Feeds

Gov mulls making it easier for ICO to squash marketing pests

May make it easier for the commish to levy privacy fines

The essential guide to IT transformation

The legal test that the Information Commissioner's Office (ICO) must meet before it can justify serving fines on businesses that send unsolicited marketing communications could be lowered, a Government representative has said.

Lord Gardiner of Kimble said that the measure could be used to address concerns about nuisance calls. He made the comments during a House of Lords reading of a draft new law that would, if introduced, require Ofcom to keep a register of people who have opted-in to receiving marketing communications. Currently an opt-out register exists.

"We are also actively considering the scope to legislate to lower the legal threshold the ICO needs to demonstrate before issuing a monetary penalty," Lord Gardiner said. "We are assessing the business case and the cost before we take action on this."

Under the Privacy and Electronic Communications Regulations (PECR) the ICO can fine businesses and other organisations up to £500,000 for serious breaches of the rules, which include in relation to the sending of unwanted marketing emails and texts or live and automated marketing phone calls to individuals.

The rules generally prohibit organisations from transmitting or instigating the transmission of unsolicited communications to consumers for the purposes of direct marketing by means of electronic mail unless the person receiving the mail has notified prior consent for the messages to be sent.

In order for the ICO to be justified in serving monetary penalties under PECR, or for data protection breaches under the Data Protection Act (DPA), the watchdog must show that a number of legal tests have been satisfied. These include that the nature of the breach they propose to take action on was "serious" and was "of a kind likely to cause substantial damage or substantial distress". The threshold tests are set out under the DPA.

Last month the ICO lost a case brought before the Information Rights Tribunal by the owner of a company who had been found by the watchdog to have unlawfully sent spam messages. The Tribunal ruled that the ICO was wrong to fine Christopher Niebel £300,000 because it had failed to show that damage or distress caused by the breach was sufficient to merit the serving of a fine. The ICO has appealed that decision to the Upper Tribunal.

The ICO told Out-Law.com that it supports moves to lower the thresholds for serving fines under PECR. It said that it is currently seeing complaints about a large number of companies but that it has to wait to take action because the damage and distress caused by those companies does not, until the evidence accumulates, meet the 'substantial damage or substantial distress' threshold for serving fines.

“The public is clear that it wants to see a stop put to nuisance text messages. The fines we issue help to achieve that, and if we are prevented from issuing fines then it’s fair to expect that the public will receive more of these messages," an ICO spokesperson said.

Conservative peer Lord Selsdon has proposed that individuals should not, by default, receive marketing calls or texts from companies unless they actively opt-in to receive those communications. His plans are contained in the Unsolicited Telephone Communications Bill which received its second reading in the House of Lords on Friday last week.

There was broad support for action to improve the current framework around unsolicited marketing communications, but Lord Gardiner warned that the potential implications for businesses have to be considered before any new measures can be introduced.

"We are absolutely determined to take action on this issue," he said. "That is why the Minister for Culture, Communications and Creative Industries has initiated and led a serious of meetings over the past 18 months which have brought together the key interested parties to press for change. Unsolicited calls and texts are a problem, but we have to be careful that, in dealing with this issue, we do not harm the direct marketing industry, which is a legitimate industry that provides employment and opportunities in support of our economy."

"Direct marketing can be beneficial for consumers—for example, calls from telecoms or energy companies advising on better deals or tariffs potentially save consumers money. An opt-in register, as in the Bill, would severely constrain such activities. We must therefore consider the matter carefully. Tackling nuisance calls would be better addressed by focusing on improving enforcement rather than changing the nature of the register; legislation of this nature is unlikely to be the answer," he added.

The ICO's spokesperson said that whilst it hopes for changes to the legal tests under the PECR framework it does not anticipate changes being made to the corresponding rules applying to the thresholds for serving fines for data breaches under the DPA.

In August, in a case mirroring its subsequent ruling to overturn the ICO's decision to fine Niebel under the PECR regime, the Information Rights Tribunal overturned the watchdog's decision to fine a Scottish council £250,000 for a breach of the DPA. The Tribunal ruled that the thresholds for justifying the serving of a fine in the case had not been met because "whilst it was serious, [the breach] was not of a kind likely to cause substantial damage or substantial distress".

Copyright © 2013, Out-Law.com

Out-Law.com is part of international law firm Pinsent Masons.

The essential guide to IT transformation

More from The Register

next story
GCHQ protesters stick it to British spooks ... by drinking urine
Activists told NOT to snap pics of staff at the concrete doughnut
Britain's housing crisis: What are we going to do about it?
Rent control: Better than bombs at destroying housing
What do you mean, I have to POST a PHYSICAL CHEQUE to get my gun licence?
Stop bitching about firearms fees - we need computerisation
Top beak: UK privacy law may be reconsidered because of social media
Rise of Twitter etc creates 'enormous challenges'
Redmond resists order to hand over overseas email
Court wanted peek as related to US investigation
Ex US cybersecurity czar guilty in child sex abuse website case
Health and Human Services IT security chief headed online to share vile images
NZ Justice Minister scalped as hacker leaks emails
Grab your popcorn: Subterfuge and slur disrupts election run up
We need less U.S. in our WWW – Euro digital chief Steelie Neelie
EC moves to shift status quo at Internet Governance Forum
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?