Telstra breached privacy laws


By Andrew Collins
Thursday, 13 March, 2014


Telstrabreachoaic

Telstra breached privacy laws when information on its customers was accessible from the internet in 2012 and 2013, according to the Office of the Australian Information Commissioner (OAIC).

A statement from the OAIC said that between February 2012 and May 2013, information of 15,775 Telstra customers - including the information of 1257 active silent line customers - was accessible from the internet.

An OAIC investigation focused on whether the telco "took reasonable steps to protect customer information from misuse, loss, unauthorised access, modification or disclosure", the statement said.

Privacy Commissioner Timothy Pilgrim found Telstra breached the following National Privacy Principles (NPP):

  • 4.1 - failure to take reasonable steps to ensure the security of the personal information it held.
  • 4.2 - failure to take reasonable steps to destroy or permanently de-identify the personal information it held.
  • 2.1 - disclosure of personal information other than for a permitted purpose.

"This incident is a timely reminder to all organisations that they should prioritise privacy. All entities bound by the Privacy Act must have in place security measures to protect personal information," said Pilgrim.

Following the breach, Telstra agreed to undertake several actions related to software management and personal information handling.

Pilgrim recommended Telstra:

  • engage an independent third-party auditor to certify that Telstra has implemented planned rectifications, and that the certification be provided to the Commissioner by 30 June 2014; and
  • review its Document Retention Policy to ensure it meets the requirements of the Australian Privacy Principles, which apply from 12 March 2014.
Related Articles

Tech Insight: Wayne Harper, Zebra Technologies

In our Tech Insights series, we speak with ICT leaders to get their view on what the year ahead...

Unified comms keeps companies connected

As more and more enterprises finally ditch the PABX for the latest in unified comms, the benefits...

Contact centres still important in the digital age

There are three key reasons why organisations with a contact centre should look to implement a...


  • All content Copyright © 2017 Westwick-Farrow Pty Ltd