The Federal Government has recently passed amendments to the Telecommunications (Interception and Access) Act 1979 (Cth) (Act), bringing computer network protection laws into line with common practices.
One of the key aims of the amendments is to better enable organisations such as government agencies and internet service providers to protect information and computer infrastructure from malicious criminal attacks, with less risk of engaging in activity that could otherwise be illegal.
Under the former provisions of the Act, common network protection practices such as quarantining, analysing or filtering copies of incoming communications were technically unlawful.
Accordingly, the amendments to the Act provide that such copying and analysing activities will likely be lawful, provided those practices are reasonably necessary for the operation, maintenance or protection of the network.
The key features of the amendments include:
- extending interception and access laws to the private sector;
- enabling all owners and operators of computer networks to undertake certain operational, maintenance and protective activities;
- enabling public organisations to audit the use of their networks by employees and contractors;
- limiting use of information obtained through protective activities; and
- requiring the destruction of disused information obtained through protective activities.