A West Midlands firm which made thousands of nuisance phone calls in the middle of the night has been fined £70,000 by the ICO.

It comes the same week as a Manchester company, MyIML, was fined £80,000 by the ICO for cold calling people registered with the Telephone Preference Service (TPS).

Direct Security Marketing Ltd, based in Dudley, made nearly 40,000 automated calls in just one day in an attempt to sell burglar alarms. Of these, 9,775 were made between 1am and 6am.

Andy Curry, the ICO’s Group Enforcement Manager, said:

“Elderly people were among those who were left distressed after being woken up in the night by the automated calls.

“It’s natural when the phone rings in the early hours to fear it’s bad news and perhaps a relative is seriously ill, and that’s what people who received these calls told us they thought. Automated calls at any time can leave people feeling unsettled but to receive a call trying to sell you a burglar alarm in the middle of the night must have been very frightening.”

The automated calls, made from a withheld number, were received by residents early on 24 August 2015 and invited them to purchase a security system.

The ICO began an investigation into Direct Security Marketing Ltd after receiving complaints from some of those who had been called by the company.

Mr Curry said:

“Legally, automated marketing calls can only be made if people have specifically consented to receive this type of call. This company admitted to us that it did not have consent from the individuals they called.”

During the course of our investigation, we identified that Direct Security Marketing Ltd was not notified with the ICO and they were prosecuted at Dudley Magistrates’ Court for this offence. The company pleaded guilty and last November was fined £650, ordered to pay costs of £492.78 and £65 victim surcharge.

The company’s director, Antonio Pardo, was also prosecuted over the offence. He pleaded guilty and was fined £534, ordered to pay £489.08 costs and £53 victim surcharge.

The following are examples of some of the complaints to the ICO about the calls Direct Security Marketing made on 24 August:

“Receiving a call from a withheld number at 4.40 in the morning is an extremely unpleasant experience. I have elderly parents therefore the first thing I thought of was that something had happened to them. No-one wants to receive a phone call in the middle of the night as it’s usually bad news. Very upsetting and worrying.”

“I am 72-year-old and have a heart condition. It left me wondering why I had received it and took me some time to get back to sleep.”

“It was 2am on a Monday morning, I was asleep in bed. When the phone rang, the caller display showed a private number. I thought it was my mum phoning as her number comes up as private and my dad has recently had an operation and a heart attack, so my first thought was that my dad had become ill again. It was a recorded message about home security, so I hung up. But it left me shaken and unable to get back to sleep.”

“I am complaining on behalf of my 84-year-old mother. She lives alone. When the phone rang in the middle of the night she thought it was a family emergency/death. She tripped in her anxiety to reach the phone and fell and badly twisted her leg. She has been burgled twice in the past 18 months and as a result is nervous and a light sleeper. Receiving a call regarding security in the night was extremely sinister and she got no further sleep that night.”

Further examples of complaints received are available on the penalty notice.

The enforcement action against Direct Security Marketing comes as the ICO has fined Manchester company MyIML £80,000, bringing the total fines issued this week to £150,000.

Staff at MyIML telephoned people, many of whom were registered with the TPS, to try and sell solar panels and other green energy saving equipment.

The ICO began making enquiries into MyIML’s practices after receiving a large number of complaints about the firm in 2013.

The company told the ICO it purchased the data it used to make the calls from a third party. The ICO informed the company this was no excuse for making calls to TPS subscribers and ordered the company to improve its compliance with the law.

The ICO continued to receive complaints about MyIML from individuals registered with the TPS and a decision has now been made to fine the firm for breaking the rules on marketing calls.

Detailed guidance is available on the ICO’s website for companies carrying out marketing explaining their legal requirements under the Data Protection Act and the Privacy and Electronic Communications Regulations. The guidance covers the circumstances in which organisations are able to carry out marketing over the phone, by text, by email, by post or by fax.

Notes to Editors

  1. The Information Commissioner’s Office upholds information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
  1. The ICO has specific responsibilities set out in the Data Protection Act 1998, the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003.
  1. The ICO can take action to change the behaviour of organisations and individuals that collect, use and keep personal information. This includes criminal prosecution, non-criminal enforcement and audit. The ICO has the power to impose a monetary penalty on a data controller of up to £500,000.
  1. Anyone who processes personal information must comply with eight principles of the Data Protection Act, which make sure that personal information is:
  • fairly and lawfully processed;
  • processed for limited purposes;
  • adequate, relevant and not excessive;
  • accurate and up to date;
  • not kept for longer than is necessary;
  • processed in line with your rights;
  • secure; and
  • not transferred to other countries without adequate protection.
  1. The Privacy and Electronic Communications Regulations (PECR) sit alongside the Data Protection Act. They give people specific privacy rights in relation to electronic communications.

There are specific rules on:

  • marketing calls, emails, texts and faxes;
  • cookies (and similar technologies);
  • keeping communications services secure; and
  • customer privacy as regards traffic and location data, itemised billing, line identification, and directory listings.

We aim to help organisations comply with PECR and promote good practice by offering advice and guidance. We will take enforcement action against organisations that persistently ignore their obligations.

  1. Civil Monetary Penalties (CMPs) are subject to a right of appeal to the (First-tier Tribunal) General Regulatory Chamber against the imposition of the monetary penalty and/or the amount of the penalty specified in the monetary penalty notice.
  1. Any monetary penalty is paid into the Treasury’s Consolidated Fund and is not kept by the Information Commissioner’s Office (ICO).
  1. To report a concern to the ICO telephone our helpline 0303 123 1113 or go to ico.org.uk/concerns/