I'm just looking through the bill and noticed that as well as targetting anyone who provides an electronic service that has one or more users in Australia, or anyone who develops software used in such a service, it also targets anyone who "manufactures or supplies components for use, or likely to be used, in the manufacture of a facility for use, or likely to be used, in Australia". So they can also demand that equipment manufacturers insert back doors. Manufacturers may just ship their compromised hardware worldwide, for convenience when other governments demand the same service.
The law seems to permit them to target people outside Australia suspected of violating foreign laws, possibly at the request of a foreign government. So the US, for example, could ask Australia to use its new powers to force a Chinese manufacturer to help bug a US resident, if I'm interpreting it right.