News from RECC

The latest news from RECC

Solar panels company fined record amount for automated marketing call campaign

Posted: 2 October, 2015. Written by Mark

The Information Commissioner's Office (ICO) announced on 30 September that it has imposed a financial penalty of £200,000 in respect of a serious contravention of regulation 19 of the Privacy and Electronic Communications (EC Directive) Regulations2003 (PECR) by solar panels company, Home Energy & Lifestyle Management Ltd (HELMS).

Between 2 October and 12 December 2014, the Commissioner’s office received 242 complaints via the online reporting tool in relation to Green Deal Provider, HELMS. The gist of the complaints was that a number of automated marketing calls had been received by subscribers in relation to ‘free’ solar panels. The calls allowed recipients either an option to press 5 if interested, or an option to press 9 to be removed from the list.

The marketing calls were linked to an assessment which determined whether or not the subscriber was entitled to ‘free’ solar panels. The calls did not identify the sender and the option of being connected to a person or suppressing the number was not always effective. The ICO found that HELMS had failed to gain consumers’ prior consent to be contacted in this way, and that the solar panels on offer were in fact not free.

In its response to the ICO’s original letter of intent, HELMS explained to the Commissioner’s office that they were not aware that a different PECR regulation applied to automated marketing calls. HELMS admitted that they sent in excess of 6 million automated calls during the marketing campaign, although they stated that the calls were only connected to approximately 59,500 subscribers and at least 1,750,000 of the calls were made to invalid numbers.

To impose a financial penalty, the ICO must first show that the PECR contravention was serious, of a kind likely to cause substantial damage or substantial distress and deliberate or negligent. These conditions are set out in section 55A of the Data Protection Act 1998 (“DPA”).

You can find more details here.