Green light for spam texters – for now

The ICO has effectively conceded he has no current powers to issue monetary penalties on spam texters.

In June this year the Upper Tribunal dismissed the appeal by the Information Commissioner’s Office (ICO) against the quashing of a £300,000 monetary penalty notice (the MPN) served on spam texter Christopher Niebel. The MPN had been issued pursuant to the ICO’s powers under section 55A of the Data Protection Act 1998 to serve such a notice if there has been a serious contravention of the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR) of a kind likely to cause substantial damage or substantial distress. The Upper Tribunal held that the First-tier Tribunal had not erred in law in finding that the ICO’s relevant interpretation of “distress” was unsustainable:

the tribunal took issue with the Commissioner’s guidance as to the meaning of “distress” and, in my opinion rightly so. According to that guidance, “Distress is any injury to feelings, harm or anxiety suffered by an individual” (at paragraph [12], emphasis added). The tribunal’s conclusion was that if this “involves the proposition that it is not possible to have ‘any injury to feelings’ which falls short of ‘distress’ then, it seems to us, that the definition is at odds with common experience and with the ordinary use of English [¶60]

As the law required evidence that Niebel’s company’s sending of spam texts had been of a kind likely to cause substantial distress, and as the ICO’s evidence did not match up to this, the MPN had been rightly quashed. Implicitly, the Upper Tribunal was suggesting that further MPNs of this kind would also not be sustainable, and, explicitly, it questioned whether, if Parliament wanted to give the ICO powers to financially punish spam texters, it would require a change in the law

[a] more profitable course of action, is for the statutory test to be revisited…a statutory test that was formulated in terms of e.g. annoyance, inconvenience and/or irritation, rather than “substantial damage or substantial distress”, might well have resulted in a different outcome.

To no real surprise, since the ICO lost this appeal, no further MPNs have been issued for spam texting (some have been served for spam telephone calls). Now the ICO, in a blog post by their Head of Enforcement Steve Eckersley has effectively conceded that the result of the Niebel litigation has been to remove their powers to serve MPNs for spam texts, saying it had “largely [rendered] our power to issue fines for breaches of PECR involving spam texts redundant”. And Eckersley picks up the call for a law change, confirming that there will be a consultation later this year (whether any of this will see results this side of the general election, however, is another question).  This call echoes one made by the Information Commissioner himself, who said in February

We have just got to lower that hurdle because I think if you ask most people they would say silent calls and unsolicited spam texts are one of the great curses of the age – and if the Information Commissioner can’t protect you it’s a poor lookout.
There are, of course, other strings to the ICO bow, and Eckersley refers to some of them
we are using our existing powers to hold companies to account and to disrupt their unlawful activities….and we are obtaining undertakings from and issuing enforcement notices, effectively cease-and-desist orders, to companies that breach PECR.
This sounds good, but leaves me rather puzzled: as the ICO has confirmed to me, no enforcement notices have been served and only one undertaking obtained, against companies or individuals who have sent spam texts in breach of PECR. Enforcement notices are a strong power – breach of one is a criminal offence – and only require the ICO to consider whether the PECR contravention has caused or is likely to cause any person damage or distress, not “substantial damage or substantial distress”. This lower threshold should make it much more difficult for enforcement to be resisted. Maybe some enforcement notices are on their way? One rather hopes so, because, for the moment, it looks like spam texters have received a green light.
EDITED TO ADD:
Tim Turner points out to me that a conviction for breach of an enforcement notice is not a recordable offence it will not make its way on to the Police National Computer, and will not therefore generally result in disclosure for, e.g. employment purposes. Tim’s view, and it is a compelling one, is that for a lot of spammers the threat of a minor conviction for breach of a legal notice is not one which is likely to dissuade them from their practice.
Advertisements

7 Comments

Filed under Data Protection, enforcement, Information Commissioner, Information Tribunal, marketing, monetary penalty notice, nuisance calls, PECR, Upper Tribunal

7 responses to “Green light for spam texters – for now

  1. Good stuff Jon.

    I wonder how strongly the ICO could argue telephone calls are likely to cause damage and distress – I’d have thought they broadly fall under the same category as texts in terms of being a nuisance as opposed to distress, albeit more of a nuisance.

    I have a minor correction whichI hope doesn’t appear petty. The ICO didn’t need to evidence that Niebel had caused substantial distress, they (merely) had to show his spamming was ‘of a kind likely’ to cause substantial distress. I think it’s a subtle but significant difference.

  2. Thanks for the interesting post Jon. Just to add to discussion the legal technicalities, when issuing any Enforcement Notice the Information Commissioner doesn’t need to show or even believe that the activity in question has caused anybody damage or distress. He merely has to consider whether this is the case before issuing any such notice (s. 40 (2), Data Protection Act). And that is an extremely low threshold!

  3. David Erdos

    Sorry, I forgot to add that a key different in relation to monetary penalties (compared to Enforcement Notices) is that Commissioner must be “satisfied” that the contravention was of a kind likely to cause substantial damage or substantial distress. As we’ve seen, the Tribunal will look to see the basis for the Commissioner’s satisfaction. Simply having such a belief is not enough, let alone merely having considered whether this was the case or not.

  4. Pingback: DCMS consulting on lower threshold for “fining” spammers | informationrightsandwrongs

  5. Pingback: DCMS consulting on lower threshold for “fining” spammers | informationrightsandwrongs

  6. Pingback: PARKLIFE! (and a £70k monetary penalty) | informationrightsandwrongs

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s