The role of Internet Service Providers in combating botnets : an examination of recent Australian initiatives and legislative reform

This article examines the role of Internet Service Providers (ISPs) in combating botnets. The first section addresses recent Australian initiatives where ISPs are called on to take a proactive security role. The first initiative is the Australian Internet Security Initiative established by ACMA. The second, and most recent, initiative is the Australian Internet Industry Association (IIA) Code of Practice consultation paper on 'For Industry Self-Regulation in the Area of E-Security'1. The E-Security initiative involves ISP monitoring and detecting compromised computers connected to their networks, notifying customers when their computers are infected and, hence, are part of a botnet, providing links to information to disinfect a computer, and quarantining the infected computer until it is 'fit for connection'. The article examines ISP legal liability issues and addresses the February 2010 amendments to the Telecommunications Interception Act which exempt ISPs from the obligations of the previously established interception and warrant framework when performing detection and monitoring (including interception of communications) for reasons related to network protection and security.