From Spring 2017, the Information Commissioner’s Office (“ICO”) will be given the power to issue fines of up to £500,000 to company directors if they are found to be in breach of the Privacy and Electronic Communications (EC Directive) Regulations (SI 2003/2426) (“Regulations”).
Whilst the ICO currently has the power to fine companies that breach the Regulations, many companies have avoided paying fines by entering into liquidation. The Information Commissioner, Elizabeth Denham, has said that “We’re quick to fine the companies responsible, but we’ve been speaking to the government about going further than that because we must do all we can to help protect people from these calls.”
By amending the Privacy and Electronic Communications (EC Directive) Regulations 2003 (SI 2003/2426) to introduce personal liability for directors, the ICO will be able to issue fines to each company director and where a company has more than one director, each could be liable for a fine.
According to the ICO, to date it has issued fines totalling almost £3.7million to companies behind nuisance marketing. Fines previously issued by the ICO range from a £5,000 fine issued to an MP who made recorded calls as part of an election campaign to a £350,000 fine for a firm that has made 40 million nuisance calls. In September 2016 alone, the ICO issued fines totalling £260,000 including three fines for spam texts and one fine for nuisance calls.