Optus has been fined more than $1.5 million for failing to provide customer details to a public safety scheme.

The Australian Communications and Media Authority (ACMA) announced the $1,501,500 penalty for Optus on Wednesday for the large-scale breach of emergency services rules, saying the telco giant’s behaviour was “alarming”.

An investigation by the watchdog found that Optus did not provide the necessary details of nearly 200,000 of its customers to the Integrated Public Number Database (IPND) across nearly three years from the start of 2021.

The IPND is used by critical services such as the Emergency Alert service to warn people of disasters such as bushfires and floods, and by Triple Zero operators to provide location information to police, ambulance and fire authorities in an emergency.

Under the scheme, telecommunications must provide customer phone numbers, names, services and directory addresses to the IPND, which is operated by Telstra.

ACMA found that Optus failed to do this for 197,985 customers supplied under the Coles Mobile and Catch Connect brands.

‘Alarming’

The investigation was launched after a compliance audit found Optus had failed to provide data through its outsourced provider, Prvidr Pty Ltd.

“When emergency services are hindered there can be very serious consequences for the safety of Australians,” Yorke said.

“While we are not aware of anyone being directly harmed due to the non-compliance in this case, it’s alarming that Optus placed so many customers in this position for so long.”

The responsibility was still on Optus to provide this information to the IPND despite the services being outsourced, Yorke said.

“Optus cannot outsource its obligations, even if part of the process is being undertaken by a third party,” she said.

“All telcos need to have systems in place that ensure they are meeting their obligations, including having robust oversight and assurance processes for third-party suppliers.”

Optus has also accepted a court-enforceable undertaking requiring an independent review of its compliance with the IPND scheme where it uses a third-party data provider, and to accept any recommendations emerging from this.

If it fails to do so or again fails to comply with the IPND, ACMA may commence proceedings in Federal Court, which could see the imposition of a fine of $10 million per breach.

In the last 18 months ACMA has taken action against five telcos for similar breaches of the IPND scheme.

The latest fine against Optus is by far the largest imposed out of these, with a total of $2 million in penalties dished out.

Failed 000 calls

The public services breach comes after revelations that nearly 2,700 Optus customers had attempted to call Triple Zero but were unable to do so during the telco’s national outage of phone and internet services in November last year.

Optus initially told a Senate Hearing that 228 Triple Zero calls failed during the outage, and that the company had performed welfare checks on all of those individuals.

But in January the company was forced to reveal that this number was actually 2,679, with Optus admitting it made a significant error with the first figure.

An outage in Optus’ major network led to 10.2 million Australians and 400,000 businesses being unable to access phone and internet services.

Optus later said this was caused by “changes to routing information from an international peering network” following a “routine software upgrade”

Interim Optus CEO Michael Venter said the outage was a serious failure that “did not meet the standards [of its] customers and the community”.

“I offer my deepest apologies to all those customers who were unable to access Triple Zero services during the outage and did not receive a follow-up check from us,” Venter said.

“We are writing to each customer individually to apologise for this and provide the opportunity to discuss their specific circumstances and whether there is anything we can do to assist them further.”