Optus, the Australian telecom firm owned by Singapore Telecommunications, has been slapped with a fine of A$1.5 million ($977,250) by the Australian Communications and Media Authority (ACMA) for significant breaches of public safety regulations concerning emergency services. The announcement was made by ACMA on Wednesday.
An investigation conducted by ACMA uncovered violations by Optus, impacting approximately 200,000 of its mobile customers. The breaches occurred between January 2021 and September 2023, during which Optus failed to upload essential customer information to the Integrated Public Number Database (IPND), a crucial database utilized by emergency services.
The IPND serves as a vital tool for disseminating emergency alerts, including text messages during disasters like floods, and provides crucial information to local authorities such as police, fire brigades, and ambulance services.
ACMA member Samantha Yorke expressed concern over Optus’ non-compliance, highlighting the risk it posed to a significant number of customers over an extended period. Yorke stated that although there were no reported direct harms resulting from the breaches, the scale and duration of Optus’ non-compliance were alarming. The investigation was initiated following indications from a compliance audit suggesting Optus’ failure to fulfill its data uploading obligations.
In response to the findings, a spokesperson for Optus issued an apology, acknowledging shortcomings in their auditing and compliance procedures related to IPND obligations. The company has accepted ACMA’s findings and committed to an “Enforceable Undertaking,” which includes an independent review of their processes to ensure compliance with IPND obligations going forward.
This incident comes amidst a series of challenges for Optus, including a major outage in November that left nearly half of Australia’s population without internet or cell phone services. The outage prompted further scrutiny and led to the departure of the company’s CEO.