3rd March 2016
A capacity audience at the DMA Data Protection 2016 conference heard warnings from Government and the ICO that the nuisance call industry was under concerted attack.
Baroness Neville-Rolfe DBE CMG (the DCMS Minister responsible for Data Protection) emphasized that the Government had run out of patience with nuisance callers and signalled changes in the law which would have a significant impact on direct marketers generally:
“We are exploring potential options for further regulation. This could include putting the ICO’s direct marketing guidance on a statutory footing. This would provide clarity on the responsibilities of those who instigate direct marketing calls; clarify the rules around time limits on third party consent” she also said DCMS was considering “powers of compulsory audit to organisations responsible for generating nuisance calls, including data brokerage organisations and list generators.”
The ICO Direct Marketing Guidance contains significant “best practice” advice favouring opt-in and suggesting that consent for third party data use should only last six months. Statutory footing and the potential for audit would significantly enhance the need for marketers (and data providers) to abide by these rules.
In his last address to the DMA Conference before stepping down in June, Information Commissioner Chris Graham said the Office had significant fines in the pipeline which was confirmed by Monday’s announcement of the biggest ever monetary penalty for nuisance calling – “Mega Monday” for nuisance fines calls.
His advice concerning preparation for the General Data Protection Regulation was less precise. He re-iterated that compliance with the current law was the best way to “keep several jumps ahead of the Sherriff” but admitted he had “not a lot” to say at this stage about the Regulation which is still being dissected by ICO lawyers. The earliest date for official guidance, he said, is likely to be June or July this year and he would not be drawn by specific questions of interpretation – especially on consent – from the audience.
In answer to other questions from the floor, both Baroness Rolfe and Graham confirmed that legislation similar to the Regulation would need to be put in place even in the event of BREXIT to ensure continued adequacy for the UK. Graham also confirmed that an “information rights” fee to replace the notification fee was under discussion.
The information provided and the opinions expressed in this document represent the views of the Data Protection Network. They do not constitute legal advice and cannot be construed as offering comprehensive guidance on the EU General Data Protection Regulation (GDPR) or other statutory measures referred to.