Ofcom Fines UK VoIP Provider Vonage £700k Over 999 Access Failure UPDATE
The UK telecoms regulator, Ofcom, has today hit internet phone (VoIP) provider Vonage with a £700,000 fine after an investigation that started in March 2024 (here). The penalty follows an incident that resulted in disruption for its business customers to emergency calling (999) services between 23rd October and 3rd November 2023.
The regulator’s existing General Conditions rules (e.g. General Condition A3.2 and sections 105A, 105C and 105K of the Communications Act 2003) require every communications provider to “ensure the fullest possible availability of public communications services at all times, including in the event of a disaster or catastrophic network failure, and uninterrupted access to emergency organisations.”
Naturally, any failure of such communications, particularly to the emergency services, is extremely serious and could result in a loss of life. This is particularly relevant now that broadband ISPs and their customers are increasingly switching away from traditional phone line services and on to IP-based phone alternatives, which may be more exposed to connectivity problems and power cuts etc.
Advertisement
However, Ofcom’s investigation of Vonage found that, during the aforementioned period, the company’s UK VoIP business customers were “unable to connect to the emergency services when using desk phones” and their internal processes “did not include adequate assessment of whether a software update, which caused the issue, had the potential to impact emergency calls“. As a result, Vonage failed to carry out testing following the update, which led to its emergency call service failing.
The provider also “failed to have adequate monitoring procedures in place“, which meant it did not have sufficient oversight of its network to enable it to identify an outage affecting emergency calls.
George Lusty, Ofcom’s Enforcement Director, said:
“Being able to call the emergency services can mean the difference between life and death. It’s vital that telecoms providers take their responsibilities seriously and if they don’t, we’ll hold them to account. Vonage fell short on a number of levels, putting its customers at unacceptable risk.”
Vonage is said to have now made “a number of changes to its processes” to prevent future errors, although the seriousness of the breach also attracted a £700,000 fine. Vonage must pay the fine within four weeks of this decision, and it will then be passed on to HM Treasury. The fine includes a 30% reduction as a result of Vonage’s admission of liability and agreement to settle the case.
The full details of the case are due to be released at a later date, but we suspect the hefty fine may partly reflect the fact that Vonage was previously fined the smaller amount of £24,500 back in 2018. This came after they suffered a different fault with their VoIP service and disrupted access to the emergency services (here).
Advertisement
UPDATE 4:27pm
We’ve had a statement from Vonage.
Statement from Vonage re. Ofcom fine
Between 23 October 2023 and 3 November 2023, for a period of 11 days, emergency calls made by Vonage Business Communications (VBC) customers to 999 and 112 in the UK were unable to complete. This was due to a failure caused by a planned software update.
At Vonage, the trust of our customers is of the utmost importance to us, built upon transparency and reliability. We recognise the critical nature of the service we provide and the serious implications this disruption could have had. We sincerely apologise for the emergency calling outage. Our customers rightly expect more from us, and this incident fell short of the standards we hold ourselves to and our customers deserve.
We self-reported the incident to Ofcom and fully cooperated with their subsequent investigation. As announced today, we have agreed to a GBP 700,000 settlement with Ofcom.
We have taken this incident very seriously. Since it occurred, we have implemented a comprehensive set of corrective actions across our software development lifecycle intended to prevent such an issue from occurring again. The improvements now in place span development, testing, and deployment, and include enhanced quality assurance, proactive monitoring and alerting systems, and an ongoing commitment to continuous improvement.
We remain fully committed to ensuring the connectivity, safety and security of our customers. Thank you for the continued trust in Vonage. We are determined to maintain and strengthen that trust every day.
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on X (Twitter), Mastodon, Facebook, BlueSky, Threads.net and Linkedin.
Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message and display names can be almost anything you like (provided they do not contain offensive language or impersonate a real persons legal name). By clicking to submit a post you agree to storing your entries for comment content, display name, IP and email in our database, for as long as the post remains live.
Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.