Warning this article may contain opinions of the author that you and iTWire don't necessarily agree with. Don't let them get away with it - have your say with a comment!

No. 1 Story

Construction needs cloud flexibility

Australia’s embattled construction sector could benefit from cloud based information systems that can be switched on and off in lockstep with individual projects – with the exception of those organisations based in remote areas like the Kimberleys.

read more

More From

Popular Threads

Vodafone found to have breached the Privacy Act

Stuart Corner
Wednesday, 16 February 2011 14:02

Opinion and Analysis

View Comments
Page 1 of 2

Vodafone/VHA seems to have come off lightly from the Privacy Commissioner's investigation into the alleged leak of confidential customer information, but the Commissioner has not answered all the questions.

Back in January the Sydney Morning Herald broke the story, and created a huge kerfuffle with a report claiming that "The personal details of millions of Vodafone customers, including their names, home addresses, driver's licence numbers and credit card details, have been publicly available on the Internet in what is being described as an 'unbelievable' lapse in security by the mobile phone giant."

The Privacy Commissioner launched an investigation and in the report of that investigation concluded that no customer details had been posted on the web and that what the SMH had reported was someone using a password, which quite possibly they held legitimately, to access the Vodafone in-house system remotely over the Internet.

Vodafone even got off the hook on one possible breach of privacy legislation - "organisations must only use or disclose personal information for the primary purpose for which it was collected" - on the grounds that "the login of a VHA owned store was used to show an individual what information the Siebel system held about them as a way of demonstrating the type of information the system holds about its customers. Information gathered during the Privacy Commissioner's investigation indicates that this demonstration was done with the consent of the individual." In other words the only record the SMH reporter saw was her own, so there was no breach of anyone's privacy.

But what about that claim: "[The SMH] is aware of criminal groups paying for the private information of some Vodafone customers to stand over them. Other people have apparently obtained logins to check their spouses' communications."

Vodafone did admit its investigation had revealed that "a small number of staff may have breached Vodafone's internal policies relating to the appropriate use of login IDs and passwords." Sufficient at least to create the possibility that the standovers and snoopings alleged by the SMH had taken place, but nothing on that in the Privacy Commissioner's report.

Where the Commissioner did come down hard on Vodafone (well has hard as he could, the Privacy Act does not currently allow for sanctions to be imposed following an investigation initiated by the Privacy Commissioner) was over its security policies as a whole.

CONTINUED

Need all the latest news on telecommunications?
If telecoms is your business: you'll find in-depth, industry-specific news, analysis and commentary in ExchangeDaily
Check out a recent edition (no forms to fill in) or take a free trial



Start 1 2 Next 

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases