Policy Updates
October’s Advocacy Corner Update
The Federal government is continuing to ramp up its program of legislation aiming to control the perceived and real threats from the online world. We’ve written about our participation in the defamation workshops, but just recently it has become clear that the government would like to see defamation regulated the same way as it wants to regulate more obviously dangerous material, ie through the eSafety Commissioner and alongside the Online Safety Act.
There are some very real risks we see with this approach: it is not clear where the liability and responsibility for defamatory material will lie, nor even whether this can be efficiently or effectively implemented. It became increasingly clear throughout the workshops that while it was accepted that straight carriage service providers won’t be liable (as “mere conduits”) other services usually included in an internet access service such as DNS, email, and web hosting, where ISPs have no effective part in the publication of material, may well have liability. Rest assured, we are doing our darndest to reinforce the fact that making a domain name available via the DNS is not an act of defamation, but unfortunately there are no guarantees that legislators won’t do something really stupid. They seem to find it difficult to separate certain large social media platforms from “the Internet” and are increasingly keen to enforce takedowns further and further down the technology and infrastructure stack.
An amended Critical Infrastructure Bill through the House of Representatives last week. Introduced as part of the PJCIS’ report on the Critical Infrastructure Bill, this legislation will see the introduction of a new mandatory notification scheme for cyber incidents. It will also provide Home Affairs with the power to issue information gathering, intervention and action direction requests. Part II of the Bill, which will focus on risk management plans and the declaration of Systems of National Significance (SoNS), is expected to face further consultation with industry.
Communications Alliance released a new code C666:2021 Existing Customer Authentication, which provides an improved framework to authenticate the identity of customers making transactions involving their telecommunications service. So new rules there for people to apply when gaining or transferring customers.