A week ago I noted that the Information Commissioner’s Office (ICO) had effectively conceded that, since the Upper Tribunal’s decision in the Niebel case, it could not realistically serve monetary penalty notices (MPNs) on spam texters. I observed that
the result of the Niebel litigation has been to remove their powers to serve MPNs for spam texts, [with the ICO saying] it had “largely [rendered] our power to issue fines for breaches of PECR involving spam texts redundant”.
This perception has been reinforced by the press release today from the ICO, reporting a raid on a claims management call centre “thought to be connected to a spam text operation”. Information and hardware were seized in the raid, but the ICO says it
will now consider whether an enforcement notice compelling the organisation to comply with the rules regarding text marketing can be issued
Notably, no reference to an MPN is made. To recap, MPNs can be served under section 55A of the Data Protection Act 1998 to serve such a notice if there has been a serious contravention of the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR) of a kind likely to cause substantial damage or substantial distress. The Niebel litigation, in very broad terms, cast doubt on whether receiving spam texts could ever cause substantial damage or substantial distress (as opposed to, say, irritation).
Whether this Llanelli operation was in contravention of the law, and if so what sanctions will flow will no doubt be determined on the basis of the seized information and other information.
And although enforcement notices are serious sanctions, with breach of one being a criminal offence (although not a recordable one) whether people running spam texting operations see them as a real deterrent is another matter.