Out-Law News 1 min. read
22 Nov 2018, 1:19 pm
The new rules, which will come into force on 17 December, will give the Information Commissioner's Office (ICO) new powers to fine company directors up to £500,000 for breaches of the Privacy and Electronic Communications Regulations (PECR). PECR sets out the legal parameters for electronic direct marketing in the UK.
The new Privacy and Electronic Communications (Amendment) Regulations 2018 were laid before the UK parliament on 16 November.
PECR generally prohibits companies from transmitting or instigating the transmission of unsolicited electronic communications to consumers for the purposes of direct marketing unless the person receiving those communications has given prior consent for the messages to be sent or the sender can demonstrate an existing commercial relationship with recipients. The ICO can serve fines of up to £500,000 on companies that breach the rules.
The largest fine issued by the ICO for a breach of PECR to date is £400,000, against a company responsible for nearly 100 million automated nuisance calls over an 18 month period. Keurboom Communications was subsequently placed in liquidation, leaving the ICO to attempt to recover the fine from the liquidator and insolvency practitioners.
The government consulted on amending PECR to introduce scope for personal director liability earlier this year.
The new rules will give the ICO scope to fine the company, its directors, or both. The change would also allow the ICO to hold individual directors to account where the company fails to pay the fine or is placed into liquidation; and where the individual is no longer in a senior position, for example through resignation. The new rules will operate alongside the Insolvency Service's existing director disqualification regime.
"The effect of the amendments made … is to enable the [information] commissioner to impose such a penalty on an officer of a body corporate or Scottish partnership in addition to the body itself, where such a breach occurs as a result of action, or inaction, by that officer," according to an explanatory note attached to the new regulations.
At the time of its consultation, the government said the changes "would send a strong message to directors that if their business involves direct marketing activities, they need to be sure their customers have agreed to be contacted and their companies are acting within the law". It said it would also mean that direct marketing laws "are treated more seriously at boardroom level".