Onestream slammed for 'slamming' vulnerable and elderly folk: That's £35k to Ofcom, please

Comms provider switched 118 people to its services without their consent


Updated Imagine a telco kicking down your front door, yelling "all your bills are belong to us" then leaving. In the industry parlance, it's known as "slamming" and Ofcom has fined Onestream £35,000 for the practice.

An investigation by the UK comms regulator found that the Hampshire-based broadband and landline minnow, launched 2018, had taken over the telephone services of more than a hundred customers without their consent between 13 April 2018 and 25 January 2019. The watchdog's ruling said Onestream went about this a couple of ways by:

  • making cold calls to customers without making it clear to them that Onestream was an entirely separate phone company who was trying to switch their home phone services from their current phone company to Onestream. We have found that for at least 45 of the 118 customers, Onestream engaged in Slamming by attempting to switch them without ever obtaining the customer's express permission to do so; and
  • by putting in place and implementing a policy, to make repeated attempts to switch customers to Onestream without contacting them each time to seek permission to switch them. This was despite customers asking their current phone company to cancel the previous attempt by Onestream to switch them. We have found that Onestream did this in the case of at least 113 of the 118 customers.

To make matters worse, Ofcom said that three-quarters of those "slammed" were "elderly or vulnerable".

This aggressive form of mis-selling was found to be in direct contravention of Ofcom's General Condition C7.3(a) [PDF], which regulates how customers switch between telecoms providers. The section basically says: "Yeah, slamming? The act of switching someone from one company to another without their permission? Do not do this."

Thus Ofcom saw fit to level a penalty of £35,000 at Onestream, discounted 30 per cent because the firm held its hands up and said soz. The fine is minuscule compared to the £300,000 Ofcom smacked Kent-based True Telecom for in 2017, but the regulator said this was the most severe penalty it could impose – 10 per cent of the company's turnover.

It added: "Had Onestream been a bigger company with a higher turnover, the penalty could have been set at a higher level."

Onestream is now required to release all affected customers from their contracts free of charge and refund the early termination fees of those who had already switched away from its services.

The company has also written to all customers who switched as a result of a cold call, informing them that they can quit their contract without penalty whenever they like.

The money, due within 20 working days, goes to the Treasury. ®

Updated to add

A spokesperson for Onestream has been in touch to say it has introduced "safeguards throughout the business, ensuring there can be no repetition of the mistakes that were made."

"Proven and respected industry professionals now hold key positions within the Onestream organisation who, working closely with independent consultants have revised all processes and implemented best practice to achieve positive change," she added.

"All affected customers have been fully compensated, released from all and any contractual obligation and have received a full and unreserved apology."

Similar topics


Other stories you might like

  • AI tool finds hundreds of genes related to human motor neuron disease

    Breakthrough could lead to development of drugs to target illness

    A machine-learning algorithm has helped scientists find 690 human genes associated with a higher risk of developing motor neuron disease, according to research published in Cell this week.

    Neuronal cells in the central nervous system and brain break down and die in people with motor neuron disease, like amyotrophic lateral sclerosis (ALS) more commonly known as Lou Gehrig's disease, named after the baseball player who developed it. They lose control over their bodies, and as the disease progresses patients become completely paralyzed. There is currently no verified cure for ALS.

    Motor neuron disease typically affects people in old age and its causes are unknown. Johnathan Cooper-Knock, a clinical lecturer at the University of Sheffield in England and leader of Project MinE, an ambitious effort to perform whole genome sequencing of ALS, believes that understanding how genes affect cellular function could help scientists develop new drugs to treat the disease.

    Continue reading
  • Need to prioritize security bug patches? Don't forget to scan Twitter as well as use CVSS scores

    Exploit, vulnerability discussion online can offer useful signals

    Organizations looking to minimize exposure to exploitable software should scan Twitter for mentions of security bugs as well as use the Common Vulnerability Scoring System or CVSS, Kenna Security argues.

    Better still is prioritizing the repair of vulnerabilities for which exploit code is available, if that information is known.

    CVSS is a framework for rating the severity of software vulnerabilities (identified using CVE, or Common Vulnerability Enumeration, numbers), on a scale from 1 (least severe) to 10 (most severe). It's overseen by First.org, a US-based, non-profit computer security organization.

    Continue reading
  • Sniff those Ukrainian emails a little more carefully, advises Uncle Sam in wake of Belarusian digital vandalism

    NotPetya started over there, don't forget

    US companies should be on the lookout for security nasties from Ukrainian partners following the digital graffiti and malware attack launched against Ukraine by Belarus, the CISA has warned.

    In a statement issued on Tuesday, the Cybersecurity and Infrastructure Security Agency said it "strongly urges leaders and network defenders to be on alert for malicious cyber activity," having issued a checklist [PDF] of recommended actions to take.

    "If working with Ukrainian organizations, take extra care to monitor, inspect, and isolate traffic from those organizations; closely review access controls for that traffic," added CISA, which also advised reviewing backups and disaster recovery drills.

    Continue reading

Biting the hand that feeds IT © 1998–2022