As we emerge from the tumultuous disruption of the COVID-19 pandemic, governments around the world have formed a clearer picture of the level of reliance on, and in turn the vulnerabilities of, digital infrastructure in key industry sectors.
Similarly, as the involvement of social media and other online platforms and emerging technologies in the lives of consumers continues to deepen, they are facing increasing regulation from a privacy and human rights perspective. Over the course of this year, the Australian Government has introduced a number of significant regulatory changes in these areas which warrant careful attention and which we explore in this edition.
Cyber security resilience is a major focus in several areas of new and emerging regulation in Australia. Amendments to the Security of Critical Infrastructure Act 2018 (Cth) now see it now apply to 11 broadly framed industry sectors, and impose new reporting obligations and extensive government powers in the event of a cyber security incident (these powers going beyond those that other members of the ‘Five Eyes’ alliance have implemented).
Recognising the prevalence of ransomware attacks, under the Ransomware Payments Bill 2021 (Cth) the Government has also proposed a mandatory reporting obligation where an entity makes a ransomware payment. As we discuss in this edition, navigating the cyber security risks faced by organisations and the increasingly far-reaching regulatory landscape is a significant issue that must clearly be addressed at the boardroom level. 2022-2023 will be a significant year for major changes to privacy regulation in Australia. These changes are still subject to consultation but will likely include a number of elements from the GDPR and the CCPA as well as significantly increased penalties for contravention.
On the other hand, the opportunities in the Australian market are significant for technology companies that can effectively navigate these emerging regulatory regimes, including in the areas of digital identity, artificial intelligence, financial technologies and other technologies identified by the Australian Government as ‘critical technologies’ in its Action Plan for Critical Technologies.
Access a copy of TMT: The Australian Landscape, here, or click the ‘DOWNLOAD PDF’ button.
This publication is introductory in nature. Its content is current at the date of publication. It does not constitute legal advice and should not be relied upon as such. You should always obtain legal advice based on your specific circumstances before taking any action relating to matters covered by this publication. Some information may have been obtained from external sources, and we cannot guarantee the accuracy or currency of any such information.