Feeds

Data cop slap for Brit text pests

IMPORTANT: You may be entitled to pay us £440k

Providing a secure and efficient Helpdesk

The two owners of a rogue marketing firm have to cough up £440,000 for spamming UK mobiles with millions of texts over the last three years.

The Information Commissioner’s Office (ICO) made its first use of new powers to levy heavy fines for serious breaches of the UK's Privacy and Electronic Communications Regulations (PECR) against the two owners of Tetrus Telecoms, Christopher Niebel and Gary McNeish.

The ICO launched an investigation against Tetrus Telecoms in May 2011 after receiving a tip-off that the firm was sending huge volumes of unsolicited text messages from offices in Stockport and Birmingham, without the consent of the recipient and without identifying the sender – both legal requirements under the PECR. Replies to junk messages about PPI and personal injury claims earned the duo an estimated income of £7,000 to £8,000 a day in affiliate marketing income from claims-marketing firms and other pondlife.

More than 400 complaints about spam texts received by the ICO have been linked to Tetrus.

The ICO’s investigation included raids at Tetrus Telecoms' Stockport premises, in August 2011, and the Manchester home of Niebel, in February 2012. Tetrus was using unregistered pay-as-you-go SIM cards to send out as many as 840,000 illegal text messages a day.

Examples of the text messages sent out by Tetrus Telecoms include:

  • CLAIM TODAY you may be entitled to £3500 for the accident you had. To claim free, reply CLAIM to this message. To opt out text STOP. Thank you
  • URGENT! If you took out a Bank Loan prior to 2007 then you are almost certainly entitled to £2300 in compensation. To claim reply 'YES'
  • You have still not claimed the compensation you are due for the accident you had. To claim then pls reply CLAIM. To opt out text STOP

Leads generated from the dodgy texts were sold to rogue companies claiming to offer payouts for accidents a person has never had or Payment Protection Insurance (PPI) claims that they are not necessarily entitled to.

Niebel and McNeish are reckoned to have made hundreds of thousands of pounds in profit since Tetrus was set up in December 2009.

Niebel has now been ordered to pay a penalty of £300,000, while McNeish, who appears to have taken less out of the business, has been fined £140,000.

The pair also face potential prosecution from the ICO for failing to notify it that Tetrus Telecoms was processing personal information, a legal requirement for organisations under the Data Protection Act

Information Commissioner, Christopher Graham, said: "The two individuals we have served penalties on today made a substantial profit from the sale of personal information. They knew they were breaking the law and the trail of evidence uncovered by my office highlights the scale of their operations."

The ICO is also currently considering issuing penalties to three other companies suspected of illegal text spamming. The data privacy watchdog is working with network providers to trace text spammers and with the Ministry of Justice to target claims management companies who purchase marketing information breaching the Data Protection Act, as well as electronic marketing regulations.

“The public have told us that they are distressed and annoyed by the constant bombardment of illegal texts and calls and we are currently cracking down on the companies responsible, using the full force of the law," Graham said.

“In March we set up a survey on the ICO website so people can tell us about any unwanted texts and calls they have been receiving. So far we have received over 60,000 responses. We know the majority of these messages and calls have been made by companies who try to remain anonymous in the hope they can profit by selling personal information to claims management companies and other marketing organisations. We are using the information provided by the public to identify those responsible,” he added.

The ICO advises consumers not to respond to text messages with unspecified senders.

An ICO statement explaining how spam texters make a lucrative income, as well as providing more information on the Tetrus enforcement action, can be found here.

Neil Cook, CTO at message security firm Cloudmark, said that the problem of unregistered pay-as-you-go SIM cards being used to send unsolicited spam messages is continuing to grow:

Cloudmark has noticed a 10x increase in reports from UK subscribers since 2011.

I welcome the ICO's decision to fine the pair found to be sending unsolicited text message spam, and I hope that this will help to deter anyone currently operating or thinking about operating similar schemes.

Users who receive unsolicited text messages should consider forwarding the messages to the shortcode "7726". "This will help the mobile operators to take action against the individuals and companies responsible for sending the messages," Cook explained. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Hackers thrash Bash Shellshock bug: World races to cover hole
Update your gear now to avoid early attacks hitting the web
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.