Australia steps closer to cross-border data transfers with US

A parliamentary committee has recommended 24 changes to a bill before Australia can share data with foreign countries

Australia’s Parliamentary Joint Committee on Intelligence and Security (PJCIS) has recommended passing a bill that would allow the country to share communications data with other countries, but only after its 24 report recommendations are enacted first.

If the bill passes, it would allow Australia to obtain an agreement with the US under its Clarifying Lawful Overseas Use of Data Act (CLOUD).

The Telecommunications Legislation Amendment (International Production Orders) Bill 2020, introduced on 5 March, seeks to address Australia’s evolving technological landscape where data previously held in the country is now stored overseas.

Its Explanatory Memorandum states that Australian law enforcement and national security agencies need access to electronic and communications data from foreign communications providers for criminal investigations. Currently, the country has relied on mutual legal assistance from overseas jurisdictions, which it calls a “lengthy process”.

For requests received from foreign governments with a designated international agreement, the bill would remove the blocking provisions that prevent domestic communication providers and tech companies from cooperating with a request from a foreign government, when the request complies with the conditions of the designated international agreement.

However, the committee has outlined 24 recommendations which it thinks should be implemented before the IPO Bill can go ahead.

Related Resource

The total economic impact™ of Mimecast

Cost savings and business benefits enabled by using Mimecast with Microsoft 365

Total economic impact of Mimecast - whitepaper from MimecastDownload now

One recommendation is that designated international agreements must be published and tabled in the regulations, and are subject to parliamentary scrutiny, as well as to a period of disallowance.

Another recommendation is that the agreement must not be used by a foreign government to target an Australian citizen. Information cannot be obtained to provide to the Australian government or a third-party government, the recommendations state.

Any country wishing to seek this kind of agreement must demonstrate respect for the rule of law, equality and non-discrimination, respect for international human rights, and have clear legal procedures and restrictions governing the use of electronic surveillance investigatory powers.

Furthermore, as some countries still practice the death penalty, including the US, the PCJIS said a minister should receive a written assurance from the government of a foreign country relating to the non-use of Australian-sourced information obtained through the agreement “in connection with any proceeding for a death penalty offence in the country or territory”.

The committee’s last recommendation was that “following implementation of the recommendations in this report, the Bill be passed by Parliament".

Featured Resources

Consumer choice and the payment experience

A software provider's guide to getting, growing, and keeping customers

Download now

Prevent fraud and phishing attacks with DMARC

How to use domain-based message authentication, reporting, and conformance for email security

Download now

Business in the new economy landscape

How we coped with 2020 and looking ahead to a brighter 2021

Download now

How to increase cyber resilience within your organisation

Cyber resilience for dummies

Download now

Most Popular

How to find RAM speed, size and type

How to find RAM speed, size and type

16 Jun 2021
EU plans to launch bloc-wide cyber task force
cyber attacks

EU plans to launch bloc-wide cyber task force

22 Jun 2021
What is HTTP error 400 and how do you fix it?
Network & Internet

What is HTTP error 400 and how do you fix it?

16 Jun 2021