Welcome to GRIP, Global Relay’s new digital information service on practical compliance and regulatory change.

Please enjoy this free trial of our subscription content service, for a limited time only.

  

Rules

BT fined over ‘catastrophic failure’ of UK emergency call services

UK anbulances
Photo: Matt Cardy/Getty Images

Martin Cloake

 Click to share on Facebook (Opens in new window/tab) Click to share on Twitter (Opens in new window/tab) Click to share on LinkedIn (Opens in new window/tab) Click to share on WhatsApp (Opens in new window/tab)

Telco found to be unprepared for disruption, with human error compounding systems failure that lasted over 10 hours.

The UK’s largest telecoms company has been fined £17.5m ($22.58m) after what communications regulator Ofcom called a “catastrophic” failure of its emergency call-handling service last year.

Ofcom said the telco was “ill-prepared to respond” to the failure which lasted for 10.5 hours on June 25, 2023, despite being “a well-resourced and experienced communications provider”. Its investigation found that BT;

  • did not have sufficient warning systems in place to deal with this type of incident;
  • did not have adequate procedures for prpmptly assessing the incident’s severity, impact and likely cause;
  • did not have adequate procedures in place for identifying mitigating actions.

The investigation also found that “BT’s disaster recovery platform had insufficient capacity and functionality to deal with a level of demand that might reasonably be expected.”

BT is responsible for connecting 999 and 112 emergency calls, and for providing text relay services for deaf and speech-impaired people. Ofcom said “the potential degree of harm was extremely significant.”

How the incident unfolded

The incident unfolded in three stages. At 6:24am on June 25, 2023, BT’s emergency call handling system was disrupted. The cause was later found to be a configuration error in a server file. For an hour, the systems operated by call handling agents restarted as soon as a call was received, agents were being logged out of the system, and calls dropped when they were transferred to the emergency services.

BT was initially unable to identify the cause of the problem, and so took the decision to switch to its disaster recovery platform at 7:33am. But this attempt failed due to human error as staff dealt with poor documentation and an unfamiliar system. The incident, that originally only affected some calls, now became a total system outage.

By 8:50am the rate of unsuccessful calls began to drop as traffic began to successfully migrated to the disaster recovery platform. But that platform struggled with demand, and disruption continued until 4:56pm.

Life and death

During the incident, nearly 14,000 call attempts from 12,392 different users were unsuccessful. While there have been no confirmed reports of serious harm to members of the public occurring as a result of the incident, Ofcom’s Director of Enforcement Suzanne Cater said: “Being able to contact the emergency services can mean the difference between life and death, so in the event of any disruption to their networks, providers must be ready to respond quickly and effectively.

‘In this case, BT fell woefully short of its responsibilities and was ill-prepared to deal with such a large-scale outage, putting its customers at unacceptable risk.

“Today’s fine sends a broader warning to all firms – if you’re not properly prepared to deal with disruption to your networks, we’ll hold you to strict account on behalf of consumers.”

BT was found to have contravened section 105A(1)(c) of the Communications Act 2003 and Regulation 9 of the Electronic Communications (Security Measures) Regulations 2022.

BT must pay the fine within two months of this decision. It includes a 30% reduction as a result of the company’s admission of liability and agreement to settle the case.

, , , , , ,

You may also like