­Australia's Telstra has been directed to comply with the privacy clause in the Telecommunications Consumer Protections Code after it was found to have failed to protect the privacy of its customers' personal information.

The Australian Communications and Media Authority's direction is the first given to a telecommunications provider under the recently-registered TCP Code.

In June this year the ACMA found Telstra failed to protect the privacy of up to 734,000 of its customers' personal details after information, stored in a web-based customer management tool, was made accessible via a link available on the internet.

Personal information such as usernames, passwords, and, in some cases, addresses, driver's licence numbers and dates of birth of Telstra customers were publicly accessible from 29 March 2011 to 9 December 2011.

The ACMA investigated the matter after Telstra advised it that the personal information was available on the internet via its Visibility Tool database, which Telstra used to track orders for bundled products.

"Put simply, if a provider breaches the code, you can expect us to direct it to comply," said ACMA Chairman, Chris Chapman.

"Given Telstra has pro-actively taken steps to remedy its processes with a view to preventing such an incident from happening again, a direction with respect to the specific code provision is the appropriate measure," Mr Chapman said.

The direction means that Telstra must comply with clause 4.6.3 of the TCP Code. Failure to do so may result in the ACMA taking Federal Court action seeking the imposition of a pecuniary penalty.