Aussie Broadband is the latest Australian telco to be hit with an ACMA fine over ‘large-scale’ breaches of emergency alert service rules that every operator in the country must adhere to.
An investigation by the Australian Communications and Media Authority (ACMA) found Aussie Broadband failed to provide customer information to the Integrated Public Number Database (IPND) on more than 30,000 occasions between November 2021 and May 2022.
The IPND is a record of most Australian phone numbers and owner details, including customer name, service type and address. It has listed and unlisted phone numbers. Telcos are legally required to send a Public Number Customer Data record to the IPND for each service they provide using a public number. The IPND is used by Triple Zero to help locate people in an emergency, for the Emergency Alert Service to warn of emergencies like flood or bushfire and to assist law enforcement activities.
But at Aussie, the ACMA said, there was ‘large-scale’ breaches of this requirement.
The telco has paid a $213,120 infringement notice to settle the matter.
In a statement, ACMA chair Nerida O’Loughlin said Aussie Broadband’s failure to upload customer information to the database was “unacceptable and potentially put its customers’ safety at risk in an emergency”.
“While we are not aware anyone was harmed due to the breaches, it is alarming that Aussie Broadband did not have effective processes in place to identify that its customer information was not being provided for over six months,” she said.
“While the breaches should not have occurred, we are pleased to see Aussie Broadband moved quickly to upload the missing data once it was brought to its attention and has taken steps to comply in future.”
Aussie said that as a result of the ACMA’s investigation, it has uncovered and rectified errors in its reporting software, which was identified as the lead cause of the infringement.
“Whilst Aussie Broadband had procedures in place to ensure compliance with IPND requirements, a software failure was not detected as part of our normal compliance procedures,” it said in a statement. “We have now implemented further redundancy measures, error
notifications, independent monitoring and regular audits to ensure compliance.”
Aussie Broadband managing director Phillip Britt also took the opportunity to apologise to customers.
The ACMA has also given Aussie Broadband a direction requiring ongoing compliance with the IPND rules or risk further action, including landing in court where it could face penalties of up to $250,000 per breach.
Since 2018, the ACMA has taken action against 30 telcos for non-compliance with the IPND rules, including giving remedial directions and nearly $4 million in penalties. Lycamobile in June was the most recent case.