Your number could have been stolen: ACA

Personal details of telecommunications customers may have been used unlawfully by businesses to create user 'profiles', according to the Australian Communications Authority (ACA).

Dr Bob Horton, acting ACA chairman, said that the current use of telco customer data appeared to go beyond what was allowed under existing legislation. The ACA has proposed new measures to prevent unauthorised commercial use of the information.

Telecommunications customer's personal details are stored in an industry-wide database called the Integrated Public Number Database (IPND) and in databases used for phone directories -- databases that can only be used for 'approved' purposes.

Horton said that there was evidence that customer information was being collected by public number directory producers and collated with data drawn from other sources to create consumer 'profiles'.

“In fact, our investigations indicate that databases are being created and maintained based on information provided by customers to their telecommunications service providers," he said.

“These databases are then sold to other companies for direct marketing and other commercial activities," he said.

“In the ACA's opinion, this is not only a breach of existing law but also outside what customers providing personal information expect to happen.”

Horton added that many telecommunications customers were not specifically warned about all the possible uses and disclosure of the personal information provided to telcos.

The proposed measures to improve privacy could include obtaining customer consent, restricting database access to specific entities and tighter specifications on how customer information can be used.

The ACA was calling for submissions on the proposed regulatory options from interested individuals, groups and industry bodies.  Submissions close on 30 April 2004 and the discussion paper (released 18 March) is on the ACA website.