Feeds

Gov mulls making it easier for ICO to squash marketing pests

May make it easier for the commish to levy privacy fines

New hybrid storage solutions

The legal test that the Information Commissioner's Office (ICO) must meet before it can justify serving fines on businesses that send unsolicited marketing communications could be lowered, a Government representative has said.

Lord Gardiner of Kimble said that the measure could be used to address concerns about nuisance calls. He made the comments during a House of Lords reading of a draft new law that would, if introduced, require Ofcom to keep a register of people who have opted-in to receiving marketing communications. Currently an opt-out register exists.

"We are also actively considering the scope to legislate to lower the legal threshold the ICO needs to demonstrate before issuing a monetary penalty," Lord Gardiner said. "We are assessing the business case and the cost before we take action on this."

Under the Privacy and Electronic Communications Regulations (PECR) the ICO can fine businesses and other organisations up to £500,000 for serious breaches of the rules, which include in relation to the sending of unwanted marketing emails and texts or live and automated marketing phone calls to individuals.

The rules generally prohibit organisations from transmitting or instigating the transmission of unsolicited communications to consumers for the purposes of direct marketing by means of electronic mail unless the person receiving the mail has notified prior consent for the messages to be sent.

In order for the ICO to be justified in serving monetary penalties under PECR, or for data protection breaches under the Data Protection Act (DPA), the watchdog must show that a number of legal tests have been satisfied. These include that the nature of the breach they propose to take action on was "serious" and was "of a kind likely to cause substantial damage or substantial distress". The threshold tests are set out under the DPA.

Last month the ICO lost a case brought before the Information Rights Tribunal by the owner of a company who had been found by the watchdog to have unlawfully sent spam messages. The Tribunal ruled that the ICO was wrong to fine Christopher Niebel £300,000 because it had failed to show that damage or distress caused by the breach was sufficient to merit the serving of a fine. The ICO has appealed that decision to the Upper Tribunal.

The ICO told Out-Law.com that it supports moves to lower the thresholds for serving fines under PECR. It said that it is currently seeing complaints about a large number of companies but that it has to wait to take action because the damage and distress caused by those companies does not, until the evidence accumulates, meet the 'substantial damage or substantial distress' threshold for serving fines.

“The public is clear that it wants to see a stop put to nuisance text messages. The fines we issue help to achieve that, and if we are prevented from issuing fines then it’s fair to expect that the public will receive more of these messages," an ICO spokesperson said.

Conservative peer Lord Selsdon has proposed that individuals should not, by default, receive marketing calls or texts from companies unless they actively opt-in to receive those communications. His plans are contained in the Unsolicited Telephone Communications Bill which received its second reading in the House of Lords on Friday last week.

There was broad support for action to improve the current framework around unsolicited marketing communications, but Lord Gardiner warned that the potential implications for businesses have to be considered before any new measures can be introduced.

"We are absolutely determined to take action on this issue," he said. "That is why the Minister for Culture, Communications and Creative Industries has initiated and led a serious of meetings over the past 18 months which have brought together the key interested parties to press for change. Unsolicited calls and texts are a problem, but we have to be careful that, in dealing with this issue, we do not harm the direct marketing industry, which is a legitimate industry that provides employment and opportunities in support of our economy."

"Direct marketing can be beneficial for consumers—for example, calls from telecoms or energy companies advising on better deals or tariffs potentially save consumers money. An opt-in register, as in the Bill, would severely constrain such activities. We must therefore consider the matter carefully. Tackling nuisance calls would be better addressed by focusing on improving enforcement rather than changing the nature of the register; legislation of this nature is unlikely to be the answer," he added.

The ICO's spokesperson said that whilst it hopes for changes to the legal tests under the PECR framework it does not anticipate changes being made to the corresponding rules applying to the thresholds for serving fines for data breaches under the DPA.

In August, in a case mirroring its subsequent ruling to overturn the ICO's decision to fine Niebel under the PECR regime, the Information Rights Tribunal overturned the watchdog's decision to fine a Scottish council £250,000 for a breach of the DPA. The Tribunal ruled that the thresholds for justifying the serving of a fine in the case had not been met because "whilst it was serious, [the breach] was not of a kind likely to cause substantial damage or substantial distress".

Copyright © 2013, Out-Law.com

Out-Law.com is part of international law firm Pinsent Masons.

Security for virtualized datacentres

More from The Register

next story
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Show us your Five-Eyes SECRETS says Privacy International
Refusal to disclose GCHQ canteen menus and prices triggers Euro Human Rights Court action
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Heavy VPN users are probably pirates, says BBC
And ISPs should nab 'em on our behalf
Former Bitcoin Foundation chair pleads guilty to money-laundering charge
Charlie Shrem plea deal could still get him five YEARS in chokey
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.