The Information Commissioner’s Office (ICO) has searched a business premises near Glasgow, as part of an investigation into a company suspected of making over 200 million illegal nuisance calls.

Some of the calls potentially put people’s safety at risk as they were made to Network Rail’s Banavie Control Centre, and clogged up the line for drivers and pedestrians at unmanned level crossings, who were calling to check it was safe to cross the rails.

Today’s search warrant in Clydebank was prompted by complaints from the public about automated nuisance calls promoting boiler and window replacement schemes. The calls, which contain recorded messages, often aligned themselves to non-existent Scottish or UK Government initiatives.

Ken Macdonald, Head of ICO Scotland, said:

“These calls have caused millions of people disruption, annoyance and distress, but not only this, those made to a control centre charged with public safety may have endangered lives. 

“Companies behind nuisance calls should know that people are sick of them, and when people complain to us, we will act.”

The 200 million plus calls the firm is suspected of making is one of the highest volumes the ICO has ever executed a search warrant in relation to. The highest amount of calls ever to result in an ICO fine is 146 million.

Computer equipment and documents were seized for analysis during the search, and will now be used to inform the ICO’s investigation. The ICO has powers to issue fines of up to £500,000 for breaches of the Privacy and Electronic Communications Regulations 2003, which cover the way organisations make automated direct marketing telephone calls.

You should only receive automated marketing calls if you have previously agreed an organisation can make these calls to you.

The ICO will not be naming the business whilst the investigation is ongoing.

Anyone who wants to report a nuisance call or text can do so on the ICO website.

Notes to Editors

  1. The Information Commissioner’s Office upholds information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
  2. The ICO has specific responsibilities set out in the Data Protection Act 1998, the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003.
  3. The ICO can take action to change the behaviour of organisations and individuals that collect, use and keep personal information. This includes criminal prosecution, non-criminal enforcement and audit. The ICO has the power to impose a monetary penalty on a data controller of up to £500,000.
  4. The Privacy and Electronic Communications Regulations (PECR) sit alongside the Data Protection Act. They give people specific privacy rights in relation to electronic communications. There are specific rules on:
    • marketing calls, emails, texts and faxes;
    • cookies (and similar technologies);
    • keeping communications services secure; and
    • customer privacy as regards traffic and location data, itemised billing, line identification, and directory listings.

      We aim to help organisations comply with PECR and promote good practice by offering advice and guidance. We will take enforcement action against organisations that persistently ignore their obligations.
  5. Civil Monetary Penalties (CMPs) are subject to a right of appeal to the (First-tier Tribunal) General Regulatory Chamber against the imposition of the monetary penalty and/or the amount of the penalty specified in the monetary penalty notice.
  6. Any monetary penalty is paid into the Treasury’s Consolidated Fund and is not kept by the Information Commissioner’s Office (ICO).
  7. To report a concern to the ICO telephone our helpline 0303 123 1113 or go to ico.org.uk/concerns/