In what should be a surprise to exactly no-one, the Privacy Commissioner and the Australian Communications and Media Authority have today ruled that Telstra breached the Privacy Act and the Telecommunications Consumer Protections (TCP) Code last year when over 730,000 customer names and addresses were posted online.
Telstra accidentally leaked the private details of hundreds of thousands of its customers online in December last year, including names and addresses, and in some instances driver license numbers, usernames and passwords.
Nothing much will likely happen to Telstra, despite the findings that it breached some serious laws and regulations. The ACMA writes:
Where the ACMA finds a TCP Code breach, it can issue the service provider involved a direction to comply with the code or issue or a formal warning. However, it cannot fine or otherwise penalise the provider.
Let this be a lesson to anyone who wants to breach the privacy of its customers that doing so will result in a punishment to the full extent of the law: a polite letter saying that you were rather naughty just now.
It’s not been a good run for Telstra. The GameArena service was breached in May, and most recently, the telco has been forced to sheepishly apologise for collecting the browsing histories of Next G network customers for use in a new filtering product.