Government turns the screw on nuisance marketers and lowers the threshold for big fines

Businesses engaged in direct marketing via email, text and telephone now have an even more pressing reason to ensure that their practices are compliant with the Privacy and Electronic Communications (EU Directive) Regulations 2003 (the “PEC Regs“). From 6 April, 2015 a threshold test for penalties will be removed to make it easier for the Information Commissioner’s Office (“ICO“) to issue fines of up to £500,000 against offending businesses.

The key change is that the ICO will no longer need to prove that a business whose marketing by phone, email or text breaches the PEC Regs was of a kind likely to cause substantial damage or distress in order to issue a monetary penalty notice of up to £500,000.

The full details of the changes are not yet clear, but it appears likely that the data regulator will still have to establish that the breach is serious and that it was either deliberate or the marketer knew or ought to have known that there was a risk that the breach would occur, but failed to take reasonable steps to prevent it.

However there is no doubt that this will significantly increase the risks for marketers who fail to ensure compliance with regulations 19-24 of the PEC Regs and the ICO has welcomed the move.

The Government has also said that it will look at introducing measures to hold board level executives responsible for nuisance calls and texts.

Background to these changes

The key provisions of the PEC Regs relating to direct marketing are regulations 19-24, which cover marketing via telephone (including automated calling systems), email, fax and SMS. Thus far, fines totalling £815,000 have been handed out to nine companies by ICO for serious breaches of these regulations, with a number of the individual fines also hitting six figures.

However, the existing requirement for ICO to show substantial damage or substantial distress has led to a number of fines being challenged in Information Rights Tribunals by penalised marketers. In a number of recent decisions, the ICO’s fines have been overturned as the marketer was able to persuade the tribunal that the threshold of substantial damage or distress had not been crossed.

In light of concerns voiced by ICO that this threshold was impairing its ability to effectively enforce the PEC Regs, the government agreed to consult on this issue. A public consultation in December 2014 considered a number of possible solutions, but alternative approaches (such as removing the word “substantial” from the test) were clearly dismissed in favour of removing the requirement to demonstrate any form of damage or distress altogether.

What does this mean for marketers?

• Although it was principally nuisance calls that started legislators down this road, email and text marketing are also caught by the changes, so all UK advertisers using any of these techniques face higher risks of significant penalties.
• Systems for ensuring compliance should be reviewed to make doubly sure that mechanisms for capturing personal data and establishing prospects’ informed preferences are fit for purpose and reflect the PEC Regs’ requirements for each channel.
• Processes for ensuring compliance with “do not call” rules should be reviewed as well as suppression systems, not to mention all relevant outsourcing agreements and audit provisions.
• Telemarketers should also be aware that Ofcom’s separate power to take action against offenders who persistently misuse a network or service (resulting in annoyance, inconvenience or anxiety) will remain in force. The telecoms regulator has issued over £1.5m in fines over the last 3 years to businesses making silent and abandoned calls.