The Information Commissioner’s Office has been handed the power to dish out fines of up to £500,000 if companies break the new European rules on the use of cookies, spam email, and unwanted marketing phone calls and mobile texts.
The move is part of the Government’s commitment to comply with a European Directive, which seeks to protect citizens from certain marketing methods but comes just days after it was revealed the ICO has only prosecuted 1 per cent of miscreants. It will also raise fresh concerns about the regulator’s ability to police the new rules, given its limited resources.
Last month, the ICO warned companies that they should be getting ready to comply with new regulations covering the use of cookies.
The ability to fine firms will come into force on May 25 as part of the UK’s Privacy & Electronic Communications Regulations (PECR). As part of the new ICO policing regime, telecoms companies and ISPs will be required to notify the ICO and their customers in certain circumstances when a personal data breach occurs.
As for the use of cookies, the ICO will be responsible for regulating compliance and will soon be issuing advice.
Information Commissioner Christopher Graham said: “The changes to the regulations will grant us the right to impose significant monetary penalties for the most serious breaches of the rules, and give us improved powers to investigate companies that make nuisance marketing calls.”
Companies struggling to comply with the new rules before the implementation deadline of May 25 have been granted a short-term amnesty because of the complexities involved. The ICO already has the power to fine firms up to £500,000 for serious personal data breaches.
Related stories:
Only 1% of data losses punished
Missing data found in lunchbox
Protecting your data ‘not geeky’
