Merry Christmas, you filthy directors: ICO granted powers to fine bosses for spam calls
Dodgy dialling dons' dosh due to diminish in December
Company bosses will be personally liable for nuisance calls made by their firms from 17 December, and could be forced to pay up to £500,000.
The UK's data protection watchdog has been pushing for director liability for years as it often struggles to claw back the cash for fines it hands out under direct marketing laws.
The government finally launched a consultation on the proposed amendments to the Privacy and Electronic Communications Regulations (PECR) earlier this year, and these were put on the statute book last week, to surprisingly little fanfare.
As it stands, the ICO can only hand out fines to the companies that make spam marketing calls – which means firms can liquidate to avoid paying up.
As The Register reported in May, between 2010 and April 2018, the ICO recouped just £9.7m of the £17.8m fines it handed down for PECR violations.
"When fines have been served on corporate bodies, directors have escaped liability, even where it has been clear that they knew about, or instigated, the sending or making of the illegal marketing," said Jon Baines, data protection advisor at Mischon de Reya, who first noted the PECR changes in a blogpost.
"It is also very common for companies served with fines to fold, only for their directors to reappear at the helm of new, similar companies (a phenomenon sometimes known as 'phoenixing')."
The changes – which come into force on 17 December – will grant the ICO the powers to fine directors and senior officers of a company up to £500,000.
The watchdog can do this if it has served a penalty on the firm itself and if the breach "took place with the consent or connivance of the officer" or "was attributable to any neglect on the part of the officer".
Although the amendments to PECR were made fairly quietly, it's likely the ICO will wield its new powers sooner rather than later, given how long it has been lobbying for the changes.
"It is to be expected that we will soon see examples made," said Baines. "So those directors who knowingly or negligently allow their companies to send unlawful electronic marketing should be looking over their shoulders."
Meanwhile, the government consultation page on the plans states that responses are still being analysed.
The Department for Digital, Culture, Media and Sport did not immediately respond to a request from El Reg on the reason for the lack of published results. ®
Sponsored: Becoming a Pragmatic Security Leader