The Telecommunications Industry Ombudsman has begun receiving complaints from consumers experiencing difficulties in obtaining data held by their service providers under Australia’s mandatory data retention laws.
The telecommunications industry umpire revealed it has received a small number of complaints from customers about requests for metadata that have not been actioned by retail service providers.
Customers have also complained they have not received clear advice from RSPs about how to place a request for their metadata.
In response to the issues, the TIO posted an update outlining how it handles complaints relating to metadata requests.
A TIO spokesperson told iTnews under the privacy principles, RSPs must provide any personal information they hold about an individual unless an exemption applies.
“An individual can generally access personal information that an organisation holds about them, and depending on the circumstances of the complaint, some metadata may be considered personal information,” the spokesperson said.
“There may be different circumstances depending on each case, and these are outlined in the legislation.
“By flagging [the issue] early, we want consumers and providers can be clear about what information consumers may be entitled to request from their providers.”
The spokesperson said there was not enough data at this point to suggest the issue was a trend for any particular carriers.
“Telcos are supposed to hand over the retained data relating to their customer on request under the privacy act, however as yet they may not have their data retention system in place,” a spokesperson for consumer advocacy group ACCAN told iTnews.
“Information relating to other parties will not be included as it would breach their privacy. Telcos are also able to charge a fee for access.”
Australia’s data retention laws came into force in October last year, with the Labor and Liberal parties uniting to wave the bill through the Senate after accepting 39 recommendations made by a joint parliamentary committee.
Among the changes to the original proposal was a provision to allow individuals to access their personal data, with service providers allowed to charge a cost recovery fee.