Who: Amber UPVC Fabrications Limited (“Amber”), the Information Commissioner’s Office (“ICO”), First-tier Information Rights Tribunal (“FTT”)
When: 19 December 2014
Law stated as at: 12 January 2014
Amber is a company which sells UPVC windows to the domestic market, relying to a large extent on telemarketing in order to increase sales and brand awareness. Between May 2011 and April 2013, the company made a whopping four million telephone calls, of which between 80-90% were marketing calls. Having received complaints from a number of call recipients, the ICO investigated Amber and found that a large number of calls made were in contravention of the Privacy and Electronic Communications Regulations 2003 (as amended) (the “PECR”).
The PECR contains a number of restrictions on various forms of direct marketing. One requirement is that individuals who have registered with the Telephone Preference Service (“TPS”), the UK do-not-call registry, are not to be contacted for the purposes of live unsolicited marketing by telephone unless they have notified the caller that they do not object to such calls being made. Therefore telemarketers are in most cases effectively obliged to check the TPS to ensure that they do not call individuals appearing on the register.
The ICO clamps down on cold caller
The ICO has the power to issue monetary penalty notices of up to £500,000 against those who seriously contravene the PECR and/or the Data Protection Act 1998. To be able to do this, the contravention in question must be ‘of a kind likely to cause substantial damage or substantial distress’ to the recipient and must have been deliberate (or at least the breaching party must have known that there was a risk of a contravention likely to cause substantial damage or distress but failed to take preventative steps).
In this case, the ICO found that a number of calls made by Amber were in contravention of the PECR, citing 524 unsolicited calls in particular. As such, a monetary penalty notice was issued against Amber for £50,000. Amber appealed this decision to the FTT on the basis that the breach was not serious, it was not of a kind likely to cause substantial distress and that the size of the penalty was disproportionate, particularly given that Amber had subsequently made improvements to its systems.
FTT takes holistic approach
The FTT upheld the monetary penalty notice.
Of particular relevance, the FTT held that it could evaluate the cumulative impact of the total number of contraventions in question in assessing whether substantial damage or distress had been caused rather than assessing this by reference to each individual contravention.
The FTT did not accept Amber’s arguments that live sales calls were less (or not more) intrusive than SMS; live calls demand immediate intention and, in cases where the recipient is registered with the TPS, an unsolicited marketing call would defeat the recipient’s expectation that the incoming call would not be this type of communication.
The FTT decided that when hundreds of people who are on the TPS receive unsolicited marketing calls, there is a very significant risk that such calls could cause substantial distress. Although Amber argued that each individual call was unlikely to cause such distress, when the FTT adopted the cumulative approach, it decided that substantial distress was likely to be caused through two different ways.
Firstly, the FTT judged that, among the hundreds of recipients of the unsolicited calls, there may be some who are more sensitive than the average person and who therefore might suffer substantial distress. This may be because they are suffering from physical or mental health issues or have recently been bereaved or because they are trying to meet a tight work deadline. By calling so many individuals, the chances of interfering with even one or two of these types of people would be high.
Secondly, even where individuals were not caused substantial distress themselves, any distress caused to the recipients should be taken on aggregate, meaning that the threshold of substantiality would be surpassed merely due to the amount of people who might be caused distress, even if only mild in each individual case.
Amber could not provide sufficient explanation for the flaws in its practices, such as the failure to consult the TPS or the lack of training and materials given to sales staff regarding the requirements of the PECR. Even after the monetary penalty notice was issued by the ICO, Amber continued to contravene the PECR and, at the time of the FTT hearing, Amber had still not implemented formal procedures for how the telesales representatives were supposed to deal with those people who informed them that they were registered with the TPS. As such, the FTT did not consider the ICO penalty to be disproportionate and therefore upheld the full £50,000 amount.
Why this matters:
This decision emphasises the importance of compliance with the PECR, and particularly the requirement for telemarketers to cross-reference their databases against the TPS if the individuals being called have not separately notified the instigator of the call that they do not object to such calls being made. Additionally, such organisations should maintain their own suppression lists if individuals inform them that they do not wish to be contacted.
The ICO has made it clear that it will clamp down on businesses which breach these rules and the FTT’s subsequent decision to uphold the fine has shown that it is comfortable looking at the offending calls in aggregate in order to assess whether substantial damage has been, or is likely to be, caused.
It is worth noting that the Department of Culture, Media and Sport is consulting on proposals to lower the threshold for consumer harm (or even to remove it altogether). If this happens, it will give the ICO even greater freedom to penalise those who breach the PECR, not only in respect of telesales, but also through SMS, automated recorded calls, fax messages and emails.