Cybersecurity—Australia—Q&A guide [Archived, 2019 edition]

The following Information Law practice note provides comprehensive and up to date legal information covering:

  • Cybersecurity—Australia—Q&A guide [Archived, 2019 edition]
  • 1. Summarise the main statutes and regulations that promote cybersecurity. Does your jurisdiction have dedicated cybersecurity laws?
  • 2. Which sectors of the economy are most affected by cybersecurity laws and regulations in your jurisdiction?
  • 3. Has your jurisdiction adopted any international standards related to cybersecurity?
  • 4. What are the obligations of responsible personnel and directors to keep informed about the adequacy of the organisation’s protection of networks and data, and how may they be held responsible for inadequate cybersecurity?
  • 5. How does your jurisdiction define cybersecurity and cybercrime?
  • 6. What are the minimum protective measures that organisations must implement to protect data and information technology systems from cyberthreats?
  • 7. Does your jurisdiction have any laws or regulations that specifically address cyberthreats to intellectual property?
  • 8. Does your jurisdiction have any laws or regulations that specifically address cyberthreats to critical infrastructure or specific sectors?
  • 9. Does your jurisdiction have any cybersecurity laws or regulations that specifically restrict sharing of cyberthreat information?
  • More...

Cybersecurity—Australia—Q&A guide [Archived, 2019 edition]

This Practice Note contains a jurisdiction-specific Q&A guide to cybersecurity in Australia published as part of the Lexology Getting the Deal Through series by Law Business Research (published: December 2019).

Authors: McCullough Robertson—Alex Hutchens

1. Summarise the main statutes and regulations that promote cybersecurity. Does your jurisdiction have dedicated cybersecurity laws?

The principal instrument that makes it illegal to commit cyberattacks in Australia is the Criminal Code Act 1995 (Cth) as amended by the Cybercrime Act 2001 (Cth) (Criminal Code Act).  The Criminal Code Act expressly makes it an offence to cause unauthorised access or modification to data held in a computer or cause any unauthorised impairment of electronic communication to or from a computer. Other offences under the Criminal Code Act include:

  1. causing unauthorised modification of data held in a computer, where the person is reckless as to whether the modification impairs or will impair access to that data or other data or the reliability, security or operation of that data;

  2. knowingly causing any unauthorised impairment of electronic communication to or from a computer;

  3. intentionally causing any unauthorised access to, or modification of, data restricted by an access control system associated with a function of the computer, where it is known that such behaviour is unauthorised;

  4. intentionally causing unauthorised impairment of the reliability, security or operation of data held on a computer

Popular documents