Critical Infrastructure Bill Introduced into Federal Parliament

Friday 15 December 2017 @ 10.09 a.m. | Corporate & Regulatory | Legal Research

After public submission and discussion on the draft Bill and its supporting documents, the Security of Critical Infrastructure Bill 2017 (Cth) (the Bill) has now been introduced into the Senate on 7 December 2017, by Senator the Hon Mathias Cormann, where it is currently awaiting further discussion and comment.

Background

The Bill’s Explanatory Memorandum (the EM) indicates that the Bill:

“…is designed to strengthen the Government’s capacity to manage the national security risks of espionage, sabotage and coercion arising from foreign involvement in Australia’s critical infrastructure … ”

And further at [paras 30, 31] of the EM:

“This Bill will impose reporting requirements on two sets of entities: direct interest holders and responsible entities.
“Direct interest holders of a critical infrastructure asset will be required to provide interest and control information in respect of the asset. Responsible entities for a critical infrastructure asset (effectively the main licensed body) will be required to provide operational information, such as system access abilities and limited operator and outsourcing arrangements.”

The Bill aims to implement a critical infrastructure assets register and a ministerial last resort power. The proposed Register of Critical Infrastructure Assets intends to build a clearer picture of critical infrastructure ownership and control in high-risk sectors, and support more pro-active management of the risks which these assets may encounter.

What does the Bill regulate?

The Bill is proposed to regulate approximately 100 assets in the highest-risk sectors of ports, electricity and water. If any of these assets were disrupted, they would have a significant impact on Australia’s economic interests and services.

The Critical Infrastructure Centre

The Bill aims to enhance the work being doing by the Critical Infrastructure Centre, which was established by the Federal Government in January 2017.

The Critical Infrastructure Centre’s Fact Sheet reports that the aim of the Centre is to:

“… bring together expertise and capability from across the Australian Government to manage the complex and evolving national security risks from foreign involvement in Australia’s critical infrastructure. The Centre is focused on assessing the risks of sabotage, espionage and coercion in the four priority sectors of telecommunications, electricity, water and ports.”

Commonwealth, State and Territory governments defined critical infrastructure as:

“… those physical facilities, supply chains, information technologies and communication networks which, if destroyed, degraded or rendered unavailable for an extended period, would significantly impact the social or economic wellbeing of the nation or affect Australia’s ability to conduct national defence and ensure national security.”

The initial focus will be on national security risks to five high-risk sectors:

  • electricity;
  • gas;
  • water;
  • ports; and
  • telecommunications.

Last Resort Ministerial Directions Powers

These powers give the relevant Minister the authority to direct specific risk mitigation actions, where security risks are present and all other risk management avenues to mitigate a risk have been exhausted.

At para 35 of the Bill’s EM, the Minister’s powers are outlined:

“The Ministerial directions power will only be able to be used in situations where:
  • there is a risks that is prejudicial to security
  • through collaboration, the reporting entity or operator does not implement mitigations to address the risk, and
  • there are no existing regulatory frameworks that can be used to enforce mitigations.”

TimeBase is an independent, privately owned Australian legal publisher specialising in the online delivery of accurate, comprehensive and innovative legislation research tools including LawOne and unique Point-in-Time Products. Nothing on this website should be construed as legal advice and does not substitute for the advice of competent legal counsel.

Sources:

Security of Critical Infrastructure Bill 2017 (Cth) - Bill, draft consultation documents and supporting documentation available from TimeBase's LawOne Service 

Fact Sheet: What is the Critical Infrastructure Centre? (Attorney-General's Department)

Related Articles: