auDA CEO Rosemary Sinclair talks to Grahame Lynch on the CommsDay Live podcast about the introduction of .au direct in March 2022, auDA's role protecting critical infrastructure and the growth in Australia's digital economy.
But first up, our lead interview with Rosemary Sinclair. She's the CEO of auDA, the Australian Internet domain allocation administrator, literally the land title's office of the virtual world. They announced this week that they'll be releasing a new direct .au domain, basically allows you to drop the .com in your URL. I caught up with Rosemary, to find out all about this and everything else that's happening at auDA.
The .au direct addition to the whole .au domain is really about giving people more choice. We've got a number of existing spaces, .com.au, .edu.au. And those are subject to verification of Australian presence, and that remains, but also eligibility around having a business registered or having a charity registered or being part of the education system formally. That's not suitable really for the kind of economy that we're building now where there's so much innovation and people are relying on websites and email for communications in all sorts of ways, including little community organisations. So we really needed to create a space for those people so that they could be part of .au, but in a way that was suitable to the kind of innovation and the things that they want to do. That's what it's all about.
When will the process kick off for registrations? Some way into the future isn’t it?
Yes. 24th of March 2022 is the commencement date. And then there's a six month period, if you like, for people to think about whether they do want to get a .au direct, if they already have a domain name or not. And for registrars and so on to get their processes sorted out. So we've got that six month window to allow an orderly transition, if you like, into the .au direct namespace.
Okay, and what are the advantages of having a .au domain generally versus a standard .com or .net domain?
A .au domain is seen globally as a very trusted domain. And as we've seen consumers jump online for online commerce and health services and education services and community connection, to be able to do that in a domain that is trusted, encourages confidence and activity levels. So we see .au in international statistics as a verified, very safe domain, and it's because of the rules that we put in place and the attention that we give to cyber security type matters.
Now, just to move on, you've had quite a bit to say about cyber security lately. What role does auDA play in that ecosystem and what specifically are the messages that you're trying to get across?
Well, if you think about auDA as the service that delivers the “anything that ends in a .au”, so websites, or emails, and if you just think about the last eighteen months, the way people have been using websites and emails to get themselves through the pandemic. That alone really is such a practical indicator of how critical this little piece of infrastructure is.
That's one point, second point is, we do our work in a very particular way in Internet governance. And so we're not regulated under legislation. There's a mention in legislation of what might happen should we fail to do our job properly, but we’re authorised, if you like, under Terms of Endorsement. And those Terms of Endorsement, tell us to run the .au domain securely reliably and very, very carefully in all sorts of other ways. So, when there's a discussion about security, we're in there from our own perspective.
Third thing is, it's a global network as, as you and your readers will well know, the internet is designed as a global network for redundancy and speed and the like. So having local conversations, in any country really, about the Internet, doesn't really make sense. So one of the things we've been pointing out is that the bit that we are working in is part of a global system and it's really important, in fact Australia last year re-committed to the global nature of the Internet; open, free and secure through the International Cyber and Critical Technology [Engagement] Strategy. So we've been, you know, very careful about that.
And then there are other matters that have been of joint concern. So the proposed legislation has significant powers in it. And we're saying, if there are significant powers, then there needs to be transparent processes and scrutiny, oversight of the exercise of those powers.
We've also been just reminding everybody that, because we are not regulated under legislation, the way we actually go about our work without global partners is through contracts. So we've got a process of actually updating and reflecting security standards in those contracts, which we actually have done very recently, we're moving everybody to the ISO 27001 standard, through our contract mechanism.
And then lastly, there are many other things but lastly for this podcast you'll be pleased to know, we're saying to government that there's an incredibly powerful network of people who work together already and really, really effectively, and that network includes important government agencies such as the Australian Signals Directorate and the Australian Cyber Security Centre. So there's not a real need in most cases to adopt a coercive approach. You know, the collaboration and cooperation is there. If organisations for whatever reason, decide to wheel out the lawyers rather than the cyber security experts, then I get it, there's a problem, and that has to be addressed.
But again, that should be addressed in a proportionate way, with proper processes. And this is all really, really important to us because if we get to a point in Australia that is about national approaches and coercive approaches, then the reflection of that into the global Internet is not going to wind up in a good place.
So those are a range of the issues that we're particularly worried about. And it's those issues that led us to say, we need to have separate conversations in this rules design process, because there are matters around us that are different from the big telecommunications sector.
Okay. Now, finally, it's, it's about 10 years almost to the week since the Australian Telecommunications User Group wound up and of course you were the head of that for many years. You've gone off and done some interesting things in energy and so on in the interim, but it was just interesting to hear you talk about cyber security there because a lot of your historical sort of communications knowledge is obviously brought to bear. I was interested to hear how all that telecoms experience is being deployed in service at auDA now?
What we're seeing is the emergence of the digital economy, that so many of us were preparing for so many years. In all those discussions about mobile services and broadband services, and the like, what we were doing was laying down if you like the pathways to enable a digital economy.
The role that auDA plays if you like, is to put the numbers on the houses, and open the door to houses of information and connection. So I see a direct link between that work that I enjoyed so much in the telco sector and this role at auDA. And we've seen this in the actual numbers. The number of names created in the last 18 months has grown enormously and we've now got 3.3 million domain names under management in .au. We have three billion transactions enquiries, every day for information, or to connect through email. It's a really busy space. But one of the really interesting things about the space is that in all of those numbers we are seeing a pattern of existing businesses and small businesses finally taking that step online. Businesses that have been around for 10 years, finally getting a domain name because of the innovation that that made possible with their customers and their supply chains and so on.
So that to me is the digital economy really happening now. Once you get those sorts of businesses en masse digital, then cyber security becomes a really important topic of conversation. And so the efforts that we make through contracts with our registrars to lift everybody to international standards, because we see that as absolutely essential to an effective digital economy, where everybody can be really confident.
And beyond what we're seeing now of course, there's just tremendous opportunity for innovation. We've seen through the pandemic so many people start up little businesses and do really innovative things in their communities to communicate with each other. We're really keen to support that, but in a secure way. And the issue of cyber security is just one of a number of discussions that we have to have to actually modernise the whole economy, to get the full benefit of a digital economy.
Beyond what we see now of course because say of my work in the education sector and energy sector, I just see enormous potential for innovation through digitalisation in those sectors. So all those solar panels that Aussies have put on their rooftops, the only way we're really going to be able to manage them effectively, to create value for the individuals and the whole system is through the application of Internet and related communications technologies but it's got to be done securely.
Listen to the interview here.