Australia’s largest telcos are putting the public at risk by failing to properly update emergency databases amid a string of fines by the regulator, a leading expert warns.

Embattled telco Optus became the latest company to be slapped with a penalty on Wednesday when the industry regulator ACMA fined it $1.5 million for “large-scale breaches of public safety rules”.

It comes after earlier fines against Telstra and smaller brands such as Circles.Life and Aussie Broadband – all related to failings with the Integrated Public Number Database (IPND), which is used by emergency services to locate people or warn them about disasters.

ACMA has uncovered widespread non-compliance with laws that require telcos to submit numbers into the database and update it when customers make changes to their plans.

Telecommunications consultant Paul Budde called the failures “dangerous”, saying that Australians are coming to terms with the growing importance of telecoms infrastructure.

He said an outage of Telstra’s triple zero system late last week is another example of a critical service going down due to failures that telcos should do a better job of preventing.

“The reality is these are weak systems, these are not perfect systems,” Budde explained.

“This is not going away, there will be more and more of these issues going forward.”

Gareth Downing, acting chief executive at the Australian Communications Consumer Action Network (ACCAN) said its “critical” that emergency services have updated data available.

“This is a really critical database that includes really important information for public safety,” he said.

“We’re really concerned where there are failures to upload data in a timely way.”

Why has it happened?

Telcos are required to feed information into the IPDN daily, including updating contact information from customers that have changed their numbers or moved to a new telco.

But a series of investigations by ACMA shows many telcos haven’t been doing their jobs, including major players like Telstra and Optus, but also Circles.Life and Aussie Broadband.

In the case of Telstra and Optus, several breaches have occurred around subsidiary or third party brands, which work within the networks of each telco but are marketed separately.

This includes the Coles Mobile and Catch Connect services, which are run through Optus.

A report on ACMA’s investigation of Optus reveals a more than two-year period across which Optus failed to provide data for customers on these plans.

It meant that the IPND manager did not get the information it requires to update the emergency database almost 200,000 times between January 2021 and September 2023.

Optus deflected the blame to an “error” in the processes of its partner businesses, saying that “a manual validation step resulted in discrepancies during the upload process”.

But that doesn’t explain why this continued for several years, with ACMA noting that liability for the failures ultimately rests with Optus, meaning they’re required to ensure it’s working.

ACMA’s earlier investigation of Telstra uncovered a similar lack of oversight over IPND rules, with the telco admitting that it stopped checking error reports for its Belong brand in 2017.

Telstra was fined $2.5 million fine over IPND breaches in 2021 and then another $303,000 fine late last year after the regulator found it still hadn’t fully cleaned up its act since then.

Downing said a public review into the penalty arrangements for such breaches is needed to ensure the industry is incentivised to clean up its act before a more tragic situation occurs.

“It’s not just a resourcing issue, it’s a function of placing a real focus on the processes and the redundancy in place under those processes to actually drive compliance,” he explained.

Budde said widespread non-compliance with the IPND rules showed regulations aren’t tight enough and that fines need to be increased to push telcos to invest more in their systems.

He said Optus, in particular, had attempted to “pass the buck” with its most recent excuse.

“The cost to our society and our economy can be enormous, and therefore the penalty needs to be enormous,” Budde said.