Australian Privacy Foundation
Submission to A.C.A. re ENUM

2 November 2002

This document is at

Mr Neill Whitehead

Manager, Numbering

Australian Communications Authority

PO Box 13112

Law Courts



2 November 2002

Dear Mr Whitehead

Thank you for the opportunity to make a submission on the "Introduction of ENUM in Australia - Discussion Paper", dated September 2002.

The Australian Privacy Foundation has given considerable thought to the Privacy issues related to the ENUM proposal since it was first muted. ENUM would of course have to comply fully with:

However, our concerns go well beyond strict compliance with the current law, which is only partially adequate to protect privacy in the context of this proposal. In particular, we wish to ensure that individuals are able as far as possible to conduct anonymous transactions (see National Privacy Principle 8), and full rights to service for consumers who choice to exercise their full rights not to participate in ENUM. The trend of organisations to deny service to individuals exercising their rights to privacy is a major concern for the Foundation.

The Foundation is particularly concerned by the provision of an "address" with greater meaning and potential for identification of individuals undertaking multiple forms of communication via varied means. The risk of tracking and obtaining a full range of information about an individual undertaking normal activities and tasks is exacerbated by the use of ENUM.

Members of the Foundation perceive a conflict on interest for any organisation retaining a database comprising a unique identifier for an individual that can then be used for other purposes (eg a single, (reversed?) land line phone number used for fax, mobile and internet communications).

Many people have silent private home numbers but public business and mobile numbers, and personal and public and anonymous internet addresses for different purposes. Which phone number would be used for linkage purposes? Which internet address would be linked? How would the differentiation of uses of different addresses be maintained?

Foundation members are not convinced by the merits of ENUM as submitted in the Discussion Paper. There seems little consumer demand. For example:

What consumer benefits balance the risk of increased surveillance?

1. What are the advantages or disadvantages of a single entity running the registry function for ENUM in Australia?

The main advantage of a single entity running the registry relates to the allocation of full responsibility for security and privacy. This entity would be legally accountable for any breaches.

This entity must be totally independent of any other organisation and completely separated from any commercial interest in the database, or sale or management or oversight of existing telephony or internet communication services.

The single entity would be required to maintain the integrity and quality of the database. Updated data about users and their communication links would be required to occur on a nearly "real time" basis in order to prevent disruption to services. New users must be registered and "retiring" users removed rapidly.

Changes in data would preferably need to be sourced from users of ENUM rather than a third party to ensure the appropriate permissions to use/exchange data from different sources and services providers are obtained.

The cost of the services would need to be met only by the users of the service and not by a "tax", "levy" or other price adjustment on any non-user of ENUM.

2. What costs and benefits would a multiple registry model provide for consumers?

Multiple databases would be preferable only because from a security and privacy viewpoint personal information cannot be accessed via a single source. However this separation makes accountability for breaches more difficult to apply.

Multiple registries increase the risk of errors and poor data quality. Extensive datamatching and checking would be required to avoid mismatch. A major cost to users would relate to the loss of privacy and loss of control over the exchange of personal information from service providers to the ENUM database. There is a risk of misallocation of numbers to individuals and additional errors in billing.

3. Should there be a formal separation between the registry and registrar functions for ENUM implementation in Australia? If so, how should this separation occur?

The Registrar functions associated with ENUM require further clarification. The extent of these functions depends on whether a strong model of identity verification is required.

A list of the issues that could be considered by ACA can be found in the earlier discussions related to PKI and Project Gatekeeper compliance, currently being handled by NOIE.

4. What are the opportunities, threats and risks of ENUM implementation in Australia? Are there any broader communications/policy issues associated with the introduction of ENUM?

Some of issues relate to how ENUM will address the National Privacy Principles particularly:

The database would be a desirable source of information for numerous organisations, including law enforcement agencies, foreign governments, and debt collectors. Security and strict limitations on access are paramount. In addition, depending on how the service is established, there would be a significant risk of a denial of service attack on the ENUM database.

The data management aspects of ENUM may be very complex. For example:

There is a question about how ENUM would be linked to and within organisations. For example, the identification of individuals within companies is not required for normal commercial transactions. Domain names are issued to companies. Does this mean that ENUM will need to link company directors to organisations? What happens when individuals have multiple roles within organisations?

An email address may be shared, in the same way a landline at a home address is shared. How will the ENUM database deal with overlapping ownership?

We are glad to note that ACA is aware of the risk of identity theft.

We concur with ACA concern related to the legal complexities of the convergence of the internet and telephony.

The complexity of geographical location numbers for telephony communications is already significant, but not as complex as the geographical distribution of internet users and especially internet service providers. Australians can select internet service providers overseas or interstate. In these cases, which jurisdiction will apply? Extraterritoriality is becoming a major issue both for law enforcement and the retention of civil rights.

The use of multiple channels of communication would make billing even more complex. Currently consumers have little or no chance of querying billing for local calls on a landline. Presumably the cost of using the internet channel would be cheaper, but how could the consumer either track the channels used for each call or assess the correctness of the charges. We see little advantage to the consumer.

We are interested in ascertaining how owners of private channels will bill telephone service providers.

5. What principles should apply to the selection (and accreditation) of ENUM registrars?

Discussions related to the Gatekeeper PKI compliance requirements provide a useful guidance. We suggest that your organisation undertake discussions with NOIE.

6. What, if any, principles (eg. accreditation, review, monitoring) should apply to the selection and operation of ENUM authentication agencies?

Discussions related to the Gatekeeper PKI compliance requirements provide a useful model, although there have been significant problems in the implementation of privacy criteria in that framework which must be avoided. We suggest that your organisation undertake discussions with NOIE.

7. There is likely to be a number of consumer and regulatory issues associated with ENUM implementation which will need to be addressed before it can be implemented in Australia. These could include: (a) quality of service; (b) telecommunications security; (c) maintenance of number portability, preselection, telecommunications interception and emergency services calls; (d) control of slamming; and (e) consumer complaint handling. Are these valid and what other issues should the ACA consider?

The Foundation agrees that all of these issues are valid and should be investigated.

We are also concerned about issues that the impact on consumers of:

Another key issue that has not been addressed relates to the cost of registration for ENUM. There is a perception that ENUM is just another lucrative source of revenue and possibly a source "allocated" to a monopoly.

8. What processes should ENUM authentication agencies adopt to ensure that: (a) an entity has the right to use a number for the purpose of ENUM; and (b) the applicant is the entity with those rights?

Discussions related to the PKI Gatekeeper PKI compliance requirements provide a useful model. We suggest that your organisation undertake discussions with NOIE.

9. What benefits and costs would result from an `opt-in' approach to ENUM subscription?

The proposal for an "opt in" method of adoption is commended. This is the only model that would be considered as acceptable by the Foundation. Foundations members strongly oppose the "opt-out" option.

The benefits of the 'opt-in' approach is the retention of the rights of consumers. The risk is that few consumers will select ENUM but that is a risk to the commercial viability of ENUM - not to the public interest.

10. Are there alternative mechanisms to protect the security of the ENUM database and privacy of ENUM subscribers not considered in the paper?

The use of a randomly selected, meaningless, unique number or series of numbers to which phone numbers and internet addresses could be linked may provide additional security. There may need to be several numbers to allow for the different roles consumers play (eg business and personal). Mapping to the reversed phone number is already required so that the cost would not be prohibitive. Perhaps if a user knew the phone number of a person and wanted to send an email, they could obtain it from an ENUM website address.

11. Should consideration be given to which types of numbers, such as geographic or mobile numbers, are to be utilised for ENUM services? Identify any issues associated with the use of existing number ranges for EN UM services.

See the comments to question 10

12. If a pilot ENUM service or a limited duration trial(s) was established in Australia: (a) what should be the objectives of the trial(s) or pilot? (b) how should the trial/s or pilot be managed and implemented? (c) what principles should be applied to the trial(s)or pilot? (d) who would need to be involved in order for the pilot or trial(s) to satisfy the identified objectives? (e) what time constraints should apply to a trial(s) or pilot? (f) what responsibilities should apply to, or be placed on, each participant in the trial(s) or pilot?

Foundation members do not believe a pilot should proceed until the key issues raised in the Discussion Paper and in submissions are resolved. It should certainly not proceed without the express approval of the Federal Privacy Commissioner.

13. Would you be interested in participating in a trial?

The Foundation would not participate in a trial but will certainly monitor progress and comment on the outcome.

If you would like further information about this submission please contact us.

Yours sincerely

Julie Cameron


Australian Privacy Foundation

Level 14, 49 York Street


For further information, contact:

Tim Dixon, Director, (02) 9231 4949 or 0411 114411, TimDixon

Dr Roger Clarke, (02) 6288 1472 or 6288 6916,


Go to the APF Home Page.

Send an email to APF

Created: 18 November 2002

Last Amended: 18 November 2002


APF thanks its site-sponsor: