Published on the 31/03/2015 | Written by Beverley Head
A flurry of legislative changes is altering many of the rules affecting Australia’s information technology suppliers and users…
One of the most significant recent changes to Australia’s legislative landscape was passed into law this month with the carriage of the Government’s data retention legislation supported by both major political parties. The Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2015 requires ISPs to maintain two years’ worth of metadata for all customers which can be accessed by the authorities. A review of the legislation is required after three years in operation.
The nitty gritty of exactly how this new regime will work, the privacy impact it might have on ordinary citizens and how much it might cost ISPs to comply are still being determined, but within days of that law being passed the Minister for Communications, Malcolm Turnbull was again on his feet arguing for more new laws – this time to clamp down on online piracy.
The Copyright Amendment (Online Infringement) Bill 2015 amends the Copyright Act 1968 and is intended to support rights holders particularly in restricting access to overseas-based unauthorised streaming sites.
The Bill proposes making (the already busy) local ISPs responsible for blocking access to those sites.
Turnbull said: “The bill will introduce a new provision that allows rights holders to apply to the Federal Court for an order directing a carriage service provider to disable access to infringing online locations located outside Australia,” adding that this was similar to the situation in the UK, Ireland and Singapore.
While these are the two big ticket legal changes on the table right now, there are further expectations that the Government will also shortly table revisions to the Employee Share Ownership Plan rules, and propose a new equity crowdfunding legal framework before the end of the financial year.
Finally there have been renewed calls for a reintroduction of amendments to the Privacy regime which would mandate data breach notifications. While a Bill was introduced to Parliament in 2013 it stalled before being re-introduced as a private member’s bill in 2014 – but little progress has been made.
In February however the parliamentary joint committee on intelligence and security threw its support behind mandatory data breach notification to be in place by the end of this year. Data breach notification has been recommended by a wide range of organisations including the Australian Information Industry Association, the Financial Services Inquiry and the Australian Privacy Commissioner.
The issue was further highlighted by the revelation last week that Optus had suffered three data breaches which it voluntarily reported to the Australian Privacy Commissioner in 2014. The Commissioner last week announced he had accepted an enforceable undertaking from Optus which will see the company strengthen privacy controls to prevent a recurrence.