Updated: Australian cyber-related legislation before parliament, plus current inquiries

With just three weeks of parliamentary sittings remaining in 2021, I thought I’d compile a list of legislation and inquiries that are making their way through the system which are relevant to my interests — and perhaps yours. I need to catch up on a few of these.

Update 25 October 2021: Items added since this post was first published on 10 October 2021 are marked NEW.

A red star indicates something that I plan to pay particular attention to.

Bills currently before parliament

I’ve presented these in alphabetical order, as per the list of Bills before Parliament. I’ve chosen bills that relate to communications and the internet, the intelligence services, freedom of information, and related topics.

I’ve linked to any reports from the key oversight committee for each bill, but you’ll have to click on the title to get the explanatory memoranda and any other reports, such as those from the Senate Standing Committee for the Scrutiny of Bills or the Parliamentary Joint Committee on Human Rights.

Australian Passports Amendment (Identity-matching Services) Bill 2019
Amends the Australian Passports Act 2005 to enable the minister to make Australian travel document data available for the purposes of, and by the automated means intrinsic to, the identity-matching services to which the Commonwealth, states and territories agreed in the Intergovernmental Agreement on Identity Matching Services, agreed by COAG on 5 October 2017.
Status: Parliamentary Joint Committee on Intelligence and Security (PJCIS) reported on 20 October 2019, no action since.

Data Availability and Transparency (Consequential Amendments) Bill 2020
Introduced with the Data Availability and Transparency Bill 2020 to implement a scheme to authorise and regulate access to Australian Government data, the bill makes consequential amendments to the Administrative Decisions (Judicial Review) Act 1977, Australian Security Intelligence Organisation Act 1979, Freedom of Information Act 1982 and Privacy Act 1988 in relation to the operation of the scheme.
Status: Senate Finance and Public Administration Legislation Committee reported on 29 April 2021, no action since.

Data Availability and Transparency Bill 2020
Introduced with the Data Availability and Transparency (Consequential Amendments) Bill 2020 to implement a scheme to authorise and regulate access to Australian Government data, the bill: authorises public sector data custodians to share data with accredited users in accordance with specific authorisations, purposes, principles and agreements; specifies the specific responsibilities imposed on data scheme entities; establishes and specifies the functions and powers of the National Data Commissioner as the regulator of the scheme; establishes and specifies the functions and membership of the National Data Advisory Council as an advisory body to the commissioner in relation to sharing and use of public sector data; and establishes the regulation and enforcement framework for the scheme.
Status: Senate Finance and Public Administration Legislation Committee reported on 29 April 2021, no action since.

Freedom of Information Legislation Amendment (Improving Access and Transparency) Bill 2018
Amends the: Archives Act 1983 to require the reporting of external legal expenses incurred by the National Archives of Australia; Australian Information Commissioner Act 2010 to: ensure that the Information Commissioner holds specified qualifications; and require the separate appointment of the Australian Information Commissioner, the Privacy Commissioner and the Freedom of Information (FOI) Commissioner; and Freedom of Information Act 1982 to: enable the transfer of Information Commissioner reviewable decisions to the Administrative Appeals Tribunal (AAT); require the consistent application of exemptions by decision makers in the context of a review by the Information Commissioner; prevent the Information Commissioner from making FOI decisions if he or she does not hold specified qualifications; prevent agencies from publishing FOI information until at least 10 days after the applicant has received his or her copy of the information; and require the reporting of external legal expenses for each Information Commission or AAT FOI matter that has concluded.
Status: Senate Legal and Constitutional Affairs Legislation Committee reported on 30 November 2018, no action since.

Identity-matching Services Bill 2019
Pursuant to the objectives of the Intergovernmental Agreement on Identity Matching Services (IGA), agreed by COAG on 5 October 2017, the bill provides for the exchange of identity information between the Commonwealth, state and territory governments by enabling the Department of Home Affairs to collect, use and disclose identification information in order to operate the technical systems that will facilitate the identity-matching services envisaged by the IGA.
Status: Parliamentary Joint Committee on Intelligence and Security reported on 24 October 2019, essentially recommending a complete rewrite. No action since.
Committee orders complete redrafting of Biometric Bills as privacy safeguards are deemed inadequate, 24 October 2019.

Independent National Security Legislation Monitor Amendment Bill 2021
Amends the Independent National Security Legislation Monitor Act 2010 to: enable the Independent National Security Legislation Monitor (INSLM) to report on own-motion inquiries in standalone reports; provide that the INSLM’s annual report may include information relating to the performance of the INSLM’s functions in relation to a referral from the Parliamentary Joint Committee on Intelligence and Security; specify reporting arrangements for statutory reviews conducted by the INSLM; provide a framework for the engagement of staff (including contractors) to assist the INSLM in the performance of its functions or exercise of its powers; and provide current and former staff of the INSLM with certain legal protections during the course of assisting the INSLM with performing functions or exercising powers of the INSLM.
Status: Currently before the Senate, with several proposed amendments on the table.

Intelligence and Security Legislation Amendment (Implementing Independent Intelligence Review) Bill 2020
Amends the: Inspector-General of Intelligence and Security Act 1986 and Intelligence Services Act 2001 to expand the oversight role of the Inspector-General of Intelligence and Security (IGIS) and the Parliamentary Joint Committee on Intelligence and Security (PJCIS) to the Australian Federal Police, Department of Immigration and Border Protection, Australian Criminal Intelligence Commission and the Office of National Intelligence (ONI); Independent National Security Legislation Monitor Act 2010 and Intelligence Services Act 2001 to enable the PJCIS to request briefings and reports from the Independent National Security Legislation Monitor; and Inspector-General of Intelligence and Security Act 1986 and Office of National Intelligence Act 2018 to require regular briefings to be given to the PJCIS by the IGIS and ONI.
Status: Senate Finance and Public Administration Legislation Committee reported on 9 December 2020, no further action since.

Intelligence Oversight and Other Legislation Amendment (Integrity Measures) Bill 2020
Amends: the Inspector-General of Intelligence and Security Act 1986 to: extend the Inspector-General of Intelligence and Security’s (IGIS) jurisdiction to the intelligence functions of the Australian Criminal Intelligence Commission and the Australian Transaction Reports and Analysis Centre (AUSTRAC); streamline the IGIS’s reporting procedures; make technical amendments to clarify the operation of the Act, modernise drafting expressions and remove redundant provisions; and make amendments contingent on the commencement of the Australian Security Intelligence Organisation Amendment Act 2020; the Intelligence Services Act 2001 to extend the Parliamentary Joint Committee on Intelligence and Security’s jurisdiction to the intelligence functions of AUSTRAC; 17 Acts to make consequential amendments; the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 and Inspector-General of Intelligence and Security Act 1986 to make amendments contingent on the commencement of the Anti-Money Laundering and Counter-Terrorism Financing and Other Legislation Amendment Act 2020; and nine Acts to make amendments contingent on the commencement of the Surveillance Legislation Amendment (Identify and Disrupt) Act 2020.
Status: Referred on 18 December 2020 to the Parliamentary Joint Committee on Intelligence and Security for review.

Intelligence Services Amendment (Enhanced Parliamentary Oversight of Intelligence Agencies) Bill 2018
Amends the Intelligence Services Act 2001 to expand the functions of the Parliamentary Joint Committee on Intelligence and Security to include reviewing the activities of Australia’s national security and intelligence agencies, subject to certain exclusions.
Status: Senate Finance and Public Administration Legislation Committee reported on 12 November 2018.

Interactive Gambling Amendment (Prohibition on Credit Card Use) Bill 2020
Amends the Interactive Gambling Act 2001 to: prevent interactive gambling service providers from accepting payments by credit card (either directly or indirectly); create a criminal offence and civil penalty provision for a person who accepts, facilitates or promotes credit card payments for interactive gambling services; and provide for the Australian Communications and Media Authority to enforce and review the new requirements.
Status: Senate Environment and Communications Legislation Committee reported on 8 October 2021.

Ministers of State (Checks for Security Purposes) Bill 2019
Requires the Prime Minister to direct the Director-General of Security to provide a report on matters relating to security arising from examination of the personal background and circumstances of all current and future ministers of state.
Status: Senate Finance and Public Administration Legislation Committee reported on 11 November 2019.

NEW Privacy (COVID Check-in Data) Bill 2021
This Bill will introduce a ban on using COVID-19 check-in data for enforcement related activity purposes by preventing Commonwealth, State or Territory authorities from using or providing COVID-19 check in data for law enforcement purposes.
Status: Before House of Representatives

Ransomware Payments Bill 2021
Establishes a mandatory requirement for Commonwealth, state or territory entities, corporations and partnerships to report to the Australian Cyber Security Centre ransomware payments paid in response to a ransomware attack.
Status: Currently before the House of Representatives, but going nowhere.
Labor Bill would force Aussie organisations to disclose when they pay ransoms, 21 June 2021.

Ransomware Payments Bill 2021 (No. 2)
Establishes a mandatory requirement for Commonwealth, state or territory entities, corporations and partnerships to report to the Australian Cyber Security Centre ransomware payments paid in response to a ransomware attack.
Status: Currently before the Senate.
Labor tries the Senate after ransomware payments Bill flops in the House of Reps, 12 August 2021.

Repatriation of Defence Data Bill 2021
Requires the Secretary of the Department of Defence to ensure that sensitive data held in high-risk offshore storage facilities are transferred to sovereign Australian storage facilities by 25 April 2022.
Status: Currently before the House of Representatives.

Security Legislation Amendment (Critical Infrastructure) Bill 2020
Amends the: Security of Critical Infrastructure Act 2018 to: enhance the existing framework for managing risks relating to critical infrastructure by introducing: additional positive security obligations for critical infrastructure assets, including a risk management program, to be delivered through sector-specific requirements and mandatory cyber incident reporting; enhanced cyber security obligations for assets of national significance; government assistance to relevant entities for critical infrastructure sector assets in response to significant cyber attacks; and make amendments contingent on the commencement of the Federal Circuit and Family Court of Australia Act 2020; Administrative Decisions (Judicial Review) Act 1977 to exclude certain decisions from judicial review; AusCheck Act 2007 to enable background checks should they be required as part of a critical infrastructure risk management program; National Emergency Declaration Act 2020 and Security of Critical Infrastructure Act 2018 to make amendments contingent on the commencement of the National Emergency Declaration Act 2020; and Criminal Code Act 1995 to provide for an immunity to apply in relation to the Australian Signals Directorate for conduct occurring outside of Australia.
Status: Parliamentary Joint Committee on Intelligence and Security reported on 29 September 2021.

NEW Social Media (Basic Expectations and Defamation) Bill 2021
The intent of the Bill is to enable the Minister to set basic expectations of a social media service provider regarding the hosting of defamatory material on social media platforms, and secondly to ensure that service providers are liable for defamatory material hosted on their platforms that is not removed in a reasonable timeframe.
Status: Before the House of Representatives.

NEW Spam Amendment (Unsolicited Political Communications) Bill 2021
The purpose of the Bill is to provide consumers with more control over the receiving of unsolicited electronic and telephone communication from political parties by addressing exemptions to laws that otherwise prohibit or limit spam communication.
Status: Before the Senate.

Telecommunications Amendment (Repairing Assistance and Access) Bill 2019
Amends the Telecommunications Act 1997 to: clarify actions that designated communications providers must not be requested or required to do in technical assistance requests, technical assistance notices or technical capability notices; require the Australian Federal Police Commissioner not to approve technical assistance notices issued by the chief officer of state or territory interception agencies unless satisfied that the requirements of the notice are reasonable and proportionate, and compliance with the notice is practicable and technically feasible; remove the ability of the minister to edit and delete information in relevant reports prepared by the Commonwealth Ombudsman; and insert a judicial authorisation requirement in the approval or varying of technical assistance requests, technical assistance notices or technical capability notices.
Status: Currently before the Senate. Second reading debate was adjourned on 10 February 2020.
Home Affairs pushes back against encryption law proposals, 21 February 2020.

Telecommunications Legislation Amendment (Unsolicited Communications) Bill 2019
Amends the: Commonwealth Electoral Act 1918 to require that voice calls communicating an electoral matter to a person must identify the use of any actors at the beginning of the call; Do Not Call Register Act 2006 to enable consumers who register on the Do Not Call Register to opt out of receiving phone calls from charities; Spam Act 2003 to require political parties to provide an unsubscribe function for all unsolicited electronic communications containing political content; and Telecommunications Act 1997 to make consequential amendments.
Status: Senate Environment and Communications Legislation Committee reported on 17 April 2020. Currently before the Senate. Second reading debate was adjourned on 25 November 2019.

Current Parliamentary Inquiries

I’ve also chosen a few of the other parliamentary inquiries currently under way. I’ll just list these by title.

Media diversity in Australia
Senate Environment and Communications References Committee

The current capability of the Australian Public Service (APS)
Senate Finance and Public Administration References Committee
This will be looking at the APS’ digital and data capability, including co-ordination, infrastructure and workforce, among other things.

Australia as a Technology and Financial Centre
Senate Select Committee on Australia as a Technology and Financial Centre
Due to report by 30 October 2021.

Foreign Interference through Social Media
Senate Select Committee on Foreign Interference through Social Media
Submissions close 31 October 2021.

Inquiry into the business case for the NBN and the experiences of small businesses
Joint Standing Committee on the National Broadband Network
The committee published a progress report on 31 March 2021 and is due to report by 30 June 2021, but hasn’t.

Mobile payment and digital wallet financial services
Joint Committee on Corporations and Financial Services

Inquiry into national security risks affecting the Australian higher education and research sector
Parliamentary Joint Committee on Intelligence and Security

Review of Part 14 of the Telecommunications Act 1997 – Telecommunications Sector Security Reforms
Parliamentary Joint Committee on Intelligence and Security
Australian telco sector looking down the barrel of a prescribed security standard, 21 May 2021)

Review of the amendments made by the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018
Parliamentary Joint Committee on Intelligence and Security

Criminal Code Amendment (Sharing of Abhorrent Violent Material) Act 2019
Joint Committee on Law Enforcement
Submissions close 15 October 2021.

Departmental inquiries

NEW Digital Identity legislation phase 3 consultation
Digital Transformation Agency
On 1 October 2021, the Hon. Stuart Robert MP, Minister for Employment, Workforce, Skills, Small and Family Business released the exposure draft of the Trusted Digital Identity Bill and related legislative instruments for public consultation.
Status: Submissions close 27 October 2021.

Draft Online Safety (Basic Online Safety Expectations) Determination 2021 consultation
Department of Infrastructure, Transport, Regional Development and Communications
The Online Safety Act 2021 was passed by Parliament on 23 June 2021 and comes into effect on 23 January 2022. We are now seeking feedback on an exposure draft of the Online Safety (Basic Online Safety Expectations) Determination 2021 that will set out the expectations the Government has for social media services, relevant electronic services and designated internet services.
Status: Submissions close 12 Nov 2021.
Why Australia’s Online Safety Act is an abdication of responsibility, 12 August 2021.

NEW Online Privacy Bill Exposure Draft
Attorney-General’s Department
The Privacy Legislation Amendment (Enhancing Online Privacy and Other Measures) Bill 2021 (the Online Privacy Bill) will give effect to the Australian Government’s commitment to strengthen the Privacy Act 1988. It enables the introduction of a binding online privacy code for social media and certain other online platforms, and increases penalties and enforcement measures.
Status: Submissions close 6 December 2021.
Australian Online Privacy Bill to make social media age verification mandatory for tech giants, Reddit, Zoom, gaming platforms, 25 October 2021.

NEW Privacy Act Review — Discussion Paper
Attorney-General’s Department
As part of our review of the Privacy Act 1988, this discussion paper considers feedback on the Issues Paper and seeks further feedback on potential changes to the Act.
Status: Submissions close 10 January 2022.

NEW Restricted Access System
eSafety Commissioner
Have your say on the Draft Restricted Access Systems Declaration 2021, which aims to limit the exposure of children and young people under 18 to pornography and other age-inappropriate online content.
Status: Submissions close 23 November 2021.

Bonus links

Finally, here’s a few overview pieces I’ve written which will help bring you up to speed on this stuff.

[Photo: Parliament House, Canberra, photographed by Stilgherrian on 13 April 2018. Available for re-use under a Creative Commons Attribution license (CC-BY).]