UK Data Protection E-news - April 2011
- PECR unwanted marketing phone call and e-mail breaches now punishable by £500,000 fine
- UK will require cookie consent but no immediate enforcement
Amendments to the Privacy and Electronic Communications Regulations (PECR), in force on 25 May, mean that the ICO will be able to impose its highest monetary penalty on organisations making unwanted marketing phone calls or sending unwanted marketing emails to consumers. The new fine will apply, as with the Data Protection Act, to the most serious breaches.
Data breaches in the telecoms sector will now have to be notified to the ICO in certain circumstances.
The ICO will also receive a power to require telecommunications companies and Internet service providers (ISPs) to provide its office with information that is needed to investigate breaches of the PECR. The ICO will also have increased audit powers over telecommunications companies and ISPs which may have some compulsory elements.
The Information Commissioner, Christopher Graham, said:
“The new powers are coming into force on 25 May. We will be issuing guidance to reflect the changes that are being introduced.”
Although the implementation deadline is 25 May, draft regulations have not yet been published. The current proposals make it clear that the Information Commissioner’s Office will publish further guidance.
The government is also supporting cross-industry work on third party cookies in behavioural advertising. Adverts may in the future have an easily recognisable icon so users can access more information and an option to refuse those and other cookies.
For further details on the Privacy Laws & Business UK Newsletter, please click here.
Copyright Privacy Laws & Business 2011