ICO gears up for aggressive fine campaign in 2015 - Part 1
Article added: 14/11/2014
The ICO is seeking to lower the legal threshold at which it can issue a fine to organisations contravening the TPS and Privacy and
Electronic Communications Regulations (PECR). This will cover direct marketing calls (live and automated), SMS text messages as well
as fax messages and marketing emails.
The Department for Culture, Media and Sport (DCMS) is leading the consultation as it has ownership of the PECR, whilst the ICO has
enforcement responsibility and the Ministry of Justice (MOJ) has policy responsibility for Data Protection.
The ICO's Goal
The ICO's goal is to remove a great deal of the obligation placed upon it regarding the burden of proof so as to allow it more
'flexibility' in determining who will be fined and how much. This, they claim, will empower them to represent consumers more
effectively.
They will soon only have to prove annoyance, inconvenience or anxiety. You can expect to be at odds with the ICO's 'acceptance' that
any of these three things have occurred, but you'll need deep pockets if you expect to argue the point when they're proposing to take
action against your business.
So, this means you can expect the ICO to levy many more fines next year.
Simon EntwistleDeputy Chief Executive Officer (ICO)
Contrary to popular opinion, more fines means does not mean more money in the ICO's coffers.
The fines actually go to HM Treasury.
What will this mean for you?
This means that despite your best efforts, your business could find itself being fined or named and shamed by the ICO for breaching
the TPS regulations.
The ICO intends to fine more companies for an overall lower level of breach so companies who previously may have flown under the
ICO's radar, will now be firmly in their sights.
The ICO believes that by levying more fines, even smaller ones, companies will acknowledge their power and embrace the need to get
their systems and processes in order.
The ICO won't be stopping at issuing fines, it may opt for naming and shaming in national press as an alternative to or in addition
to issuing fines.
What are nuisance calls?
The term “nuisance calls” can be applied to a range of different types of unsolicited calls. However, for most consumers it
primarily relates to calls made by telemarketing organisations, which seek to sell a product or a service.
For many consumers such calls can be an annoyance or irritation, but for some, particularly the vulnerable and elderly, they can
cause real fear and anxiety. Remember, this is a dangerously subjective point to have your business judged on.
Consumers who don't wish to receive unsolicited marketing calls can register with the Telephone Preference Service (TPS), which is the UK’s national ‘do not call’ register and once a number is TPS registered, it should not be called without the consumer having notified the caller that they do not object to such calls being made to them by that caller.
The ICO Said, "Organisations making marketing calls are required to screen their call lists against the TPS register, but there is evidence that this is not always being done."
How are marketing calls and texts regulated?
Under the PECR 2003, consumers are protected from “live” unsolicited direct marketing calls, if their telephone number has been
registered with the TPS for at least 28 days. Additionally, if consumers notify companies that they do not wish to receive any further
calls then companies are obliged to maintain Do Not Call (DNC) lists to ensure that this request is properly actioned.
"Many companies are failing to properly manage their DNC list obligations and many complaints from consumers relate to repeated
calls being received from companies despite requests to the contrary."
There are currently more than 20 million numbers registered with the TPS, which is a free service.
For “automated” recorded message calls the subscriber must have notified the caller that he/she consents to the call.
In relation to SMS text messages the caller must secure prior consent of the consumer (irrespective of whether or not the
number is TPS registered), unless it can be proved that there is an existing relationship between the parties.
Read Part 2 where we'll look at what exactly the ICO can do to you and your business for breaching the TPS regulations.