Phil Britt (Aussie Broadband)
Errors in its reporting software has seen Aussie Broadband slapped with a $213,120 fine after the Australian Communications and Media Authority (ACMA) found it failed to load customer information onto the Integrated Public Number Database (IPND), in breach of ACMA's rules.
An ACMA investigation found Aussie Broadband failed to provide customer information to the IPND on more than 30,000 occasions between November 2021 and May 2022.
The IPND is used by Triple Zero to help locate people in an emergency, for the Emergency Alert Service to warn of floods or bushfires and to assist law enforcement activities.
ACMA Chair Nerida O’Loughlin said Aussie Broadband’s failure to upload customer information to the secure database was unacceptable and potentially put its customers’ safety at risk in an emergency.
“While we are not aware anyone was harmed due to the breaches, it is alarming that Aussie Broadband did not have effective processes in place to identify that its customer information was not being provided for over six months,” O’Loughlin said.
“While the breaches should not have occurred, we are pleased to see Aussie Broadband moved quickly to upload the missing data once it was brought to its attention and has taken steps to comply in future.”
As a result of ACMA’s investigation, Aussie Broadband uncovered and rectified errors in its reporting software, which was identified as the lead cause of the infringement.
In a statement Aussie Broadband said it had procedures in place to ensure compliance with IPND requirements, but a software failure was not detected as part of its normal compliance procedures.
As a result, it has now implemented further redundancy measures, error notifications, independent monitoring and regular audits to ensure compliance.
“We are deeply sorry that this software failure went undetected leading to inaccurate records in the IPND database,” Aussie Broadband managing director Phillip Britt said. “While we had several checks and balances in place, these did not go far enough and I’m confident that our new compliance checks will ensure this never happens again”.
Prior to the ACMA completing its investigation, Aussie Broadband moved quickly to overhaul its internal compliance processes to ensure IPND data is updated and reconciled in the correct manner.
Under the Telecommunications Act and the IPND industry code all telcos are required to upload customer details to the IPND for each service they provide.
The ACMA has also given Aussie Broadband a direction requiring ongoing compliance with the data rules or risk further action, including landing in court where it could face penalties of up to $250,000 per breach.
Since 2018, the ACMA has taken action against 30 telcos for non-compliance with the IPND rules, including giving remedial directions and nearly $4 million in penalties.
