Circles.Life penalised $253,000 for public safety failures

UPDATE: Response from Circles Life:
The safety of our customers remains our number one priority and we have a commitment to working with the ACMA to ensure that we are compliant with providing customer information to the IPND. While we have an ongoing priority relationship with both law enforcement and emergency services (who reach out to us directly when they need our support) we acknowledge the importance of the IPND in keeping all Australians safe. We can confirm that not only did we rectify the issue within weeks, we have taken steps to ensure that Circles is never in a situation like this again, including the appointment of an external auditor at our expense and direction. We acknowledge that while the IPND system isn’t perfect, we are committed to working with ACMA and other telcos to make it better, for the benefit of all Australians.

Circles Australia Pty Limited (trading as Circles.Life) has paid a $253,080 infringement notice after the Australian Communications and Media Authority (ACMA) found large-scale breaches of rules intended to protect the safety of Australians.

An ACMA investigation found that mobile service provider Circles.Life failed to provide customer information to the Integrated Public Number Database (IPND) on more than 60,000 occasions between January and August 2022.

The IPND is used by Triple Zero to help locate people in an emergency, for the Emergency Alert Service to warn Australians of emergencies like flood or bushfire, and to assist law enforcement activities.

ACMA Chair Nerida O'Loughlin said Circles.Life's failure to upload customer information to the secure database potentially put its customers' safety at risk.

"It is alarming that Circles.Life had no idea that its customer information was not being uploaded until contacted by the ACMA," Ms O'Loughlin said.

All telcos are required to upload customer details to the IPND for each service they provide under the Telecommunications Act and the IPND industry code.

The investigation uncovered that Circles.Life's IT systems had an error that prevented its IPND data files from uploading. The ACMA also found that the company did not conduct required regular checks of its IPND data that would have alerted it that something was amiss over an extended period.

The ACMA has also accepted court-enforceable undertakings from Circles.Life that require it to have an independent review of its compliance practices for IPND obligations and to make improvements where required.

This action follows Circles.Life paying a $199,800 infringement notice and $100,000 in compensation in August 2022 after an ACMA investigation found consumers had suffered financial fraud due to the telco's failure to have adequate multi-factor ID checks in place.

Since 2018 the ACMA has taken action against 31 telcos for non-compliance with the IPND rules, including giving remedial directions and nearly $4 million in penalties.

/Public Release. This material from the originating organization/author(s) might be of the point-in-time nature, and edited for clarity, style and length. Mirage.News does not take institutional positions or sides, and all views, positions, and conclusions expressed herein are solely those of the author(s).View in full here.