Privacy issues in the communications sector are increasingly prevalent as new technology and new applications enter the market, such as social networking and the use of location based information. These new technology privacy issues add to the existing privacy issues in the sector, such as spam, telemarketing and the misuse of silent telephone numbers. Complaints are a vital element in privacy protection – indeed, the entire system of privacy protection in the communications sector is built on the receipt and management of complaints.
This consumer research report, published in September 2010, is authored by the University of New South Wales Cyberspace Law and Policy Centre and funded through ACCAN’s Grant Scheme.
The aim of the study is to analyse and compare common communications privacy complaint paths in order to obtain optimum outcomes for consumers through the development of a more straightforward, fairer system for managing privacy complaints in the sector. The Report examines complaints to the Office of the Privacy Commissioner (OPC); to the Australian Communications and Media Authority (ACMA); and the Telecommunications Industry Ombudsman (TIO).
- Distribution of privacy communications complaints: Annually the OPC receives 110 communications sector privacy complaints, the ACMA receives around 16,000 complaints and the TIO around 5,000. This is partly a natural result of the jurisdiction of the ACMA - as spam and Do Not Call Register complaints will always be the largest categories of privacy complaints in the sector.
- Average resolution times: : The average time for dispute resolution varies between 180 days (OPC), 10 days (TIO), and 5 days (ACMA).
- Shaming of businesses for privacy breaches: The OPC, in contrast to other regulators, has never named a telecommunications organisation that has breached privacy, and there have been no formal determinations against any private sector organisation since 2005. The complete absence of any high profile / high impact enforcement action by the OPC means that business organisations are under no pressure to comply with privacy laws, or to respond to complaints quickly. As no organisations are ever named by the OPC, there is no potential for adverse publicity.
- Where to go for compensation or an apology: If a complainant is seeking compensation and / or an apology, they should use the OPC or the TIO - not the ACMA.
Improvements in complaint resolution times by the Office of the Privacy Commissioner;
- Frank and consistent information given to consumers, especially regarding resolution times;
- Collection of demographic profiles of complainants to better target services;
- Better coordination between the three complaints bodies;
- Consistent messages to complainants on where to complain, and to industry on compliance;
A full range of regulatory tools and remedies on offer and used – any privacy complaint in the communications sector lodged with any complaints body should be able to achieve all of the outcomes that are desirable in a best practice regulatory environment: compensation for the individual; an apology for the individual; prompt correction or removal of personal data; a change to business practice at the individual company; a change to broader industry practice for systemic issues; occasional naming of individual companies as a warning to other consumers and a lesson for industry; and occasional enforcement action in order to promote compliance.
Download: Communications Privacy Complaints: In Search of the Right Path [Adobe Acrobat PDF - 1010.62 KB]
Download: Communications Privacy Complaints: In Search of the Right Path [Word Document - 545 KB]
See Tip Sheet: Privacy complaints: who can you turn to?