Feeds

Gov mulls making it easier for ICO to squash marketing pests

May make it easier for the commish to levy privacy fines

High performance access to file storage

The legal test that the Information Commissioner's Office (ICO) must meet before it can justify serving fines on businesses that send unsolicited marketing communications could be lowered, a Government representative has said.

Lord Gardiner of Kimble said that the measure could be used to address concerns about nuisance calls. He made the comments during a House of Lords reading of a draft new law that would, if introduced, require Ofcom to keep a register of people who have opted-in to receiving marketing communications. Currently an opt-out register exists.

"We are also actively considering the scope to legislate to lower the legal threshold the ICO needs to demonstrate before issuing a monetary penalty," Lord Gardiner said. "We are assessing the business case and the cost before we take action on this."

Under the Privacy and Electronic Communications Regulations (PECR) the ICO can fine businesses and other organisations up to £500,000 for serious breaches of the rules, which include in relation to the sending of unwanted marketing emails and texts or live and automated marketing phone calls to individuals.

The rules generally prohibit organisations from transmitting or instigating the transmission of unsolicited communications to consumers for the purposes of direct marketing by means of electronic mail unless the person receiving the mail has notified prior consent for the messages to be sent.

In order for the ICO to be justified in serving monetary penalties under PECR, or for data protection breaches under the Data Protection Act (DPA), the watchdog must show that a number of legal tests have been satisfied. These include that the nature of the breach they propose to take action on was "serious" and was "of a kind likely to cause substantial damage or substantial distress". The threshold tests are set out under the DPA.

Last month the ICO lost a case brought before the Information Rights Tribunal by the owner of a company who had been found by the watchdog to have unlawfully sent spam messages. The Tribunal ruled that the ICO was wrong to fine Christopher Niebel £300,000 because it had failed to show that damage or distress caused by the breach was sufficient to merit the serving of a fine. The ICO has appealed that decision to the Upper Tribunal.

The ICO told Out-Law.com that it supports moves to lower the thresholds for serving fines under PECR. It said that it is currently seeing complaints about a large number of companies but that it has to wait to take action because the damage and distress caused by those companies does not, until the evidence accumulates, meet the 'substantial damage or substantial distress' threshold for serving fines.

“The public is clear that it wants to see a stop put to nuisance text messages. The fines we issue help to achieve that, and if we are prevented from issuing fines then it’s fair to expect that the public will receive more of these messages," an ICO spokesperson said.

Conservative peer Lord Selsdon has proposed that individuals should not, by default, receive marketing calls or texts from companies unless they actively opt-in to receive those communications. His plans are contained in the Unsolicited Telephone Communications Bill which received its second reading in the House of Lords on Friday last week.

There was broad support for action to improve the current framework around unsolicited marketing communications, but Lord Gardiner warned that the potential implications for businesses have to be considered before any new measures can be introduced.

"We are absolutely determined to take action on this issue," he said. "That is why the Minister for Culture, Communications and Creative Industries has initiated and led a serious of meetings over the past 18 months which have brought together the key interested parties to press for change. Unsolicited calls and texts are a problem, but we have to be careful that, in dealing with this issue, we do not harm the direct marketing industry, which is a legitimate industry that provides employment and opportunities in support of our economy."

"Direct marketing can be beneficial for consumers—for example, calls from telecoms or energy companies advising on better deals or tariffs potentially save consumers money. An opt-in register, as in the Bill, would severely constrain such activities. We must therefore consider the matter carefully. Tackling nuisance calls would be better addressed by focusing on improving enforcement rather than changing the nature of the register; legislation of this nature is unlikely to be the answer," he added.

The ICO's spokesperson said that whilst it hopes for changes to the legal tests under the PECR framework it does not anticipate changes being made to the corresponding rules applying to the thresholds for serving fines for data breaches under the DPA.

In August, in a case mirroring its subsequent ruling to overturn the ICO's decision to fine Niebel under the PECR regime, the Information Rights Tribunal overturned the watchdog's decision to fine a Scottish council £250,000 for a breach of the DPA. The Tribunal ruled that the thresholds for justifying the serving of a fine in the case had not been met because "whilst it was serious, [the breach] was not of a kind likely to cause substantial damage or substantial distress".

Copyright © 2013, Out-Law.com

Out-Law.com is part of international law firm Pinsent Masons.

High performance access to file storage

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Big Content goes after Kim Dotcom
Six studios sling sueballs at dead download destination
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
Jack the RIPA: Blighty cops ignore law, retain innocents' comms data
Prime minister: Nothing to see here, go about your business
Singapore decides 'three strikes' laws are too intrusive
When even a prurient island nation thinks an idea is dodgy it has problems
Banks slap Olympus with £160 MEEELLION lawsuit
Scandal hit camera maker just can't shake off its past
France bans managers from contacting workers outside business hours
«Email? Mais non ... il est plus tard que six heures du soir!»
Reprieve for Weev: Court disowns AT&T hacker's conviction
Appeals court strikes down landmark sentence
US taxman blows Win XP deadline, must now spend millions on custom support
Gov't IT likened to 'a Model T with a lot of things on top of it'
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.