In light of the mobile phone hacking scandal in the UK the Office of Irish Data Protection Commissioner (“ODPC”) is taking action to ensure mobile phone companies in Ireland review the security terms on which they offer remote access to voice messages to their customers.

Mobile phone messages can be accessed from another phone by dialling the digit five between the network code and the remainder of the mobile number, and then entering a Pin number.  The service forms part of a standard mobile phone package but is not used by many.  Issues arise when the owner of the mobile phone fails to change the default Pin supplied with the phone.  These Pins can be hacked and stored messages can be accessed by third parties.

There is an onus on the mobile phone companies to keep the information in their customers’ message banks secure.  The Data Protection Commissioner (“DPC”) has been in talks with some of the major mobile phone operators in Ireland with a view to eradicating this security risk to mobile users.  The DPC has suggested that this message service might be offered to customers on an “opt-in” basis where the onus is on the operator to seek the explicit consent of the user to activate the messaging service for them.

In a statement the DPC also mentioned that “there are other solutions which we have already discussed with the mobile operators and which they are bringing to the table which will likely achieve the same objective”.  He did not elaborate any further.  We will no doubt hear more on this issue shortly.

Contributed by Leo Moore & Brian McElligott