8642

2016-2017-2018-2019

 

The Parliament of the

Commonwealth of Australia

 

THE SENATE

 

 

 

 

 

Telecommunications and Other Legislation Amendment (Miscellaneous Amendments) Bill 2019

 

 

(Amendment to be moved by Senator McAllister, on behalf of the Opposition, in committee of the whole)

(1)     Page 9 (after line 8), at the end of the Bill, add:

Schedule 3 — Systemic weakness or systemic vulnerability

   

Telecommunications Act 1997

1  Section 317B (definition of electronic protection )

Repeal the definition.

2  Section 317B (definition of systemic vulnerability )

Repeal the definition.

3  Section 317B (definition of systemic weakness )

Repeal the definition.

4  Section 317B (definition of target technology )

Repeal the definition.

5  Section 317ZG

Repeal the section, substitute:

317ZG   Designated communications provider must not be requested or required to implement or build a systemic weakness or systemic vulnerability etc.

             (1)  A technical assistance request, technical assistance notice or technical capability notice must not have the effect of:

                     (a)  requesting or requiring a designated communications provider to implement or build a systemic weakness, or a systemic vulnerability; or

                     (b)  preventing a designated communications provider from rectifying a systemic weakness, or a systemic vulnerability.

             (2)  The reference in paragraph (1)(a) to implement or build a systemic weakness, or a systemic vulnerability, includes a reference to implement or build a new decryption capability.

             (3)  The reference in paragraph (1)(a) to implement or build a systemic weakness, or a systemic vulnerability, includes a reference to one or more actions that would render systemic methods of authentication or encryption less effective.

             (4)  The reference in paragraph (1)(a) to implement or build a systemic weakness, or a systemic vulnerability, includes a reference to any act or thing that would or may create a material risk that otherwise secure information would or may in the future be collected, accessed, used, manipulated, disclosed or otherwise compromised by an unauthorised third party.

             (5)  The reference in subsection (4) to otherwise secure information includes a reference to the information of, about or relating to any person who is not the subject, or is not communicating directly with the subject, of an investigation to which the relevant technical assistance request, technical assistance notice or technical capability notice relates.

             (6)  The reference in subsection (4) to an unauthorised third party includes a reference to any person other than:

                     (a)  the person who is the subject of, or who is a person communicating directly with the subject of, an investigation to which the relevant technical assistance request, technical assistance notice or technical capability notice relates; or

                     (b)  the person that issued, or asked the Attorney-General to issue, the relevant technical assistance request, technical assistance notice or technical capability notice.

             (7)  Subsections (2), (3) and (4) are enacted for the avoidance of doubt.

             (8)  A technical assistance request, technical assistance notice or technical capability notice has no effect to the extent (if any) to which it would have an effect covered by paragraph (1)(a) or (b).

6  Application provision

Section 317ZG of the Telecommunications Act 1997 , as amended by this Schedule, applies in relation to a technical assistance request, technical assistance notice or technical capability notice given on or after the commencement of this Schedule.