What does this cover?

Help Direct UK Limited (Help Direct) – on 27 October the Swansea based company was fined £200,000 for sending thousands of unsolicited text messages as part of a marketing campaign in April 2015, which resulted in 6,758 complaints.

The messages related to a number of different services including PPI payment, bank refund and loan services causing concern to many consumers. The ICO investigation uncovered the use of unregistered SIM cards, a method utilised by companies who wish to circumvent mobile network spam detection systems.

The Assistant Commissioner for Wales, Anne Jones, commented that this was "a marketing campaign on a massive scale". By breaching an enforcement notice issued in relation to similar marketing that took place in 2014, Help Direct had "deliberately broken the law" and "show a blatant disregard for the rules". The breach of an enforcement notice is a criminal offence and the ICO is contemplating possible further action.

Warning was also given to other companies who choose to disregard enforcement notices. This is the first fine under the new rules, introduced in April 2015, which removed the requirement for the ICO to prove substantial damage and distress. The section now simply states that in relation to a breach of the requirements of the Privacy and Electronic Communications Regulations (PECR), the ICO may impose a civil monetary penalty where the person breaching the regulations relating to automated calls, unsolicited calls, faxes and electronic mail for marketing purposes “knew or ought to have known that there was a risk that the contravention would occur” but “failed to take reasonable steps to prevent the contravention”.

What action could be taken to manage risks that may arise from this development?

Companies should continue to ensure that their marketing campaigns comply with the DPA and PECR.