A Bill for an Act to require the repatriation of Defence data to sovereign Australian storage facilities, and for related purposes
The Parliament of Australia enacts:
1 Short title
This Act is the Repatriation of Defence Data Act 2021.
2 Commencement
(1) Each provision of this Act specified in column 1 of the table commences, or is taken to have commenced, in accordance with column 2 of the table. Any other statement in column 2 has effect according to its terms.
| Commencement information |
| Column 1 | Column 2 | Column 3 |
| Provisions | Commencement | Date/Details |
| 1. The whole of this Act | The day after this Act receives the Royal Assent. | |
Note: This table relates only to the provisions of this Act as originally enacted. It will not be amended to deal with any later amendments of this Act.
(2) Any information in column 3 of the table is not part of this Act. Information may be inserted in this column, or information in it may be edited, in any published version of this Act.
3 Definitions
In this Act:
Australia includes the external Territories.
contracted service provider means an entity that:
(a) owns and operates a data storage facility in Australia; and
(b) under a contract with the Commonwealth, is responsible for the storage or back‑up of Defence Department data in the data storage facility.
Defence Department means the Department of State that deals with defence and that is administered by the Minister administering section 1 of the Defence Act 1903.
foreign person has the same meaning as in the Foreign Acquisitions and Takeovers Act 1975.
high‑risk person means:
(a) a foreign person; or
(b) a person in relation to which an unacceptable foreign‑ownership situation exists; or
(c) Global Switch Limited, Global Switch Australia Pty Limited, or any of their subsidiaries.
high‑risk storage facility means a data storage facility that is:
(a) owned or operated by high risk person; or
(b) located in premises that are owned or operated by a high‑risk person.
Secretary means the Secretary of the Defence Department.
sensitive data store means a database that:
(a) is administered by or on behalf of the Commonwealth; and
(b) contains information that:
(i) is collected by the Australian Defence Force or the Defence Department; and
(ii) has a security classification.
sovereign Australian storage facility means a data storage facility that is:
(a) located in premises in Australia that are owned and operated by a person who is not a high‑risk person; and
(b) owned by:
(i) the Commonwealth; or
(ii) a contracted service provider that is not a high‑risk person; and
(c) operated by:
(i) the Defence Department; or
(ii) a contracted service provider that is not a high‑risk person.
unacceptable foreign‑ownership situation: an unacceptable foreign‑ownership situation exists in relation to an entity if there is a group of foreign persons who hold, in total, a particular type of stake in the entity of more than 49%.
4 Transfer of sensitive data stores
If, on the commencement of this Act, a sensitive data store is held in a high‑risk storage facility, the Secretary must cause the sensitive data store to be transferred, before 25 April 2022, to a sovereign Australian storage facility.