ACMA targets Telstra over privacy breach
- 08 October, 2012 12:54
ACMA has directed Telstra to comply with a privacy clause in the Telecommunications Consumer Protections Code (TCP) following the telco’s breach of the code for over eight months last year.
Telstra was found to be in breach of the code by ACMA and also in breach of the Privacy Act when customers' personal information in its database was made publicly available from 29 March, 2011 to 9 December, 2011.
Customer names and phone numbers were made public and in some cases, customers’ dates of birth, drivers' licence numbers and credit card details were also made available. Up to 734,000 customers were affected.
It is the first direction given by ACMA under the revised code since it was registered 1 September this year.
The TCP code aims to protect customers from unexpected charges, sort out confusing mobile plans and improve the handling of customer complaints. It applies to all telecommunications providers, including ISPs and landline and mobile carriers.
New powers given to ACMA include being able to force companies to ensure pricing information is clear on advertising; improve information on plans; improve complaint handling; and increase transparency around billing and expenditure.
“Put simply, if a provider breaches the code, you can expect us to direct it to comply,” Chris Chapman, ACMA chairman, said in a statement.
“Given Telstra has proactively taken steps to remedy its processes with a view to preventing such an incident from happening again, a direction with respect to the specific code provision is the appropriate measure.”
If Telstra fails to comply with the privacy clause in the TCP code, ACMA could talk the telco to court and seek a pecuniary penalty.
Follow Stephanie McDonald on Twitter: @stephmcdonald0
Follow Computerworld Australia on Twitter: @ComputerworldAU
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- Six Strategies That Lead to Business-Critical Virtualisation
- Legal Compliance in Electronic Record Keeping
- Guiding the Cloud Application Decision with the IBM Cloud Transformation Advisor
- Leading Through Connections – Insights from the Global Chief Executive Officer Study
- Webroot® SecureAnywhere™ Business - Endpoint Protection Overview
Why change management doesn’t work
Larry Page wants to see your medical records
Dual-Persona Smartphones Not a BYOD Panacea
After two-year hiatus, EFF accepts bitcoin donations again
CIOs struggle to deliver timely mobile business apps: survey
Endpoint Security and Virtualisation
Besides form factor, virtual systems are not really that different than physical systems. They both use the same operating systems and applications. They both present users with computing resources such as RAM and hard drives. Consequently, the ability to exploit vulnerabilities in a physical environment will present a significant threat to virtualised environments as well. This paper examines the different endpoint security methods for virtualised environments and presents how Endpoint Protection security provides optimal performance, protection and manageability.
Staying Ahead of the Data Explosion
The total volume of data being processed and stored by businesses is rising exponentially. IDC has estimated that the size of the "digital universe" will increase 29 fold between 2010 and 2020. Data storage technology has undergone a steady increase in capacity, along with a steady decline in the cost per unit to store information. Unfortunately, data storage capacity is not keeping pace with data growth and necessitating greater intelligence in the storage infrastructure. Read more.
New Demands for Real-time Threat Management
Many organisations are evaluating a new security model based upon IT risk management best practices. This is a good idea, but not enough for today’s dynamic and malevolent threat landscape. To keep up with IT changes and external threats, large organisations need to embrace two new security practices: real-time risk management for day-to-day security adjustments and real-time threat management to detect and remediate sophisticated, stealthy, and damaging security breaches (i.e., advanced persistent threats, or APTs). Learn more.