Australia Has New Powers To Direct and Regulate Critical Infrastructure (Free Preview)

Australia Has New Powers To Direct and Regulate Critical Infrastructure (Free Preview)
Photo from Pixabay by Seoulinspired

This is the free version of the post on Australia's newly enacted legislation that would give Canberra more power to compel critical cyber infrastructure to maintain security and even allow the government to step in and direct an entity's actions during a cyber attack.

Subscribe today for all the paywalled material posted on The Wavelength. Subscriptions are available for $250 a month and less for an annual subscription. I think you'll find the value to cost ratio is high with The Wavelength.

You can find previously posted content on technology policy, politics, and law on Substack and my blog.

Australia’s Parliament passed the second bill in its legislative package that will revamp how Canberra works with its private sector critical cybersecurity infrastructure and gives the government powers beyond what most other liberal democracies have. The government is still implementing the first bill, which was enacted in late 2021, and it will take even more time for the new bill to be completely effectuated. Again, Australia has proven to be a leader in cybersecurity and technology policy, and passage of this legislation may usher in an era of governments abandoning the prevailing public-private partnership that has largely left matters to the private sector. As such, implementation of this bill will be watched in other nations, possibly to gauge whether similar regimes should be implemented.

As mentioned, the Parliament has passed the “Security Legislation Amendment (Critical Infrastructure Protection) Bill 2022” (SLACIP) after amending the package, and shortly thereafter, the Governor General granted the Royal Assent (see here for more on the bill as introduced.) In the explanatory memorandum, the government summarized what new requirements will be imposed on some critical infrastructure assets:

Additionally, the government intends to work collaboratively with those entities that are deemed to be part of the critical asset classes:

Subscribe to read the rest here.

Other Developments

Photo on Pixabay by TheDigitalArtist

The Court of Justice of the European Union (CJEU) issued a decision that “confirms that European Union (EU) law precludes the general and indiscriminate retention of traffic and location data relating to electronic communications for the purposes of combating serious crime” per its press release.

The United States (U.S.) Senate confirmed Alan Estevez to be the Under Secretary of Commerce for Industry and Security, the official that heads the entity charged with export control, the Bureau of Industry and Security.

Two committees of the European Parliament voted to bolster the “know your customer” requirements for crypto-assets in the European Commission’s proposed anti-money laundering legislation.

Further Reading

Photo on Pixabay by TheDigitalArtist

Trump’s Truth Social in trouble as financial, technical woes mount” By Drew Harwell and Josh Dawsey — Washington Post

Debate erupts at news the White House may scale back DOD cyber-ops authorities” By Suzanne Smalley — cyberscoop

China tells big tech to reveal some customers' income” By Laura Dobberstein — The Register

FBI Warns of Phishing Attacks Targeting US Election Officials” By Ionut Arghire — Security Week

The U.S. imposes sanctions on Russian technology companies and evasion networks.” By Alan Rappeport — New York Times

Coming Events

Photo on Pixabay by Sweetaholic

§  20 April

o The United Kingdom’s House of Commons Science and Technology Committee will hold a formal meeting (oral evidence session)as part of its inquiry on “The right to privacy: digital data.”

§  21 April

o The United States (U.S.) Federal Communications Commission (FCC) will hold an open meeting with this tentative agenda:

§  Improving Receiver Performance. The Commission will consider a Notice of Inquiry to promote more efficient use of spectrum through improved receiver interference immunity performance, thereby facilitating the introduction of new and innovative services. (ET Docket No. 22-137)

§  Wireless Emergency Alerts. The Commission will consider a Further Notice of Proposed Rulemaking seeking comment on proposals to strengthen the effectiveness of Wireless Emergency Alerts, including through public reporting on the reliability, speed, and accuracy of these alerts. (PS Docket Nos. 15-91, 15-94)

§  Restricted Adjudicatory Matter. The Commission will consider a restricted adjudicatory matter.

§  Restricted Adjudicatory Matter. The Commission will consider a restricted adjudicatory matter.

§  Enforcement Bureau. The Commission will consider an enforcement action.

§  27 April

o   The United States (U.S.) Federal Trade Commission (FTC) and U.S. Department of Justice will hold a listening forum on firsthand effects of mergers and acquisitions: media and entertainment.