03 April 2014
The Information Commissioner’s Office (ICO) has just issued a £50,000 fine against Amber Windows for what seems to have been viewed as a flagrant disregard of the PECR (Privacy and Electronic Communications Regulations) and a wilful failure to engage, or at least to engage in any meaningful way, with the ICO and the Telephone Preference Service (TPS).
Amber UPVC Fabrication Limited issued with ICO Monetary Penalty Notice. The fine relates to unsolicited direct marketing calls, in some cases to people who had already made complaints about receiving such calls. The ICO’s Monetary Penalty Notice (MPN) certainly pulls no punches: “Amber Windows only engaged with the Commissioner in a limited way in its responses to the Commissioner’s letters. Of the 513 occasions it was contacted by the TPS, Amber Windows failed to even respond on 377 occasions. Amber Windows exhibited a complete disregard for PECR by failing to change its business practices and to use the TPS list effectively despite a large number of complaints made to it via TPS.”
Of concern however, the MPN refers to Amber’s conduct dating back to 2006 and this duration has been taken into account for the purposes of establishing the breach of the regulations, the “seriousness” of the contravention and as an aggravating factor affecting the level of the fine. MPN’s have only been available for PECR contraventions since 26 May 2011. As we have previously argued, Monetary Penalty Notices: Absolutely Criminal?, the ICO’s approach breaches Article 7 ECHR in any process where criminal sanctions are available because, in our view, it appears to involve the retrospective criminalisation of conduct in 2006 which was not in fact criminal at that time.
We are also a little bemused that despite the flagrant and wilful conduct apparently founded upon here, the ICO saw fit to categorise this only as a “serious” case, (he can also categorise breaches as very serious or extremely serious) whereas for example the inadvertent sending of eleven emails to the wrong address by a local authority has in the past been regarded by the ICO as “very” serious. We are puzzled because the primary focus of MPNs is said to be to promote compliance with the Data Protection Act and PECR, such that a refusal to engage ought to be conduct that requires to be discouraged. In the same vein, the Deputy Commissioner, David Smith, is on record as saying that he could envisage no circumstances where a fine of less that £40,000 would be appropriate. On that yardstick and despite the strong language used in the MPN, Amber Windows has in fact received a fine at the lowest end of the scale i.e. the equivalent of an ICO slap on the wrist.
With luck the ICO’s appeal to the Upper Tier Tribunal against the Niebel PECR decision will clarify these matters and also address the ICO’s tactic in PECR cases of arguing that where large numbers of callers suffer irritation from nuisance calls, the total can be aggregated to achieve the level of seriousness required to satisfy the MPN threshold.
For further information please contact Paul Motion on T: 0131 222 2939 or email us at firstname.lastname@example.org