Ahead of far-reaching changes to data protection rules that come into force next year, the Information Commissioner’s Office (ICO) has shown its willingness to take a tough stance on enforcement by imposing a record fine of £400,000 on Keurboom Communications.
Keurboom breached privacy laws by making almost 100 million automated telephone calls to people without their consent, sometimes at night, to see if they were eligible for road-accident or PPI compensation.
The company has gone into voluntary liquidation. However, in October, the Government announced plans to let the ICO fine company directors as well as their businesses.
If this decision is any indication, we can expect the level of fines to go up dramatically when the General Data Protection Regulation (GDPR) comes into force in May 2018. The maximum fine available to the IPO will increase from £500,000 to 4% of annual worldwide turnover or €20 million (whichever is greater).
“Keurboom showed scant regard for the rules, causing upset and distress to people unfortunate enough to be on the receiving end of one its 100 million calls“