The Office of the Australian Information Commissioner (OAIC) has released the findings of its investigation into a mailing list error by Telstra Corporation Limited (Telstra) which resulted in approximately 60,300 Telstra customers’ personal information being sent to other customers.
The investigation concluded that investigation has confirmed that while Telstra breached the Privacy Act when the personal information of a number of its customers was disclosed to third parties, this incident was caused by a one-off human error. An employee inadvertently used the wrong data table, which resulted in inaccurate address information being recorded on a campaign mailing list.
The Privacy Commissioner concluded that Telstra had not breached the requirement to take reasonable steps to protect information. The Commissioner was satisfied that this incident occurred due to human error rather than any systemic failure of Telstra’s processes or procedures.