Australia's Parliament has passed the Security of Critical Infrastructure Bill in what the government called a bid to protect the electricity, gas, ports, and water sectors from "foreign involvement" that could lead to espionage, sabotage, and coercion, and giving ministers the power to direct companies to conduct risk mitigation actions.
The legislation [PDF] was designed for the purpose of increasing the federal government's capacity to manage national security risks arising as a result of offshore and overseas involvement and control over infrastructure.
According to a statement by Minister for Home Affairs Peter Dutton, while foreign involvement has "an important and beneficial role in supporting our national economic growth", it opens up Australia's infrastructure to more risk.
"This legislation establishes a register of Australia's highest-risk critical infrastructure assets, including information on asset ownership, access, and control," Dutton said on Thursday.
"It introduces a ministerial directions power that allows the government to take action where a risk cannot otherwise be mitigated which will significantly enhance the Critical Infrastructure Centre's capacity to assess and manage complex risks."
The latter power will be used to "seek information and issue directions to owners and operators of critical assets in the high-risk sectors when a there is a risk that is prejudicial to security that cannot otherwise be mitigated", the revised explanatory memorandum [PDF] explains.
Under s32(2), the Australian Security Intelligence Organisation (ASIO) can provide advice to the minister in the form of a security assessment, with the minister then able to "direct critical infrastructure owners or operators to do or not do a certain thing to mitigate a risk that has been identified as prejudicial to security".
Such directions would be based on addressing any