Recently the UK Government proposed a change to the law which would impose personal liability on directors for unsolicited nuisance calls. If the proposal comes into effect, it could have far-reaching implications for directors of companies involved in such activities.
The Current Law
Nuisance calls are currently governed by the Privacy and Electronic Communications Regulations (PECR) which prohibit companies from sending electronic communications to consumers for the purposes of direct marketing unless prior consent has been given by the consumer or the company is able to prove that they have an existing commercial relationship with the consumer.
If a company breaches this rule, the Information Commissioner’s Office (ICO) has the power to issue a fine of up to £500,000. However, the ICO currently has no power to issue fines to directors personally.
A change in the law took place in 2015 – a clause was removed from PECR which meant that it was no longer necessary for the ICO to demonstrate that the company’s conduct had resulted in “substantial damage or substantial distress”. This lowering of the threshold led to an increase in fines issued by the ICO.
Unfortunately, this change did not act as a sufficient deterrent for companies involved in sending unsolicited electronic communications. This is because there still remained the problem of fines being paid, after they had been issued.
Since fines can only be issued to companies, as opposed to individual directors, companies were able to avoid paying fines by dissolving their company or putting their company into liquidation and then re-incorporating under a new name. In May 2018, the ICO announced that due to this, it has been able to recover only 54% of all fines issued since 2010.
This practice, known as “phoenixing”, allows “rogue directors” to avoid fines for sending unsolicited electronic communications and to continue such activity after dissolving one company and starting another.
The government is acutely aware of this problem – the Digital Minister Margot James has commented that “for too long a minority of company directors have escaped justice by liquidating their firms and opening up again under a different name.”
Therefore, the government consulted on a proposal to allow the ICO to impose penalties on company directors individually where they breach the rules concerning nuisance calls in PECR. Under this proposal, directors could face fines of up to £500,000.
Further, it would be a decision for the ICO whether to issue the fine to the company, to the director individually, or both. It would also be possible for several directors of the one company to be issued with a fine.
The ICO has commented that this amendment would “increase the tools (they) have to protect the public” from nuisance calls. It would also ensure that an individual could be held to account for payment of a fine, where a company is dissolved or liquidated after the fine has been issued.
The Consultation closed on 21 August and the government is currently considering the responses it received on the Consultation. We await further information from the government once it has had the opportunity to analyse the responses.
If the proposal is introduced and your organisation is involved in sending electronic marketing communications, it will be more imperative than ever to ensure that your organisation is complying with data protection and privacy law.
This article was co-written by Charlotte Fleming.