In the wake of the Optus data breach, amendments to the Telecommunications Regulations 2021 were introduced in October 2022. They enable telcos to disclose certain customer data to financial institutions (generally banks), the Commonwealth, and States and Territories, in order to manage the risks of malicious cyber activities.
Other changes enable telcos to provide government agencies with information to help prevent fraud. The changes will apply for 12 months and will then be reviewed by government, with no parliamentary discussion required.
However, requesting personal information carries additional privacy considerations that government entities need to be aware of.
What can government do under the amendments?
The amendments allow telcos to temporarily share certain government identifier information such as driver licence, Medicare and passport numbers with regulated banks and the Commonwealth and States and Territories. The information may be requested to:
The regulations include safeguards to ensure customer information is only made available for the purposes above. In addition, certain security requirements must be met, including that information or documents:
The provisions also allow the government entity requesting the information to share it with an associate (for example, a related company or contractor), ..
Support the originator by clicking the read the rest link below.