (see our new paper on the Asset Register compliance, for an example).

As consumers, we also must push back on handing this data over in the first place, and sadly a lot of us will have to go through the hideous process of dealing with our own data that has, or simply may have, leaked in this breach. For some people, the ramifications of their home address leaking can be utterly serious indeed.

On that note, I will assure you all that we have looked very carefully at the data model we hold for our own portal, and the security model in place. I have also commissioned a separate security review to ensure best practice. We don’t retain any credit card information, and we certainly don’t want your medicare number.

In the coming month, we will have the WA-IX anniversary and our AGM, with some fantastic speakers and representatives coming from our early WAIA membership. The IAA team have also been working solidly towards producing this year’s annual report, and I am glad to see interest already in the event and in the board election. I hope to see you there.

All the best

Narelle Clark

2022 End of Year Member Event – Sydney

It was great to get together with members and celebrate 2022 at The Sporting Globe x 4 Pines, one of Sydney’s best sports bars. The evening was full of socialising over good food and drinks.

Date: Thursday, 1 December 2022
Time: 7:00pm AEDT – late
Location: The Sporting Globe x 4 Pines | King Street Wharf, 22 The Promenade, Sydney NSW 2000

2022 End of Year Member Event – Adelaide

It was great to celebrate 2022 with some of our Adelaide members. We were lucky enough to enjoy an evening of good food, drinks and socialising at The Gallery’s boutique rooftop patio!

Date: Wednesday, 7 December 2022
Time: 5:30pm – 8:30pm ACDT
Location: The Gallery | 30 Waymouth St, Adelaide SA 5000

2022 End of Year Member Event – Melbourne

How great was it to celebrate 2022 on an outdoor terrace with the Yarra River and Arts Centre as a backdrop at Melbourne’s Transport Hotel. It was good to catch up with members over good food and drinks!

Date: Thursday, 8 December 2022
Time: 5:30pm – 8:30pm AEDT
NEW Location: Transport Hotel, River Terrace | Federation Square, Corner of Flinders St & Swanston St, Melbourne, VIC, 3000

2022 End of Year Member Event – Perth

What a fantastic way to celebrate 2022 with our Perth-based members. Cruising the beautiful Swan River aboard the MV River Bells.

Date: Tuesday, 29 November 2022
Time: 5:45pm AWST – boarding commences, 6:00pm – 9:00pm AWST – Cruise
Location: MV River Bells | Depart from and return to Barrack Street Jetty, Elizabeth Quay, Barrack Street and Riverside Drive, Perth, WA, 6000

2022 End of Year Member Event – Brisbane

What a great way to celebrate 2022 with an evening of good food, drinks and socialising with members on the alfresco of the Pig ‘N’ Whistle Riverside. 

Date: Wednesday, 14 December 2022
Time: 5:30pm – 8:30pm AEST
Location: Pig ‘N’ Whistle Riverside | Riverside Centre, 123 Eagle Street, Brisbane, QLD 4001

Copyright © 2025 Internet Association of Australia Ltd | Privacy PolicyTerms and Conditions

Sign up to IAA's mailing list

Complete this form to receive all our latest news, events and updates.