- Cybercrime Bill 2001 - Passed by Parliament on September 27, it allows jailing of computer hackers for up to 10 years.
- Telecommunications Interception Legislation Amendment Bill 2001 - introduced in the final days of the 39th Parliament, it proposes to expand police powers to tap phones, the Internet and email.
- Criminal Code Espionage Bill - will lift maximum jail terms for espionage to 25 years from seven.
- Capping a flurry of cyber-security legislation, the Australian government's cabinet met last week to assess whether holes still exist in the electronic defence net against terrorists.
Legislative actions in the past week include passage of the Cybercrime Bill 2001 and introduction of bills to expand electronic surveillance powers and increase penalties for espionage.
The new focus on information security is long overdue, according to data security experts like Professor Bill Caelli, head of the School of Data Communications at Queensland University of Technology.
Caelli is a long-time critic of what he calls a lack of political leadership on the issue of National Information Infrastructure Protection (NIIP).
At the big picture level, recognition of national defence in terms of shielding Australia's national information infrastructure was "totally missing" from the most recent White Paper on defence, Caelli says.
"We just haven't seen NIIP as a major defence focus. This is completely different to the Year 2000 report issued by the US Secretary of Defense where protection of information assets became one of the keynotes of the report."
The Defence White Paper "talks about buying boats and aeroplanes but not about the NIIP. We haven't been defending ourselves against electronic penetration."
Distinctions between national defence and criminal policing become increasingly blurred in an information society, he notes.
"When is hacking into a network a police matter and when is it a national defence problem?
"These are (significant) questions in information security on which we haven't been getting strong leadership from the Federal Government, or from any of the three major political parties.
Australia's recent legislative efforts include:
Australia's Cybercrime Act 2001 will cover computer crimes such as hacking, denial of service attacks, the spreading of computer viruses and website vandalism that damage commercial businesses or threaten national security.
"Previously, if a terrorist attack had been carried out on Australia's national information infrastructure, police did not have the power to compel suspects to assist in an investigation of complex computer systems protected by passwords or encryption, or to conduct searches online across different locations," Justice Minister Chris Ellison says.
Proposed amendments to the Telecommunications Interception Act will streamline the ability of law enforcement agencies to match wiretapping warrants to today's convergent communications services. It will do away with the present requirement to obtain separate warrants to intercept each telecom service used by a suspect, such as acquiring several pre-paid mobile telephone services and swapping them around on one handset.
In related developments, the National Office for the Information Economy (NOIE) will oversee info-security awareness-raising programs for both business and consumers to lift confidence in the security of online environments.