Plain language law

New Zealand law explained for everyone

Telecommunications (Interception Capability and Security) Act 2013

Network security - Process for preventing or mitigating network security risks

51: Process for addressing network security risks

You could also call this:

"What happens when a network plan is not secure"

Illustration for Telecommunications (Interception Capability and Security) Act 2013

You need to know what happens if the Director finds out about a network operator's plan that could cause a security risk. The Director must tell the network operator about the problem as soon as possible. The network operator cannot go ahead with their plan unless it meets certain conditions, such as being accepted by the Director under section 52 or following a direction from the Minister under section 57. You should be aware that the Director will send a written notice to the network operator about the issue. The network operator must then send a written proposal to the Director to fix the security risk. This proposal must follow any rules set out in regulations made under section 127. The network operator can go ahead with their plan if the Director refers the matter to the Minister under section 54 and the Minister does not make a direction, or if the Director decides not to refer the matter to the Minister. The Director and the network operator must follow the rules when dealing with security risks. They must work together to prevent or fix security risks.

This text is automatically generated. It might be out of date or be missing some parts. Find out more about how we do this.

This page was last updated on

View the original legislation for this page at https://legislation.govt.nz/act/public/1986/0120/latest/link.aspx?id=DLM5178096.

Topics:
Business > Industry rulesEnvironment and resources > Climate and energy
Previous

50: Consideration of network security risk by Director or Minister, or

"Checking if something might harm New Zealand's phone and internet networks"

Next

52: Assessment of response by network operator, or

"The Director checks a network operator's plan to fix a security risk."

Part 3Network security
Process for preventing or mitigating network security risks

51Process for addressing network security risks

  1. If the Director becomes aware of a proposed decision, course of action, or change by a network operator that, in the Director's opinion, would, if implemented, raise a network security risk other than a minimal network security risk,—

  2. the Director must advise the network operator of the matter as soon as practicable; and
    1. the network operator must not implement or give effect to the proposed decision, course of action, or change—
      1. unless and to the extent that those actions are consistent with or give effect to a proposal or part of a proposal (relating to the proposed decision, course of action, or change) accepted by the Director under section 52 or a direction of the Minister under section 57 on a matter relating to the proposal; or
        1. unless the Director has referred a matter (arising from the proposal) to the Minister responsible for the Government Communications Security Bureau under section 54 and the Minister does not make a direction in respect of the proposal; or
          1. unless the Director has notified the network operator that the Director has not accepted the proposal but has decided not to refer the matter to the Minister under section 54.

          2. The Director must provide a written notice to the network operator that relates to the matter referred to in subsection (1).

          3. The network operator must, as soon as practicable, respond in writing to the notification by providing the Director with a proposal to prevent or sufficiently mitigate the network security risk.

          4. A notice under subsection (2) and a proposal under subsection (3) must comply with any requirements prescribed in regulations made under section 127.