News - ICO writes to 1,000 data companies

ICO makes contact with the data industry

 Article added: 22/11/2015

The ICO is taking the unprecedented step of writing to over 1,000 data suppliers as part of its ongoing battle against nuisance calls.

The ICO believes that data companies play an important role in the compilation and trade of names, addresses and telephone numbers which in turn feeds the nuisance calls industry.

When companies register for their Data Protection licence, they are required to identify if they trade in personal data. The ICO will be using this information to contact those companies.

Information Commissioner's Office

The ICO will not just be sending out a warning shot, it will be asking for information on:

  • how they comply with the law
  • what data they share
  • how they get people’s consent to share their data; and
  • to provide the ICO with a list of all the companies they’ve worked with in the last six months.

Information Commissioner Christopher Graham said:

We already know a lot about this sector. We know that it prompts 180,000 complaints a year from consumers, who take the time to report to us the calls they’re getting.
That information has helped us to make some big breakthroughs in the nuisance calls business, alongside the intelligence we build up from elsewhere, from whistleblowers for instance, or from the network providers.
We see clear patterns building up and can identify who would benefit from guidance, and who the truly bad actors are. This enables us to execute search warrants, to drag people before the courts, and to issue fines. We’ve got three fines lined up for this week, and that’ll bring us to a total of a million pounds worth of penalties in this area over the past four months alone. It’s clear we’re getting the job done.
Christopher Graham - Information Commissioner
Christopher GrahamInformation Commissioner at the ICO
But there’s a danger that where we remove one of this Hydra’s head, two grow back in its place. By targeting the illegitimate aspects of the list broking business that fuels this industry, we have the chance to truly strike down this monster.

TPS Services' director Vince Costa-Barnett says:

Consent is the buzz word of the moment. The ICO, contrary to the position it's adopted for the last 10 years, has now decided that the meaning of consent is more specific than the data industry has been interpreting up until now and as part of its battle against nuisance calls it's using consent to tell companies that the way they have been doing business, under the governance of the ICO incidentally, for the last 10 years is frankly not good enough and for some business that will mean the end of the road.
Those who are joining the fight against nuisance calls will welcome such a stand, but somewhere in the mix of things it does seem that the ICO is getting away scot free from its failure to govern the data industry through the course of the internet revolution.
What the ICO is doing is right, but the way it's going about it perhaps not so much.

The responses from business will help the ICO understand more about how lists are screened against the Telephone Preference Service, what lists are in operation and the terms under which such data is traded. Such information will assist the ICO's enforcement work under Privacy and Electronic Communication Regulations (PECR).

The information will also help the ICO’s in providing guidance and education, both to the list broking sector and the companies who buy from it. Let's hope they take into account their part in all of this over the last 10 years in the way they go about this.

If companies don't respond to the ICO's letter, the ICO will look to take action to require the information to be provided. The ICO has the power to issue Information Notices, which legally oblige an organisation to provide them with information, with the threat of court action if they do not.

One such company was prosecuted in October, and the courts fined them £2,500. Nuisance Call Blocker Ltd, a so called "cold calling prevention team", was prosecuted for failing to respond to an information notice. The Bournemouth-based company was fined £2,500, ordered to pay a £120 victim surcharge and £429.85 prosecution costs.

The work comes in the week after Christopher Graham reiterated his call for powers to oblige companies in the lead generator and list broker sectors to be audited by his office.

Speaking before the Science and Technology Committee on Tuesday 17th November 2015, Christopher Graham said:

There would be a question of resources to do this, but I think the lead generator and the list broker sector is also one that it would be very logical for there to be powers to compulsory audit.
Back to more articles

Free TPS
Health Check

Want to know just how many numbers in your database are actually on the TPS and CTPS?

Then why not use our totally FREE TPS Health Checker. Run your data through our system for FREE and we'll let you know how it compares to both the TPS and CTPS registers.

Check My Data

HLR Services

Validate Now is an API you can integrate into your website or call centre screens to check mobile numbers live.

Find out more