Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

Cold call bosses could be forced to cough up under new rules

UK.gov stiffens law after El Reg reveals low fine recovery rate

The UK government is planning to make company directors personally liable for nuisance calls – two years after it first promised the powers to the data protection watchdog.

At the moment, the Information Commissioner's Office can only hand out fines to companies that make spam marketing calls. Under the new plan, announced today, it will have the power to hand out further fines of up to £500,000 to the directors themselves.

The ICO has long called for this power as it struggles to recover cash from nuisance call firms that can simply liquidate to avoid paying up. The move comes after The Register last week revealed the ICO has clawed back just £9.7m of the £17.8m fines it has handed out since 2010.

Most of the unpaid fines are for breaches of the Privacy and Electronic Communications Regulations (PECR), which is usually the law used to fine companies making bulk nuisance marketing texts and calls. Common examples of breaches are failing to get the right permissions from people they call, or to check if numbers are listed on opt-out database the Telephone Preference Service.

According to figures released under the Freedom of Information Act, just £2.2m of the £8.5m fines handed out under PECR were paid back, with many of the largest bills going unpaid. In contrast, £7.5m of the £9.3m handed out under the Data Protection Act (DPA) have been recovered.

For instance, Keurboom Communications, which was hit with a record fine of £400,000 (the maximum under PECR is £500,000*) in 2017, was in liquidation by the time the fine was announced, and has yet to pay any money back.

The same is true for ProDial and Your Money Rights – both of which dissolved without having paid back any of their £350,000 fines – while Media Tactics and CheckPoint Claims were dissolved after being handed fines of £270,000 and £250,000, respectively.

The government and ICO have noted that in some cases the Insolvency Service can disqualify people from acting as directors – but the aim of the latest move is to help fill the government's coffers and ensure that the fines retain their deterrent effect.

"Even if a disqualification order is placed on the director following a company's dissolution, the debt originally placed on the company would go unrecovered without further enforcement action," the government consultation document on the proposed changes stated.

"This unlawful procedure undermines the ICO's enforcement powers and constricts one of the ICO's funding streams."

The government consultation (PDF) – which offers up two options, the status quo or extra powers – runs until August. If the decision is made to change PECR, it will be implemented using a negative statutory instrument, meaning it automatically becomes law without debate in parliament unless either house objects. ®

*Bootnote

The stronger fines touted under the General Data Protection Regulation – which are set out in the UK's statute books in the form of the new Data Protection Act, at £17m or 4 per cent of global turnover – do not apply to PECR, where the max remains £500,000. The DPA also allows for company officers to be held personally liable for criminal offences – though not for non-criminal breaches.

 

Similar topics

TIP US OFF

Send us news


Other stories you might like