SMS ‘confirmations’ put Hyarchis in hot water: ACMA

 

ACMA has released the content of alleged spam SMS messages sent by Hyarchis and suggested that if they had been ‘purely factual’ there may not have been grounds to issue a formal warning.

The Authority has issued a detailed response to claims by Hyarchis’ local agent Peter Pichler that his firm had been the victim of fraudulent web transaction.

Read ACMA’s full response here

Pichler alleged an unknown third party had entered a random mobile number into a Hyarchis-owned online dating website in order to receive free content.

Hyarchis then sent a ‘confirmation’ SMS message to the mobile number on each of the three occasions it was entered into the website.

ACMA has confirmed parts of Hyarchis story, including that the Authority ‘formed the view that the electronic address [mobile number] in question was most likely entered into Hyarchis’ website by an unknown third party’.

However, it appears the content of the messages is what has put Hyarchis into hot water with ACMA.

“Hey what are you up to? Im having a lazy Friday arvo.. feel like going out later tho :) - where are you right now? Hy arch is free message, stop 2 quit,” one SMS reads.

A second similar message was sent a day later: “Hey what are you up to? Im having a lazy Saturday arvo.. feel like going to the pub later tho :) where are you right now? Hy arch is free message, stop 2 quit”

More ‘factual’ confirmation messages sent to the mobile phone number would likely have prevented the formal warning, according to ACMA.

“The Spam Act does not apply to messages that are purely factual as these are not ‘commercial electronic messages’ within the meaning of the Spam Act,” the ACMA spokesperson told iTnews.

“It is feasible that a purely factual 'confirmation' message could be sent to a mobile number entered on to a website to verify consent of the electronic account holder.”

The spokesperson continued, “It is ACMA's view that the messages in question were commercial electronic messages in terms of the Spam Act because they were intended to offer a service and therefore elicit business.”

ACMA said that under the Spam Act, the onus is squarely on Hyarchis to prove that it had the permission to send a ‘confirmation’ message to the number that was not ‘purely factual’.

“[Hyarchis] must adduce or point to evidence that suggests a reasonable possibility that they had consent to send the message,” the spokesperson explained.

“In this case, they were able to point to evidence that an electronic address had been entered in to its website, but not that it had consent from the electronic account holder as required by the Spam Act.”

Pichler claimed that the definitions of ‘factual’ and ‘marketing’ messages were grey areas in the legislation.

“If ACMA sees it as a breach, they have to define where factual ends and marketing begins,” he told iTnews.

However, he also added: “No-one in the [premium SMS] industry sends strictly factual messages like ‘We see you want to subscribe to this service at $6.60 a week’. Nobody does that.

“You operate within the guidelines but try to keep your commercial success as high as possible.”

ACMA also seemed to indicate it had chosen not to throw the book at Hyarchis for the alleged breach.

“It is the intention of the Spam Act to provide ACMA with a range of enforcement options depending on the circumstances and seriousness of the contravention,” the spokesperson said.

“A formal warning enables ACMA to formally indicate its concerns about a contravention and allow for the company to take compliance action to prevent any future contraventions.”

SMS ‘confirmations’ put Hyarchis in hot water: ACMA
 
 
 
Top Stories
Matching databases to Linux distros
Reviewed: OS-repository DBMSs, MariaDB vs MySQL.
 
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
Who'd have picked a BlackBerry for the Internet of Things?
[Blog] BlackBerry has a more secure future in the physical world.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  71%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  10%
TOTAL VOTES: 758

Vote