Privacy Breach by a Call Centre Agent

Hi,

Is giving out or confirming a person's address and mobile number to a third party (given that the third party knows the other party) over a phone a massive breach of privacy?

If it gets reported, will the agent be liable or the company?

Poll Options expired

  • 1
    No
  • 32
    Yes

Comments

  • +1

    over a phone a massive breach of privacy?

    it depends on the company. is this a government department?

    • +1

      It's a small private company

      • It's a small private company

        how small?

        • It has an annual turnover >$3M so yes they have responsibilities under PA.

        • @tyvod:

          It has an annual turnover >$3M so yes they have responsibilities under PA.

          that alone doesn't mean that this entity is subject to the act.

        • @whooah1979: Let's assume it's subject to the act.

        • @tyvod:

          Let's assume it's subject to the act.

          we can't assume that. it's either subject to the act or not.

        • @whooah1979: They ARE subject to the act.

        • @tyvod:

          They ARE subject to the act.

          the commissioner will ask the same questions. if that is your answer to them, then don't waste the commissioner's time.

    • Thanks. I know it is a breach of privacy but want to know if it is a serious breach or not (something to be reported or not).

      • Thanks. I know it is a breach of privacy but want to know if it is a serious breach or not (something to be reported or not).

        could you please tell us why you think they've violated the privacy act?

        • Isn't giving out a person's address and mobile number to a third party breach of the act? I just don't know if it is a serious thing or not.

        • +1

          @tyvod:

          I just don't know if it is a serious thing or not.

          we need to know if this entity is subject to the act before we can determine that they've violated the act.

  • +1

    Details would be nice.

    • It's a debt collection agency and tried to confirm the address and mobile number by saying the exact address and the number of an debtor.

      • +5

        Pay your debts.. some people will do anything to avoid paying Sheesh…

        Lol smile ND move on if it's not you.

  • +1

    Is it a debt collection agency calling your current or former employer to try and verify your current address and telephone number?

    If it's that I don't believe it's a breach of privacy.

    • What if it is given out to an individual who just happens to know the debtor?

  • There seems to be a misunderstanding. I'm not the debtor and I'm actually related to the call agent who just started her job as a debt collector. Today she got threatened by a person claiming she'll report her since she breached privacy and she is stressing out a lot ATM. I just didn't know where to get an answer since I've never worked as a call agent and knows nothing about Privacy Act.

    • +5

      Yay, details! Didn't think it was that hard.

      1. You guys should be doing as you're trained, which should be above the law. If she went outside that then it's on her.
      2. She's your colleague? Her manager should be the one to have her back.
      3. I dare say most of your phone calls will be responded with empty threats. Learn to deal with it or it's not gonna be the job for you.
      • Thanks. Yes, I think she shouldn't have said those details but what is done is done. She will learn from the mistake. Hopefully it was an empty threat and if not, doesn't get escalated.
        Just listening to her few other stories, I wouldn't want to work as a debt collector even if they paid me twice as much as I earn.

  • It may well be a breach, but it is vanishingly unlikely the privacy commissioner would take any action beyond a strongly worded condemnation and extracting a promise not to do it again.
    Is that what you are asking?

    • Yes, that's the answer I wanted to know. Thank you.

      • +1

        Not sure why you're being downvoted. You are taking solace in the correct answer :D

        The OAIC will rarely take serious action, unless it was in response to gross breaches through negligence or criminality (eg. selling unredacted patient records in bulk, or leaving them beside a dumpster).
        Your friend was likely just following procedure, or the process they were told to use. If the company choose to take action against them in response to an irate member of the public, they should review thier own processes, rather than take action against thier staff. They are just doing thier job.

  • +4

    Whoever has the debt would have signed up for the loan and provided a contact person name and number for this very reason. Would be all covered in the t&c's that no one reads

  • +1

    OP needs to define what sensitive information was shared with the third part and why, however, based on the scant details OP has offered, I don't believe a breach of privacy has occured. In relation to the Australian Privacy Principles, APP 6 - Use or Disclosure of Personal Information outlines that details can be shared with a third party to facilitate the delivery of services. :
    https://www.oaic.gov.au/agencies-and-organisations/app-guide…

    An APP entity can only use or disclose personal information for a purpose for which it was collected (known as the ‘primary purpose’), or for a secondary purpose if an exception applies. (eg. consent, or a direct need was identified to facilitate a service)

    Heck even the OAIC say they will do that on thier complaints page:

    "We may also disclose your information to others who have information relevant to your complaint, if necessary. If we think we may need to disclose your information to an overseas entity to handle your complaint, we will discuss this with you first."

    If the concern is in relation to the act that it was communicated over the phone, then consideration ought to be made to what legitimate threats could exploit that information…

    The OAIC serve an important role in keeping governance in check, but also try thier hardest to make privacy regulations easy to understand as it's a topic that can turn people into Outrage Olympians. /rant

  • Thanks for the replies guys.
    She's been panicking about the threat but imho I don't think it can be that serious. She said the person who had the email address of the debtor's (which she claimed it's hers despite it has the debtor's name) called and confirmed she knew the debtor. But unfortunately my friend tried to confirm the address and the phone number by actually saying them to her.
    Hopefully she takes this as a valuable lesson.

  • +1

    No sympathy
    These companies buy debt at a tenth of its value then start harrassing everone the debtor knows, even threatening people or harrassing for bills that have allready been paid if they sense easy money
    You go to work for them ,
    you made your bed

    • So you are saying it's ok for people to not pay their bills they owe?

      • Is that what I said ?
        Or you're just looking to express a different opinion?
        We're all ears

        • I've never dealt with a debt collector before and I'm not sure whether they really harass people around a debtor (is it even legally allowed?) but I am pretty sure they won't harass others (if they ever do) if you are willing to pay what you owe or prove you don't owe them.

    • If this is the only way to get people to settle their debts then so be it.

  • As soon as the lenders ask the debtor "so do you have the money?", Debtor sees it as harassment, even if asked politely.

Login or Join to leave a comment