Feeds

Gov mulls making it easier for ICO to squash marketing pests

May make it easier for the commish to levy privacy fines

Top 5 reasons to deploy VMware with Tegile

The legal test that the Information Commissioner's Office (ICO) must meet before it can justify serving fines on businesses that send unsolicited marketing communications could be lowered, a Government representative has said.

Lord Gardiner of Kimble said that the measure could be used to address concerns about nuisance calls. He made the comments during a House of Lords reading of a draft new law that would, if introduced, require Ofcom to keep a register of people who have opted-in to receiving marketing communications. Currently an opt-out register exists.

"We are also actively considering the scope to legislate to lower the legal threshold the ICO needs to demonstrate before issuing a monetary penalty," Lord Gardiner said. "We are assessing the business case and the cost before we take action on this."

Under the Privacy and Electronic Communications Regulations (PECR) the ICO can fine businesses and other organisations up to £500,000 for serious breaches of the rules, which include in relation to the sending of unwanted marketing emails and texts or live and automated marketing phone calls to individuals.

The rules generally prohibit organisations from transmitting or instigating the transmission of unsolicited communications to consumers for the purposes of direct marketing by means of electronic mail unless the person receiving the mail has notified prior consent for the messages to be sent.

In order for the ICO to be justified in serving monetary penalties under PECR, or for data protection breaches under the Data Protection Act (DPA), the watchdog must show that a number of legal tests have been satisfied. These include that the nature of the breach they propose to take action on was "serious" and was "of a kind likely to cause substantial damage or substantial distress". The threshold tests are set out under the DPA.

Last month the ICO lost a case brought before the Information Rights Tribunal by the owner of a company who had been found by the watchdog to have unlawfully sent spam messages. The Tribunal ruled that the ICO was wrong to fine Christopher Niebel £300,000 because it had failed to show that damage or distress caused by the breach was sufficient to merit the serving of a fine. The ICO has appealed that decision to the Upper Tribunal.

The ICO told Out-Law.com that it supports moves to lower the thresholds for serving fines under PECR. It said that it is currently seeing complaints about a large number of companies but that it has to wait to take action because the damage and distress caused by those companies does not, until the evidence accumulates, meet the 'substantial damage or substantial distress' threshold for serving fines.

“The public is clear that it wants to see a stop put to nuisance text messages. The fines we issue help to achieve that, and if we are prevented from issuing fines then it’s fair to expect that the public will receive more of these messages," an ICO spokesperson said.

Conservative peer Lord Selsdon has proposed that individuals should not, by default, receive marketing calls or texts from companies unless they actively opt-in to receive those communications. His plans are contained in the Unsolicited Telephone Communications Bill which received its second reading in the House of Lords on Friday last week.

There was broad support for action to improve the current framework around unsolicited marketing communications, but Lord Gardiner warned that the potential implications for businesses have to be considered before any new measures can be introduced.

"We are absolutely determined to take action on this issue," he said. "That is why the Minister for Culture, Communications and Creative Industries has initiated and led a serious of meetings over the past 18 months which have brought together the key interested parties to press for change. Unsolicited calls and texts are a problem, but we have to be careful that, in dealing with this issue, we do not harm the direct marketing industry, which is a legitimate industry that provides employment and opportunities in support of our economy."

"Direct marketing can be beneficial for consumers—for example, calls from telecoms or energy companies advising on better deals or tariffs potentially save consumers money. An opt-in register, as in the Bill, would severely constrain such activities. We must therefore consider the matter carefully. Tackling nuisance calls would be better addressed by focusing on improving enforcement rather than changing the nature of the register; legislation of this nature is unlikely to be the answer," he added.

The ICO's spokesperson said that whilst it hopes for changes to the legal tests under the PECR framework it does not anticipate changes being made to the corresponding rules applying to the thresholds for serving fines for data breaches under the DPA.

In August, in a case mirroring its subsequent ruling to overturn the ICO's decision to fine Niebel under the PECR regime, the Information Rights Tribunal overturned the watchdog's decision to fine a Scottish council £250,000 for a breach of the DPA. The Tribunal ruled that the thresholds for justifying the serving of a fine in the case had not been met because "whilst it was serious, [the breach] was not of a kind likely to cause substantial damage or substantial distress".

Copyright © 2013, Out-Law.com

Out-Law.com is part of international law firm Pinsent Masons.

Intelligent flash storage arrays

More from The Register

next story
Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
'Missy' Cummings on UAVs, smartcars and dying from boredom
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
The 'fun-nification' of computer education – good idea?
Compulsory code schools, luvvies love it, but what about Maths and Physics?
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
'Cowardly, venomous trolls' threatened with TWO-YEAR sentences for menacing posts
UK government: 'Taking a stand against a baying cyber-mob'
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
Don't bother telling people if you lose their data, say Euro bods
You read that right – with the proviso that it's encrypted
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.