First Financial (UK) Limited

Breach details

What Breach of the Privacy and Electronic Communications Regulations (PECR).
The sending of unsolicited marketing SMS.
How much 4,031 complaints.
When 01 February 2013 to 31 March 2013.
Why It appears that First Financial was set up in order to provide short-term loans, and was probably intended to be a transient company that could be closed before regulatory action was taken against them. During the period in question First Financial carried out a marketing campaign by sending text messages claiming the recipient was entitled to immediate cash claims through the First Financial website. The text messages were sent using unregistered SIM cards to avoid spam detectors. The individual who set up First Financial has since tried to dissolve the company, remove himself from the company register as director, and has refused to disclose the financial position of the company.

Regulatory action

Regulator ICO
Action Monetary Penalty of £175,000.
When 16 December 2013.

Why the regulator acted

Breach of act Breach of Regulation 22: sent unsolicited marketing SMS messages without asking for the consent of the individuals concerned.
Known or should have known The issue of unsolicited text messages has been widely publicized recently and so First Financial should have been well aware that they ran a high risk of contravening regulations by sending such a high volume of texts. The volume of texts indicates that there were no systems in place to ensure the consent of the recipients and by using unregistered SIM cards they were deliberately contravening PECR.
Likely to cause damage or distress The large numbers of individuals involved in this case ensured that the overall level of distress was substantial, particularly as only a very small percentage of recipients of texts such as these report them. Some individuals were concerned about the unsociable times they received these messages; others were troubled about where First Financial had obtained their details.

Better Together

Breach details

What Breach of the Privacy and Electronic Communications Regulations (PECR) – Sent text messages without the consent of the recipients.
How many 300,000 SMSs.
When 22 March 2013 and 27 April 2013.
Why Better Together were sending out text messages to individuals in Scotland regarding how they would vote in the Scottish Independence Referendum. However, they did not ensure the recipients had given their consent to be contacted as they believed another company had already done this on their behalf.

Regulatory action

Regulator ICO
Action Undertaking to comply with Regulation 22(2) of PECR.
When 19 November 2013.
Details Two rounds of texts were sent out even though Better Together had received a letter from the ICO warning them to comply with the law.

Tameside Energy Services Ltd

Breach details

What Serious breach of the Privacy and Electronic Communications Regulations (PECR).
A high volume of unsolicited marketing calls to consumers that had registered with the Telephone Preference Service (TPS) that continued despite customer complaints and requests to unsubscribe.
How much An unknown number of direct marketing calls resulting in 1,010 TPS complaints and 60 complaints directly to the ICO (8 of which were duplicates), making a total of 1,062 complaints.
When 26th May 2011 to 31 January 2013.
Why Failed to screen calls effectively against a current Telephone Preference Service (TPS) list or maintain an opt-out register.

Regulatory action

Regulator ICO
Action Monetary penalty of £45,000.
Enforcement notice issued to ensure that Tameside does not make unsolicited marketing calls to individuals registered with TPS, or who have notified Tameside that they do not want to receive further calls, within 28 days.
When 5 July 2013.

Why the regulator acted

Breach of act Breach of Regulation 21: repeatedly ignored provisions that marketing calls should not be made to individuals who had registered with TPS.
Known or should have known Concerns over PECR obligations were first raised by the Commissioner in May 2012. The volume of complaints made before and after the Commissioner’s letter of May 2012 would have made the company aware that they were continually breaching regulations.
Likely to cause damage or distress. The overall level of distress was assessed as substantial due to the very large numbers of individuals affected. A small number of individuals also personally suffered substantial levels of distress.

Nationwide Energy Services and We Claim You Gain

Breach details

What Breach of the Privacy and Electronic Communications Regulations (PECR).
A high volume of unsolicited marketing calls from two companies both owned by “Save Britain Money Ltd” to consumers that had registered with the Telephone Preference Service (TPS) that continued despite customer complaints and requests to unsubscribe.
How much An unknown number of direct marketing calls resulting in over 2,700 complaints to the TPS or ICO.
When May 2011 – December 2012
Why Did not screen outbound calls against the TPS register.

Regulatory action

Regulator ICO
Action Nationwide Energy Services: Monetary penalty of £ 125,000

We Claim you Gain: Monetary penalty of £ 100,000
When 17 June2013

Why the regulator acted

Breach of act Breach of Regulation 21: repeatedly ignored provisions that marketing calls should not be made to individuals who had registered with TPS.
Known or should have known Both companies had been repeatedly contacted by the TPS and ICO and were made aware they were in contravention of the Act. The TPS contacted Nationwide Energy Services on 1,601 occasions and We Claim You Gain 1,070 times.
Likely to cause damage or distress The sheer volume of complaints should have indicated that distress would be caused and individual complaints to the ICO detailed varying degrees of actual distress.

DM Design Bedrooms

Breach details

What Serious breach of the Privacy and Electronic Communications Regulations (PECR).
A high volume of unsolicited marketing calls to consumers that had registered with the Telephone Preference Service (TPS) that continued despite customer complaints and requests to unsubscribe.
How much An unknown number of direct marketing calls resulting in 1,945 TPS complaints and an unspecified number of complaints directly to the ICO.
When June 2011 to November 2012
Why Ignored requirement to screen call lists against the Telephone Preference Service (TPS) or maintain an opt-out register.

BW Comments

After initial contact from the ICO, the unsolicited calls continued and some reported to the Commissioner were described as aggressive.

Regulatory action

Regulator ICO
Action Monetary penalty of £90,000
When 20 March 2013

Why the regulator acted

Breach of act Breach of Regulation 21: repeatedly ignored provisions that marketing calls should not be made to individuals who had registered with TPS.
Known or should have known Concerns over PECR obligations were first raised by the Commissioner in 2004. The volume of complaints made before and after the Commissioner’s letter of May 2012 would have made the company aware that they were continually breaching regulations.
Likely to cause damage or distress The overall level of distress was assessed as substantial due to the very large numbers of individuals affected. A small number of individuals also personally suffered substantial levels of distress.

BW Observations

That DM Design breached the PECR by not screening against the the TPS register and maintaining their own opt-out list is not debatable. The volume of calls and complaints are significant (although we are not told what the average or maximum level of complaints are to the TPS in respect of a company other than “they [DM Design] were one of the organisations about which the most complaints were received”). What’s interesting is the ICO again used the same justification as the Tetrus Telecommunications MPN to determine the s55A(1)(b) ‘substantial damage or distress test’ – that although the distress in each individual case was not considerable, the cumulative effect of the distress caused by the totality of all calls made in contravention of PECR met the Commissioner’s threshold of substantial distress.

Tetrus Telecoms – Christopher Niebel and Gary McNeish

Breach details

What Serious breach of the Privacy and Electronic Communications Regulations (PECR).
How much Sent millions of unsolicited text messages.
When From December 2009 onwards.
Why Concealed identity and/or failed to provide a valid ‘cease’ address. Sent automated marketing without the necessary opt-in permissions.

BW Comments

Millions of spam SMS messages sent from over 16,000 SIM cards. There can’t have been anyone in the UK that didn’t receive one of Tetrus’s offers to reclaim PPI or pursue a road accident claim.

Regulatory action

Regulator ICO
Action Christopher Niebel: Monetary penalty of £ 300,000
Gary McNeish: Monetary penalty of £ 140,000
When 28 November 2012

Why the regulator acted

Breach of act Breach of regulations 22(2) and 23 of PECR, characterised by the ICO as “continued, repetitive and deliberate contraventions of the law.”
Known or should have known The Commissioner found evidence that the participants deliberately hid their identity and made no attempt to ensure they had the recipient’s opt-in to receive automated messages.
Likely to cause damage or distress Although most people would agree that the receipt of these unwanted text messages is annoying, the Commissioner argues that they the messages caused damage and distress.

BW Observations

That the individuals concerned deliberately flouted the Privacy and Electronic Communications Regulations is not in doubt. The Commissioner’s arguments in respect of the damage and distress caused are informative.

  1. That although the distress / annoyance caused by each individual SMS sents is small, because of the number of messages sent by Niebel and McNiesh, the cumulative distress suffered by “huge numbers of individuals” equates to substantial distress. It will be interesting to see if this is argued in Mr Nielbel’s appeal to the Information Tribunal (EA/2012/0260).
  2. Some recipients were overseas at the time messages were sent, so had to pay their mobile telecommunications provider additional fees for receiving these SMSs when overseas, resulting in real monetary damage.
  3. People receiving emails about an accident claim may worry about other family members, and such messages also had the potential to be disturbing to people who had been involved in accidents.
  4. The wording used had the potential to cause distress by raising false expectations, e.g. “we know how much you are owed” and “You are almost certainly entitled to £2,300.”