A South Wales-based lead generation company has been fined £120,000 by the ICO for making unsolicited automated marketing calls.

Oxygen Ltd made over one million calls, playing a recorded message claiming to be a ‘government awareness call’ and offering to write off debt.

The calls related gave no indication of who they were from. The recorded message stated: “This is a government awareness call. If you are struggling to pay your debts of 5000 pounds or more, you can now have up to 70% legally written off for free. That’s right all of your debt written off for free. Press 5 now to speak to our specialist team or press 9 to opt out.”

After an initial 214 complaints from the public, an ICO investigation discovered the company had made over one million automated calls, without people’s consent, during April 2015. Oxygen was responsible for the marketing campaign and used another company to make the calls.

Steve Eckersley, Head of Enforcement at the ICO, said:

“This is a classic example of a company that has ignored the regulations.

“Companies making recorded marketing calls like this need permission, and need to be clear who is making the calls. Oxygen Ltd did neither, and even falsely implied they were part of a government campaign.

“If they thought they could avoid detection by paying a separate company to make the calls, or by presenting the calls as coming from a mobile phone number, they were mistaken. The public complained about these calls, and we have acted.

“This should be a lesson to all businesses, if you set up a marketing campaign it falls to you to provide proof of consent for every automated call made and to identify your business as the company making the calls.

“Any company acting the way Oxygen did can expect to be investigated and receive a large fine from the ICO.”

These calls were made after the change in the law around nuisance calls and texts on 6 April 2015. Previously, the ICO has had to prove that a company caused ‘substantial damage or substantial distress’ making nuisance calls or sending spam text messages. But from April, the ICO just has to prove that the company was committing a serious breach of the Privacy and Electronic Communication Regulations (PECR).

The ICO has published detailed guidance for companies carrying out marketing – explaining their legal requirements under the Data Protection Act (DPA) and the Privacy and Electronic Communications Regulations (PECR). The guidance covers the circumstances in which organisations are able to carry out marketing over the phone, by text, by email, by post or by fax.

Notes to Editors

  1. The Information Commissioner’s Office upholds information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
  2. The ICO has specific responsibilities set out in the Data Protection Act 1998, the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003.
  3. The ICO is on Twitter, Facebook and LinkedIn. Read more in the ICO blog and e-newsletter.Our Press Office page provides more information for journalists.
  4. Anyone who processes personal information must comply with eight principles of the Data Protection Act, which make sure that personal information is:
  • Fairly and lawfully processed
  • Processed for limited purposes
  • Adequate, relevant and not excessive
  • Accurate and up to date
  • Not kept for longer than is necessary
  • Processed in line with your rights
  • Secure
  • Not transferred to other countries without adequate protection
  1. Civil Monetary Penalties (CMPs) are subject to a right of appeal to the (First-tier Tribunal) General Regulatory Chamber against the imposition of the monetary penalty and/or the amount of the penalty specified in the monetary penalty notice.
  2. Any monetary penalty is paid into the Treasury’s Consolidated Fund and is not kept by the Information Commissioner’s Office (ICO).