Keurboom Communications Limited (“Keurboom”) has been stung with a hefty fine in the sum of £400,000 by the Information Commissioner’s Office (“ICO”) for making almost 100 million nuisance calls without the caller’s consent thereby breaching data privacy laws. The ICO also found that Keurboom were calling individuals during unsocial hours and hid its identity making it harder for people to complain.
The ICO are responsible for the enforcement of data protection and privacy laws and has the power to impose maximum fines of up to £500,000 for the unlawful use of data. With the advancement of technology and increased data privacy risks, the ICO have been determined to take firm action against defaulting organisations, particularly businesses who make nuisance calls. By imposing this record fine on Keurboom, the ICO are sending a clear message to businesses that it will use the extent of its powers to punish businesses that are not compliant.
Keurboom have since gone into a Creditors Voluntary Liquidation but the ICO are determined to recover this fine. Last year the Telegraph revealed that out of 20 firms penalised by a fine, 15 ceased to trade or declared themselves insolvent, thereby avoiding paying in full. The government recognise this is a serious issue and will be amending privacy laws to give the ICO powers to hold each director of a non-compliant company personally responsible. The change in legislation will allow the ICO to impose fines against directors (up to £500,000) in addition to any fines imposed against the company.
In light of this case, organisations that may not comply entirely with the appropriate legislation should be taking strict measures now to avoid receiving such fines and facing public humiliation. Additionally, businesses should also be taking measures to ensure compliance with the new General Data Protection Regulation (“the GDPR”) which will come into force in May 2018. The GDPR will introduce an increase in the maximum penalties against companies that breach the new data protection rules. The penalties will increase from £500,000 to €20 million or 4% percent of a business’ worldwide turnover for serious breaches and €10 million or 2% of global turnover for minor breaches. Businesses should therefore ensure that its corporate house is in order and compliant ahead of May 2018.