• forIndividuals
  • forBusiness
  • forCommunity
search
About usFact sheetsPrimary legislationWhat's new?
DictionaryTeachingContact usSite mapLinks
click to go home


Our Fact Sheets provide a detailed account of 29 areas of law as they apply to the Internet

Fact Sheets



IIA releases draft Cybercrime Code of Practice in July 2003

Conduct an ISP business

Telecommunications law


1. Regulation of ISPs

An ISP providing Internet access services only is regulated as a carriage service provider under the telecommunications legislation.(1) An ISP which provides access to or maintains a publicly available website (or mirror site) may be regulated as both a carriage and content service provider under the telecommunications legislation.

See Telecommunications Fact Sheet.

2. General rights and obligations of ISPs

The characterisation of ISPs as carriage service providers under the telecommunications legislation means an ISP:

(a) Must protect the confidentiality of information routed through a network (eg Internet).

A use or disclosure of confidential information will not be an offence if made under lawful authorisation, in connection with the duties of the person as a telecommunications contractor or other eligible person, as a witness in a judicial proceeding, for law enforcement purposes, the protection of public revenue or to avert a threat to the life of a person. A record must be kept of such disclosures in certain cases.(2)

(b) Must not connect unlabelled or incorrectly labelled, unauthorised or dangerous equipment to a telecommunications network.

The manager of a telecommunications network who suffers loss as a consequence may seek damages, an account of profits, injunctive relief or a disconnection order.

(c) Is under a general obligation to assist Commonwealth, State and Territory authorities for the purposes of enforcing the criminal law, protecting the public revenue and safeguarding national security.(3)

(d) Must keep detailed records and books enabling the separate identification of charges and services.

3. Internet Access Provider (IAP) must provide interception capability

Provided the Federal Attorney-General does not require an IAP to provide specific interception capabilities or special assistance capabilities pursuant to a ministerial determination, the IAP is simply obliged to ensure its network or facilities will enable a communication passing over it to be intercepted in accordance with a warrant issued under the Telecommunications (Interception) Act 1979 (Cth). The obligation is to ensure general interception capability is developed, installed and maintained to the relevant standard.(4)

An IAP may be required to decrypt messages encrypted by the IAP but is not obliged to decrypt communications which have been encrypted by customers before being carried over a network.

4. Industry Codes of Conduct affecting ISPs

The Australian Communications Authority (ACA) may prepare a legally enforceable industry standard if, after requesting the preparation of an industry code, no code satisfactory to the ACA has been developed. Civil penalties may apply to industry participants who fail to comply with an industry standard.(5)

Where an Industry Code of Conduct is developed, the ACA retains a power to impose sanctions for failure to comply with an industry code. The legislation sets out various matters industry codes of practice may deal with.

The Protection of Personal Information of Customers of Telecommunications Providers Code (registered 1 May 2000) (Code) applies to all carriers, carriage service providers and content service providers. The Code applies to ISPs. If a website operator is considered a content provider for the purposes of the Code, the website operator will be subject to ACA regulation (formal warnings, written directions to comply, penalties for non-compliance) despite not being a signatory to the Code.

5. ISPs must enter into the Telecommunications Industry Ombudsman (TIO) Scheme

Eligible ISPs must enter into the TIO Scheme. Membership of the scheme is open to all carriers and ISPs.(6) Subject to various guidelines and consultations, the ACA can direct (or exempt) specified carriers or eligible ISPs to join the TIO Scheme.(7) Members of the TIO Scheme must comply with the TIO Scheme. An ISP member who fails to comply with the TIO Scheme breaches the service provider rules.(8)

The TIO must maintain a register of scheme members open for public inspection at all reasonable times.(9)

6. Interception of data transmissions prohibited

An ISP should note that the interception of communications passing over a telecommunications system or network (including the Internet) is prohibited unless performed:(10)

(a) by an employee of a carrier and the information concerns the operation or maintenance of a network or supply of services by the carrier;

(b) by an officer of an agency issued with a valid warrant;

(c) pursuant to the functions of the Australian Security Intelligence Organisation (ASIO);

(d) in connection with an investigation of the Australian Federal Police or National Crime Authority;

(e) by an employee of a carrier or licensed service provider or any other person in the course of efficiently carrying out their duty and connected with routine line or equipment installations;

(f) by an employee tracing a person who is suspected of contravening the Crimes Act 1914 (Cth) Pt VIIB pursuant to a valid warrant issued by the Attorney General or Director General of Security; or

(g) in the course of duties by an ASIO officer, a federal or state police officer when party to a communication (or with the consent of a party who is in communication) with a person reasonably suspected of committing a serious offence or suicide.

Subject to specified exemptions, the further communication, use, recording or use in evidence of information obtained from intercepted communications (whether legally obtained or unlawfully) is prohibited.

7. Telecommunications offences under the Crimes Act 1914 (Cth)

Under the Crimes Act 1914 (Cth) an ISP should note that it is an offence to:

(a) tamper or interfere with facilities belonging to a telecommunications carrier;

(b) hinder the normal operations of a carriage service by manipulating, tampering or interfering with a facility operated by a carrier;

(c) use communications for improper purposes;

(d) intentionally or recklessly cause communications to be received by a person or service other than to whom it is directed;

(e) send signals to satellite without lawful authority or excuse;

(f) obtain carriage services with the intention of defrauding the carrier of any rental, fee or charge duly payable;

(g) possess or operate a call switching device without appropriate authorisation; or

(h) use equipment in relation to a network for unlawful purposes.

8. Complaints against ISPs

Disputes between ISPs and consumers may be referred to the TIO (see www.tio.com.au).

The TIO has the power to investigate, determine and give directions relating to complaints made by end users. See Complaints against ISPs.


Other relevant Articles on this site:
Internet access agreement
Complaints against ISPs
Selecting an Internet Service Provider (ISP)

Other relevant Fact Sheets:
Cyberspace Crime
Privacy
Telecommunications (long version)
Telecommunications (short version) 

End Notes
(1) Telecommunications Act 1997 (Cth) ; Telecommunications (Interception) Act 1979 (Cth)
(2) Telecommunications Act 1997 (Cth) Pt 13
(3) Telecommunications Act 1997 (Cth) sections 47, 63
(4) Telecommunications Act 1997 (Cth) Pts 14, 15
(5) Telecommunications Act 1997 (Cth) Pt 6
(6) Telecommunications Act 1997 (Cth) sections 245, 246
(7) Telecommunications Act 1997 (Cth) sections 247, 248, 249
(8) Telecommunications Act 1997 (Cth) sections 98, 250
(9) Telecommunications Act 1997 (Cth) section 251
(10) Telecommunications Act 1997 (Cth) Pts 14, 15

"Only two things are infinite, the universe and human stupidity, and I'm not sure about the former", Albert Einstein (1879-1955)
forBusiness/