TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

The Privacy Advisor | ICO Fine “Confirms” Emergence of Private-Sector Enforcement Trend Related reading: For TikTok’s privacy counsel, work ‘couldn’t feel more rewarding’


News that the UK Information Commissioner’s Office (ICO) has fined a private-sector business 90,000 GBP for violating the Privacy and Electronic Communications Regulations (PECR) in relation to live marketing calls is a significant development, according to one expert.

Field Fisher Waterhouse Partner Stewart Room, CIPP/E, said it’s exceptional “because it confirms the trend of strong enforcement action against the private sector as well as continued embracing of enforcement in the e-privacy zone.”

Glasgow-based DM Design has been issued the fine by the ICO for “thousands of unwanted marketing calls” and for failing to address complaints it received from customers. According to an ICO press release, this is the first time the agency has issued a monetary penalty for PECR violations.

ICO Commissioner Christopher Graham said the fine “sends out a clear message to the marketing industry that this menace will not be tolerated,” while adding, “This fine will not be an isolated penalty. We know other companies are showing a similar disregard for the law and we’ve every intention of taking further enforcement action against companies that continue to bombard people with unlawful marketing texts and calls.”

Room told The Privacy Advisor, “The critical learning point for data controllers is that the data protection enforcement environment is now targeting core marketing activities. This is bound to be a prelude to enforcement of related topics, such as profiling, tracking, cookies and OBA.” He added, “Clearly ICO is living up to its enforcement promises made in January 2012. All five of ICO's top priority areas have been hit with large fines since then.”

Editor’s Note: Room will speak at the breakout session “How Scared Should You Really Be? The Truth About Enforcement Actions” at the IAPP Data Protection Intensive next month in London, UK.


If you want to comment on this post, you need to login.