Privacy Law and Policy Reporter
Holly Raiche, who represents the Consumers Telecommuncations Forum (CTN) on the Australian Communications Industry Forum (ACIF) Working Committee on the Integrated Public Number Database, reported in an earlier issue on the establishment of the committee and its initial agenda. ((1997) 4 PLPR 113). The story continues:
Three main privacy issues have emerged from the IPND (Integrated Public Number Database) Working Committee (the committee) meetings: how to adequately confine who may access the IPND data; how to confine the use of that data by those who access it; and how to construct a compliance system to underpin any IPND Code of Practice (Code) that results from the committee deliberations.
Original committee deliberations worked on the premise that ‘data users’ — those who can rightfully claim access to IPND data — would be confined to carriage service providers (CSPs). (IPND data can also be accessed for emergency service, law enforcement and revenue protection reasons under Telstra’s licence) After committee deliberations, however, it was realised that non-CSPs could also access IPND data. The challenge for the committee now is to establish sufficient criteria to ensure that only those entitled to IPND data, including carriers, CSPs or those with a bona fide intention and ability to provide public number related services will be given that data.
The condition of Telstra’s licence which requires it to provide and maintain an IPND defines ‘approved purpose’ for which the data can be used. An ‘approved purpose’ can include provision of directory assistance services, provision of operator services or operator assistance services, publication of public number directories, provision of location dependent carriage services, as well as for purposes of emergency services, law enforcement and national security, or other purposes determined by the ACA (Australian Communications Authority). The task for the committee here is to tie any use of the data directly back to public numbers, excluding purposes not directly related to the functions of the IPND.
Part 13 of the Telecommunications Act 1997 (the Act) which provides some protection for the use of IPND data only applies to carriers, CSPs, their employees and an IPND manager or contractor. It would not cover non-CSP providers of directory assistance services or directory publishers. Therefore, the committee will be looking at how to ensure as much compliance as possible with the final IPND Code of Practice, how to provide sanctions for non-compliance and how to provide avenues for redress for individuals.
Once a Code is registered by the ACA (under s 117 of the Act) the ACA may direct compliance with the Code provisions, and failure to comply is a breach of the Act which attracts civil penalty provisions (s 121 of the Act). Those directions can be levelled not only at Code signatories but at other ‘participants’ in that ‘particular section of the telecommunications industry’. The difficulty is that non-CSP users of IPND data may not be considered as a ‘section of the industry’ under the s 110 definition. One way to handle that issue may be to have the ACA, under s 110(3) determine that users of IPND data, as defined in the IPND Code, are to be declared as a section of the industry. This would ensure that all users of IPND data, whether Code signatories or not, could be subject to ACA directions on Code compliance, and civil penalties for non—compliance.
The Telecommunications Industry Ombudsman (TIO) has also proved a very valuable body in handling telecommunications complaints of consumers. However, the TIO’s jurisdiction and membership may not extend to organisations or persons who are not carriers or service providers, and the committee has sought clarification from the TIO on whether or how it might handle disputes relating to IPND data.
There are major issues ahead for committee deliberation. However, there has been a good deal of cooperation and agreement among committee members, and a common hope that the Code will be finalised by the end of June 1998.
Holly Raiche, Communications Consultant.