Australian Communications and Media Authority

The Australian Communications and Media Authority (ACMA) is an Australian government statutory authority within the Communications portfolio. ACMA was formed on 1 July 2005 with the merger of the Australian Broadcasting Authority and the Australian Communications Authority.

ACMA is responsible for collecting broadcasting, radiocommunication and telecommunication taxes, and regulating Australian media. It does this through various legislation, regulations, standards and codes of practice. ACMA is a converged regulator, created to oversee the convergence of telecommunications, broadcasting, radio communications and the internet.

Organization
ACMA is an independent government agency managed by an executive team comprising the Chair (who is also the Agency Head), Deputy Chair (who is also the chief executive officer). ACMA collects revenue on behalf of the Australian Government through broadcasting, radiocommunications and telecommunications taxes, charges and license fees. It also collects revenue from price-based allocation of spectrum. The corporate structure comprises four divisions – Communications Infrastructure, Content, Consumer and Citizen, Corporate and Research, and Legal Services.

ACMA has responsibilities under four principal Acts – the Broadcasting Services Act 1992, the Telecommunications Act 1997, the Telecommunications (Consumer Protection and Service Standards) Act 1999 and the Radiocommunications Act 1992. There are another 22 Acts to which the agency responds in such areas as spam, the Do Not Call Register and interactive gambling. The ACMA also creates and administers more than 523 legislative instruments including radiocommunications, spam and telecommunications regulations; and license area plans for free-to-air broadcasters.

ACMA's main offices are located in Canberra, Melbourne and Sydney.

Convergence and change
Communications convergence is the merging of the previously distinct services by which information is communicated – telephone, television (free-to-air and subscription) radio and newspapers – over digital platforms. ACMA also works with industry and citizens to solve new concerns and mitigate risks arising in the evolving networked society and information economy, recognizing that Australians are interacting with digital communications and content in changing ways. Not only does ACMA address a wide range of responsibilities, it does so against a backdrop of rapid change.

Many of the controls on the production and distribution of content and the provision of telecommunications services through licensing or other subsidiary arrangements, or by standards and codes (whether co-regulatory or self-regulatory) are subject to revision and adaptation to the networked society and information economy. Moreover, there are new platforms, applications, business models, value chains and forms of social interaction available with more to come in what is a dynamic, innovative environment. Other challenges for regulators include cross-jurisdictional issues and the need for engagement and collaboration with stakeholders locally, regionally and internationally.

ACMA has developed a 'converged communications regulator' framework which seeks to bring to the global discussion a 'common ground' to deliver outcomes in the public interest. The four cornerstone parts to the framework, each divided into two sub-streams, are outlined below along with the main functions of ACMA under each task.

Bridging to the future – active engagement with the currents of change and proactive development of responses through thought leadership and regulatory development: Transforming the agency – adapting the organization to the changing world of convergence by ensuring a structural fit with convergence and a focus on agency innovation: Major program delivery – through resource and program management with fully effective corporate governance: Effective regulation – doing the 'day job' of the regulatory agency with effective and efficient regulatory administration and operations coupled with extensive stakeholder engagement:
 * Reviewing industry standards and codes of practice.
 * Developing more flexible licensing.
 * Updating spectrum management tools for spectrum sharing technologies.
 * Research and analysis to examine the effectiveness of current regulation and to provide evidence-informed regulatory development.
 * Creating resilience through capability training.
 * Evidence-based reporting on industry performance, service offerings, consumer benefits, levels of adoption and use.
 * Administration of spam intelligence database.
 * Evidence-based approach to tracking industry performance during digital TV transition
 * Development and implementation of a national cybersafe education program.
 * Administering the Do Not Call Register.
 * Administering contracts for phone services for people who are deaf or have a hearing or speech impediment.
 * Developing and implementing a corporate governance framework and ICT strategic plan
 * Regulating telecommunications and broadcasting services, internet content and datacasting services
 * Managing access to the radiofrequency spectrum bands through radiocommunications licensing, including amateur radio licensing.
 * Resolving competing demands for spectrum through broadcasting license arrangements and price-based allocation methods.
 * Regulating use of the radio-frequency spectrum and minimizing radio communications interference.
 * Regulating compliance with the relevant legislation, license conditions, codes of practice, standards, service guarantees and other safeguards.
 * Promoting and facilitating industry self-regulatory and co-regulatory solutions
 * Informing industry and consumers about communications regulation.

Representing Australia's interests internationally (see International Telecommunication Union)

ACMA Hotline for reporting offensive or illegal online content
The ACMA administers a complaints mechanism for Australian residents and law enforcement agencies to report prohibited online content, including child sexual abuse material. Within the scheme, which operates under Schedules 5 and 7 of the Broadcasting Services Act 1992, content is assessed with reference to the same criteria within the National Classification Scheme that applies to films and computer games in Australia.

The ACMA Hotline is one of a global network of international bodies within INHOPE – the International Association of Internet Hotlines that exchange information on child abuse images, pinpointing the hosting countries to help eradicate them from the web. INHOPE consists of 44 members in 38 countries, with members including the Internet Watch Foundation (UK), the National Centre for Missing and Exploited Children (USA), Cyberia (Canada), Friendly Runlet Foundation (Russian Federation) and the Internet Hotline Center Japan.

If prohibited online content is found in Australia, it is issued with a take-down notice after being formally classified; if it is hosted overseas it is notified to optional end-user Family Friendly Filters that are accredited by industry through the Internet Industry Association (these are available at cost from ISPs). All potentially illegal content is reported by the ACMA to law enforcement in Australia, or, in the case of child sexual abuse material hosted overseas, through INHOPE for rapid police notification and take-down in the host country.

The ACMA publishes comprehensive statistics and information about the ACMA Hotline on its website. The majority of investigations the ACMA conducts concern online child sexual abuse material. Complaints to the ACMA Hotline are usually made via a webform on the ACMA's website.

Popularly held misconceptions about the ACMA's regulatory role include that it investigates and takes action on whole websites (it investigates specific URLs, images or files) and that the ACMA causes blocking of content at an ISP level (it notifies overseas hosted content to optional end-user filters).

In February 2013, the ACMA and Australian Federal Police announced a new agreement for sharing of information about serious child abuse material, including an arrangement whereby the ACMA can report content through INHOPE based on where content may be produced, as well as where it is hosted

During National Child Protection Week 2013, the ACMA Hotline conducted 418 investigations involving over 4,700 images of abused children to Australian police agencies or through the INHOPE international network for action overseas. During the week, the ACMA announced it is now working more closely with CrimeStoppers in Australia to make it easier to report illegal online content.

The ACMA's online role is not connected to ISP blocking 'worst of the worst' child abuse material, which was operated by ISPs and the Australian Federal Police. In July 2015, this function moved to the Office of the Children's safety Commissioner.

Do Not Call Register
ACMA operates Australia's Do Not Call Register, which is a scheme to reduce unsolicited telemarketing calls and marketing faxes to individuals who have indicated they do not want to receive such calls by registering their private and domestic telephone (including mobile) and fax numbers on the Register. The scheme has been in operation since May 2007. Since mid-2013, Salmat has managed the Register on behalf of ACMA.

Spam Act
ACMA is responsible for enforcing the Spam Act 2003 which prohibits the sending of unsolicited commercial electronic messages with an Australian link. A message has an Australian link if it originates, or was authorised, in Australia, or if the message was accessed in Australia. Anyone who sends commercial email, SMS, or instant messages must ensure that the message is sent with consent, contains sender identification and contact information and includes a functional unsubscribe facility. Some exemptions apply.

Members of the public are able to make complaints and reports about commercial electronic messages to ACMA which may conduct formal investigations and take enforcement actions.

Australian Internet Security Initiative and malware
The ACMA developed the Australian Internet Security Initiative (AISI) to help address the problem of computers being compromised by the surreptitious installation of malicious software (malware). 'Malware' enables a computer to be controlled remotely for illegal and harmful activities without the owner's knowledge.

Malware can:
 * access sensitive personal information stored on the computer such as resumes, sensitive documents, photographs/videos, and banking and other login or password details
 * gain remote access to the computer's camera and microphone
 * form part of a larger group of computers known as 'botnets'. Among other things, botnets are used to help with the mass distribution of spam and other malware, the hosting of phishing sites and distributed denial of service (DDoS) attacks on websites.

Telecommunications Sector Security Reform (TSSR)
The Telecommunications Sector Security Reform (TSSR) commenced on 18 September 2018.

TSSR introduces four new measures:


 * a security obligation, which requires carriers and carriage service providers to protect their networks and facilities against threats to national security from unauthorised access or interference
 * a notification requirement, which requires carriers and nominated carriage service providers to tell Government of any proposed changes to their telecommunications systems or services that are likely to have a material adverse effect on their capacity to comply with their security obligation
 * the ability for Government to obtain more detailed information from carriers and carriage service providers in certain circumstances to support the work of the Critical Infrastructure Centre, and
 * the ability for Government to intervene and issue directions in cases in cases where there are significant national security concerns that cannot be addressed through other means.

Role in Internet content regulation
In 2000, a legislative framework for online content regulation was established by adding a new schedule (schedule 5) to the Broadcasting Services Act 1992. The Australian Broadcasting Authority was responsible for managing and enforcing the framework, and this responsibility passed to ACMA in 2005.

The key element to the framework was the establishment of a complaints mechanism under Part 4 of the Schedule. Members of the public could complain to ACMA about offensive material online, ACMA could investigate, and then notify Internet service providers to prevent access to prohibited content. The framework also permitted ACMA to initiate an 'own-motion' investigation into potentially prohibited content. The framework was designed to be consistent with the national classifications system (the Code and Classification Guidelines established by the Classification (Publications, Films and Computer Games) Act 1995). Through this mechanism of establishing what content is prohibited or possibly prohibited, ACMA effectively creates a "blacklist" of content to which Internet service providers must deny users access.

This framework was amended further in 2007 by the Communications Legislation Amendment (Content Services) Act (2007) as Schedule 5 only applied to stored content made available over the Internet but did not apply easily to "ephemeral" content such as streamed material. A new schedule (schedule 7) was introduced to regulate this content consistently with the national classifications system.

On 10 March 2009, the ACMA issued an "interim link-deletion notice" to Bulletproof Networks, an Australian web-hosting company, on the grounds that Whirlpool, a customer of Bulletproof Networks, posted a link to a blacklisted, anti-abortion web site. There was a controversy that the material hosted by Whirlpool was the response notification from ACMA stating that the website had been blacklisted (the notice included the address of the website that had been blacklisted).

ACMA blacklist leaked
On 19 March 2009 it was reported that the ACMA's blacklist of banned sites had been leaked online, and had been published by WikiLeaks. Julian Assange, founder of WikiLeaks, obtained the blacklist after the ACMA blocked several WikiLeaks pages following their publication of the Danish blacklist. Assange said that "This week saw Australia joining China and the United Arab Emirates as the only countries censoring WikiLeaks." Three lists purporting to be from the ACMA were published online over a seven-day period.

The leaked list, which was reported to have been obtained from a manufacturer of internet filtering software, contained 2395 sites. Approximately half of the sites on the list were not related to child pornography, and included online gambling sites, YouTube pages, gay, straight, and fetish pornography sites, Wikipedia entries, euthanasia sites, websites of fringe religions, Christian sites, and even the websites of a tour operator and a Queensland dentist. Colin Jacobs, spokesman for lobby group Electronic Frontiers Australia, said that there was no mechanism for a site operator to know they got onto the list or to request to be removed from it. Australia's Communications Minister, Stephen Conroy later blamed the addition of the dentist's website to the blacklist on the "Russian mob".

Associate professor Bjorn Landfeldt of the University of Sydney said that the leaked list "constitutes a condensed encyclopedia of depravity and potentially very dangerous material". Stephen Conroy said the list was not the real blacklist and described its leak and publication as "grossly irresponsible" and that it undermined efforts to improve "cyber safety". He said that ACMA was investigating the incident and considering a range of possible actions including referral to the Australian Federal Police, and that Australians involved in making the content available would be at "serious risk of criminal prosecution".

Conroy initially denied that the list published on WikiLeaks and the ACMA blacklist were the same, saying "This is not the ACMA blacklist." He stated that the leaked list was alleged to be current on 6 August 2008 and contained 2,400 URLs, where the ACMA blacklist for the same date contained 1,061 URLs. He added that the ACMA advised that there were URLs on the leaked list that had never been the subject of a complaint or ACMA investigation, and had never been included on the ACMA blacklist. He was backed up by ISP Tech 2U, one of six ISPs involved in filtering technology trials.

Conroy's denial was called into doubt by the Internet Industry Association (IIA), who publicly condemned the publishing of the list, chief executive Peter Coroneos saying, "No reasonable person could countenance the publication of links which promote access to child abuse images, irrespective of their motivation, which in this case appears to be political."

Conroy later claimed the leaked blacklist published on WikiLeaks closely resembled the official blacklist, admitting that the latest list (dated 18 March) "seemed to be close" to ACMA's current blacklist.

In an estimates hearing of the Australian Federal Government on 25 May 2009 it was revealed that the leak was taken so seriously that it was referred to the Australian Federal Police for investigation. It was further stated that distribution of further updates to the list have been withheld until recipients can improve their security. Nerida O'Laughlin of the ACMA confirmed that the list has been reviewed and as of 30 April consists of 997 URLs.

Online Safety Act 2021
In 2021, Schedules 5 and 7 of the Broadcasting Services Act 1992 were repealed as part of the enactment of the Online Safety Act 2021. This Act established the eSafety Commissioner (section 26) and, under part 3 of the Act, gave the Commissioner responsibility for managing and enforcing the online content scheme (part 9).