Who: UK Government (Department for Culture, Media & Sport or “DCMS”)
Where: Whitehall, London
When: 6 April 2015
Law stated as at: 13 March 2015
What happened:
With just 3 weeks to go before game-changing reforms of communications laws affecting a hefty proportion of the country’s marketing industry, mystery still surrounds crucial aspects of the changes.
On 25 February 2015, the Department for Culture, Media and Sport announced a dramatic change in the UK enforcement regime for non-compliant marketing in (probably) three key channels.
From Easter Monday, 6 April, 2015, the Information Commissioner’s Office (or “ICO”) will be able to issue fines of up to £500,000 against telemarketers, text marketers and, it appears, email marketers who break the Privacy and Electronic Communications (EC) Directive Regulations 2003 (“PECRs”) without having to show that the breach was likely to cause “substantial damage or substantial distress.”
Also…..no that’s actually it. That is the extent of the information provided by the powers that be so far.
Long list of known unknowns
So we don’t yet know for certain, for example:
1. whether the breach will still have to be “serious”; or
2. whether the breach will also have to be either “deliberate” or committed in circumstances where the marketer knew or ought to have known that a breach of a particular level of seriousness would occur; or
3. whether the change will apply to email marketing as well as nuisance calls and texts; or
4. whether the change will apply to arguably less toxic breaches of the PECRs such as sending unsolicited marketing emails that would contravene regulation 7 of the PECRs (i.e. not clearly identifiable as a commercial communication or not clearly identifying the person on whose behalf the commercial communication is made or not clearly identifying as such any promotional offer or not clearly identifying as such any promotional competition or game or ensuring that any conditions for participation are easily accessible and presented clearly and unambiguously)
5. whether the change will be retrospective so that breaches committed before 6 April 2015 may be subject to the new regime; or
6. whether alternatively there might be a period of grace allowed before the change is actually brought into force given the speed with which the reform has been introduced and the surprising last minute threat to extend the crack-down to email marketing when the focus of the move to tighten the laws in this area had from the start been on cold calling and spam text; or
7. whether the change will be made by way of amendments to the provisions of the Data Protection Act 1998 that first introduced the power to impose a £500,000 monetary penalty notice or by way of amendments to the PECRs.
Why this matters:
It is impressive that ministers have come good on their December 2014 promise to introduce these changes before the General Election. However, the speed of the move has clearly caught draftsmen on the hop when, particularly given the apparent last minute extension of the changes to email marketing, industry stakeholders might have expected a little more notice of the full picture on the reforms.
Hopefully the position will become clear on this very soon, but one thing that is certain is that the risk matrix for even responsible marketers is about to be significantly changed. All those operating in these areas of marketing should therefore be double checking their processes and practices to ensure they are not caught napping come Easter Monday.
