Note: Where available, the PDF/Word icon below is provided to view the complete and fully formatted document
 Download Current HansardDownload Current Hansard    View Or Save XMLView/Save XML

Previous Fragment    Next Fragment
Wednesday, 28 March 2018
Page: 3152


Mr HAWKE (MitchellAssistant Minister for Home Affairs) (17:44): I present the explanatory memorandum to this bill and move:

That this bill be now read a second time.

Critical infrastructure is integral to the prosperity of the nation.

Secure and resilient infrastructure underpins the effective functioning of Australian society—ensuring we have continuous access to essential services for everyday life, such as food, water, energy and communications.

Foreign involvement in Australia's critical infrastructure plays an important and beneficial role in supporting economic growth. It can also improve productivity by enabling the development of much-needed infrastructure, introducing new technology, allowing access to global supply chains and markets, and enhancing Australia's skills base.

However, while recognising its many benefits, increasing foreign involvement in our national critical infrastructure means that Australia's critical infrastructure is more exposed than ever to sabotage, espionage and coercion.

In January last year the government established the Critical Infrastructure Centre. The centre, housed in the Department of Home Affairs, is a central point for government and industry to better understand and mitigate national security risks to Australia's critical infrastructure.

The centre was established to develop a deeper understanding of the national security risks across our high-risk critical infrastructure sectors, and to develop and implement mitigation strategies. The centre works collaboratively with industry and states and territories to ensure national security risks are being managed in a way that does not inhibit the ability of business to operate in a global economy.

To enhance the centre's ability to manage national security risks, the government introduced the Security of Critical Infrastructure Bill 2017 and the corresponding Security of Critical Infrastructure (Consequential and Transitional Provisions) Bill 2017 into the Senate in December last year. This bill will ensure that the government has the necessary powers to protect Australia from national security threats of sabotage, espionage and coercion stemming from malicious foreign involvement in our critical infrastructure.

The Security of Critical Infrastructure Bill will apply to a specified set of critical infrastructure assets in the high risk electricity, water, gas and ports sectors—approximately 106 assets in total. These reforms build upon and complement measures the government has already taken to manage these same risks to the telecommunications sector, by passing through the parliament the telecommunications sector security reforms in September last year.

Overview of key measures

The bill will establish a register of critical infrastructure assets, which will enhance the capability of the centre to understand who owns, controls and has access to Australia's critical infrastructure. This register will support more proactive management of the risks faced by assets in our high-risk sectors.

The bill will require owners and operators of specified critical infrastructure assets to provide specific, high-level information concerning the ownership and operation of the asset. This will include information on ultimate beneficial owners. This information is essential to informing a deeper understanding of who has access to, control of, or the ability to influence, the critical infrastructure on we which we all rely.

Ministerial directions power

The bill also contains a ministerial discretions power. This will enable the Minister for Home Affairs to ensure and issue a direction to an owner or operator of a critical infrastructure asset to mitigate national security risks that cannot be managed through cooperation or existing regulatory mechanisms. It is modelled on a similar power in the telecommunications sector security reforms.

This 'last resort' directions power could be used to direct asset owners and operators to undertake or refrain from certain actions. Importantly, this power is limited to instances where:

there is a risk identified which is prejudicial to security

through collaboration, the owner and operator does not or cannot implement mitigations to address the risk, and

there are no existing regulatory frameworks that can be used to enforce mitigations.

Safeguards

The bill includes a range of important safeguards. Before a direction is able to be issued, the minister will be required to be satisfied of certain matters, to consult with stakeholders, and to give consideration to a number of factors, including:

giving primary consideration to a mandatory ASIO adverse security assessment

being satisfied that the government has negotiated in good faith

consulting directly with, and considering any representations made by, the relevant first minister and state or territory minister and the entity to which the direction applies

considering the cost to the entity and consequences to services in implementing the mitigation, and ensuring the direction is a proportionate response to the risk.

The minister's directions power is also subject to judicial review, while the ASIO adverse security assessment will be subject to merits review.

Following introduction, the bills were referred to the Parliamentary Joint Committee on Intelligence and Security for inquiry. The committee released its report into the bills on 15 March this year, and the government thanks the committee for its comprehensive and timely work on the bills, particularly the hard work of the committee chair, Andrew Hastie. The government was pleased to accept all of the committee's recommendations. Accordingly, the bills currently before the House incorporate the necessary amendments to give effect to the committee's recommendations, including, in short, an amended and clarified definition of 'direct interest holder'; an exemption from the bills' obligations for money lenders where they are not in a position to influence or control the asset; a requirement that the affected party receives written notice if they are the subject of an ASIO adverse security assessment; and a requirement that the committee review the bill within three years of it receiving royal assent.

Conclusion

The Security of Critical Infrastructure Bill aligns with the government's clear intention to continue to cooperate and collaborate with all levels of government, regulators, owners and operators of critical infrastructure, including under the government's Critical Infrastructure Resilience Strategy. It strikes an appropriate regulatory balance by acknowledging the shared responsibility for managing national security risks, while empowering the Commonwealth to intervene to mitigate a risk where existing regimes cannot be used.

While maintaining competitiveness in a rapidly changing global market is essential, with this bill the government is taking the steps necessary to strengthen the security and resilience of Australia's critical infrastructure.

Leave granted for second reading debate to continue immediately.