ACMA slaps Optus
Optus is facing a $1.5 million penalty for public safety oversights.
Optus Mobile Pty Ltd has been fined $1.5 million by the Australian Communications and Media Authority (ACMA) for substantial breaches of public safety regulations.
The investigation by ACMA found that nearly 200,000 customers, associated with the Coles Mobile and Catch Connect brands, were jeopardised, as Optus failed to relay crucial customer information to the Integrated Public Number Database (IPND) from January 2021 through September 2023.
The IPND plays a critical role in Australia's emergency response infrastructure, aiding services like the Emergency Alert system to notify citizens of imminent disasters such as floods and bushfires.
It is also instrumental in providing location details to emergency services including the police, ambulance, and fire brigade during crises.
ACMA's inquiry into Optus' practices started following a compliance audit that spotlighted the telco's lapse in uploading data via its contracted supplier, Prvidr Pty Ltd.
“When emergency services are hindered there can be very serious consequences for the safety of Australians,” said Samantha Yorke, an ACMA member.
She noted that although there were no direct harm cases reported, the prolonged risk exposure was alarming, and that outsourcing does not absolve Optus of its responsibilities.
She called for all telecommunications companies to implement and maintain robust systems that ensure compliance with their obligations. This includes having effective oversight and assurance processes for third-party suppliers.
In response to the infringements, ACMA has accepted a court-enforceable undertaking from Optus.
This undertaking mandates an independent review of its IPND compliance, specifically concerning its use of third-party data providers.
Optus is also required to enact any recommended improvements from the review. Additionally, the telco has been formally instructed to adhere to the IPND industry code.
Should Optus fail to comply with the ACMA's directive or the enforceable undertaking, it might face legal proceedings in the Federal Court, which has the authority to impose penalties of up to $10 million per breach.
The last 18 months have seen ACMA taking action against five telecommunications companies for IPND breaches, accumulating financial penalties exceeding $2 million.
An Optus spokesperson acknowledged the shortfall in meeting community expectations and the lapses in audit and checks that led to the non-compliance.
“We apologise for this and accept that we have not met community expectations,” they said.