In a busy week at the Information Commissioner’s Office (ICO), fines totalling £150,000 have been levied against companies for breaching the Privacy and Electronic Communications Regulations 2003, which govern the use of direct marketing telephone calls.
Direct Security Marketing was fined £70,000 for making almost 40,000 unsolicited automated calls (without consent, and in a single day), in an attempt to sell burglar alarms to consumers. Many of the calls were made in the middle of the night from a withheld number that did not identify the caller. The ICO also fined MyIML £80,000 after it made calls to users of the Telephone Preference Service (TPS), attempting to sell them green energy products. MyIML had indicated that it had purchased customer data from a third party and had not screened this against the TPS. The ICO found that as the user of the data it was the responsibility of MyIML to check that it was not making unsolicited calls to those registered with the TPS.
Since April 2015 the ICO has issued £1,056,000 in civil monetary penalties, with £370,000 since November 2015 alone. A further £1m of penalties are being considered, with the ICO having issued Notices of Intent, sent to companies operating in breach of the rules, to allow them to make representations about their conduct before a fine is imposed. As of the end of January 2016 the ICO had around 100 cases under investigation.