PL&B UK E-news, Issue 65

1. Unsolicited marketing by Bluetooth now allowed

The ICO has changed its opinion on whether unsolicited marketing messages sent by using Bluetooth fall under the Privacy and Electronic Communications Regulations 2003 (PERC). Previous ICO guidance said that Bluetooth was covered by PERC Regulation 22. Now, the office states that as the regulations apply only to messages sent over a public electronic communications network, Bluetooth is, in fact, not covered as these types of messages are not sent using such a network.

The ICO, however, urges marketers to consult industry guidelines on good marketing practice if considering using Bluetooth technology. The new interpretation, reached in consultation with the ‘Department of Business, Enterprise and Regulatory Reform’ and others, opens up endless possibilities for spamming. However, the Direct Marketing Association tells PL&B today that it recommends that companies use Bluetooth marketing in line with industry codes, meaning no change from current good practice.

Bluetooth is a close-range wireless communications technology that is available on many mobile phones. The change was announced on 11 September 2007.

Read more about ICO’s review of the PERC guidance, and how it affects marketing, in the November issue of the UK newsletter.

2. New guidance on information sharing

The ICO launched, on 10 October 2007, The Framework Code of Practice for Sharing Personal Information. The Code is a basis for public and private sector organisations, which can set up their own arrangements, provided that the organisations’ own Codes of Practice allow the ICO to audit how the arrangements work in practice.

Ian Bourne, Head of Data Protection Projects at the ICO said: “The Data Protection Act provides organisations with a valuable framework for sharing personal information and should not be seen as a barrier. I encourage organisations to use the framework to develop their own code of practice to support good information sharing while maintaining public trust and respecting personal privacy.”

The framework code helps organisations to understand the requirements of the legislation as it breaks down compliance into a series of logical steps. The code also includes a useful example of a simple information sharing procedure.

The code can be found on the ICO website.

3. Manual records transitional arrangement to expire

The transitional period granted for manual records in the Data Protection Act 1998 will expire on 24 October 2007. Organisations that have been relying on this exemption, which relates to certain manual records that were created before 24 October 1998, are reminded that the Act will now apply fully, for example, individuals will have the right to challenge organisations over incorrect personal data. The Act does not require that data controllers digitise or computerise old manual records.

For further details on the Privacy Laws & Business UK Newsletter, please click here.

Copyright Privacy Laws & Business 2007