Optus Penalised $1.5M For Public Safety Failures
Optus has been fined $1,5M after the Australian Communications and Media Authority (ACMA) found large-scale breaches of public safety rules.
An investigation by the ACMA found that Optus left almost 200,000 customers “at risk” by failing to upload required customer information to the Integrated Public Number Database (IPND) between January 2021 and September 2023.
The IPND is used by critical services like the Emergency Alert service to warn Australians of disasters such as flood and bushfires, and by Triple Zero to provide location information to the police, ambulance and fire brigade in an emergency.
ACMA member Samantha Yorke said that the hinderance of emergency services can lead to “very serious consequences for the safety of Australians”.
“While we are not aware of anyone being directly harmed due to the non-compliance in this case, it’s alarming that Optus placed so many customers in this position for so long,” she said.
“Optus cannot outsource its obligations, even if part of the process is being undertaken by a third party.
“All telcos need to have systems in place that ensure they are meeting their obligations, including having robust oversight and assurance processes for third-party suppliers.”
The ACMA has also accepted a court-enforceable undertaking from Optus that requires an independent review of its IPND compliance where it uses a third-party data provider.
Australia’s second-largest telco is also obligated to make any improvements recommended by the review, and has been formally directed to comply with the IPND industry code.
If the ACMA finds that Optus fails to comply with the direction or the enforceable undertaking, it may commence proceedings in the Federal Court, which can order penalties up to $10 million per breach or make orders in relation to the undertaking.
Over the past 18 months the ACMA has taken action against five telcos for IPND breaches, with financial penalties totalling more than $2 million.