Skip to main content

Telcos directed to comply with customer data obligations


27 February 2019

The ACMA has directed 11 telecommunications providers to comply with their obligations that support emergency services across Australia. ACMA investigations found the telcos had failed to provide data, or provided inaccurate data, to the Integrated Public Number Database (IPND).

Telcos must provide specific customer information, including phone numbers and addresses, to the secure IPND industry database used to assist the emergency call service (Triple Zero), the emergency alert system, and law enforcement and national security agencies.

‘While the ACMA is not aware of any specific instances of harm caused by the missing or inaccurate information, the scale of the issue and its potential impact on emergency services is very concerning,’ said ACMA Chair Nerida O’Loughlin.

In total, there are approximately 72 million connected numbers on the IPND. The recent ACMA investigations found the majority of the breaches of the Telecommunications Act and the IPND industry code concerned Singtel Optus Pty Limited (Optus), Telstra Corporation Limited (Telstra) and Vodafone Australia Pty Limited (Vodafone).

‘The ACMA has taken steps to ensure telcos prioritise remediation of their records and that the underlying causes of the breaches are identified and addressed,’ added Ms O’Loughlin.

The telcos have been directed to undertake independent audits of their processes, conduct data reconciliations and comply with the IPND Code. Optus, Telstra and Symbio have also been directed to address outstanding missing and inaccurate records.

‘We’ll be looking very closely at the reconciliations and independent audit results and will consider further action if needed,’ said Ms O’Loughlin.

Telcos face penalties of up to $10 million if they fail to comply with the remedial directions, and up to $250,000 for the directions to comply.

MR 5/2019

For more information, please contact ACMA Media on 0438 375 776 or

Back to top