The Australian Communications Authority (ACA) is planning to introduce mandatory standards governing the use of customer information by telecommunications companies.
Releasing a discussion paper titled, Who's Got Your Number? Regulating the Use of Telecommunications Customer Information, an ACA said it is proposing the new measures to prevent unauthorised commercial use, including direct marketing, of personal data.
The standards will apply to customer information when it is made available for directories and could lead to the introduction of consent requirements restricting the information to specific entities and strict specification on the way information can be used.
Under existing regulations, the personal details of telecommunications customers are collected and stored in the Integrated Public Number Database (IPND)—an industry-wide database of all listed and unlisted telephone numbers — and databases used for telephone number directories.
Data in the IPND is protected under the Telecommunications Act and can only be used for approved purposes including the operation of the 000 emergency call service, investigations by law enforcement and national security agencies, providing directory assistance and producing telephone directories.
Acting ACA chairman Dr Bob Horton said there was evidence that customers’ information was being collected by public number directory producers and collated with data drawn from other sources to create consumer ‘profiles’.
“Current use of telecommunications customer data appears to go beyond what is allowed under existing legislation,” Dr Horton said.
“In fact, our investigations indicate that databases are being created and maintained based on information provided by customers to their telecommunications service providers.
“These databases are then sold to other companies for direct marketing and other commercial activities.
“In the ACA’s opinion, this is not only a breach of existing law but also outside what customers providing personal information expect to happen.” Dr Horton said many telecommunications customers were not specifically warned about all the possible uses and disclosure of their personal information when they provided it to their telecommunications company.
The ACA is calling for submissions on the proposed regulatory options from interested individuals, groups and industry bodies. Submissions close on April 30, 2004 and the discussion paper is available on the ACA Web site.