Timothy Pilgrim, Australian Privacy Commissioner, found Veda had breached KB's privacy. Credit:Jeremy Piper KB's businesses were also affected as he had provided details of his Citibank Visa credit card for payment to his suppliers. He received calls from suppliers advising him they had tried to charge the credit card but payment did not go through. They advised that until they were paid, goods would not be supplied. It turns out KB has a similar name and resides in the same apartment building as a person the court had recorded a $7000 debt against. Veda's automatic matching systems drew a connection between the judgment and KB and recorded information about the judgment on KB's credit file. Veda's systems then provided an automated alert to KB's registered creditors and it wasn't until KB returned to Australia and called Veda to order a copy of his credit report that he was able to identify the incorrectly listed report. KB advised Veda of the mistake and requested the urgent removal of the listing but Veda said KB had to approach the court for correction and indicated it would not take action until it heard from the court.

KB had to engage a lawyer to assist him in corresponding to the court and having his credit file corrected. Compensation KB had to turn to the privacy commissioner, Timothy Pilgrim to receive compensation. The privacy commissioner found Veda interfered with KB's privacy by not taking reasonable steps to ensure the credit information it collected and disclosed was accurate, up to date and complete, using or disclosing credit reporting information that was false or misleading. Often you don't know they've put a black mark against you until it's too late. Peter Strong

Veda was ordered to issue a written apology, commence a procedural review and pay KB $15,830. "It appears that Veda incorrectly assumed that the information provided by the court contained typographical errors, and as a consequence, wrongly included the court judgment on the complainant's credit file. It took no steps to confirm that was the case before including the listing on the complainant's credit file," the privacy commissioner found. He found Veda placed "an undue burden" on individuals to identify errors in their credit reports and draw them to its attention. "It was not reasonable in the circumstances for Veda to assume that the identifying information which it had collected from the court contained typographical errors, without taking any steps to confirm that this was the case," the privacy commissioner found. "Listing a judgment on an individual's credit file can have serious consequences for the individual in question, and is a step that should not be taken lightly."

The onus is on small business owners Philippa Hill, spokeswoman for Veda, says "the error occurred due to multiple identical pieces of critical information". The error was "subsequently removed" from KB's file. Hill says that in addition to court judgments, there are multiple things that can impact the credit rating of a business, including how fast they pay their invoices, any commercial defaults on their credit file, inquiry patterns and the history of how the owner runs their other businesses. "A lender may, with consent, look at an individual's personal credit file in deciding whether to extend credit to a business owner. Small business owners should ensure they are aware of what is on their personal credit file."

Getting through is impossible The lack of recourse to credit agencies, such as Veda is difficult for small businesses according to Peter Strong, chief executive of the Council of Small Business Australia. "This isn't a government agency you can go to and complain about, it is the private sector, so what do you do?", he says. "There's no recourse that you can have besides going to court so it is quite a concern." Strong says the privacy commissioner's findings against Veda are "extraordinary". "Often you don't know that they've put a black mark against you until it's way too late. That could bankrupt a business, if you're getting a bad name with your suppliers when you have done nothing wrong, it is a real red flag. Getting through to them is really impossible."

Not the first breach This isn't the first time Veda has come under scrutiny from the privacy commissioner. Last year the commissioner found Veda had breached privacy rules when it sold commercial products to consumers who simply wanted a copy of their credit report, which, by law, they're able to access for free once a year. Follow MySmallBusiness on Twitter, Facebook and LinkedIn.