The Information Commissioner’s Office (ICO) has issued a penalty notice under section 55A of the Data Protection Act 1998 to Swansea based CPS Advisory, fining the company £130,000 for making over 100,000 unauthorised pension cold calls.
The ICO’s investigation revealed that between 11 January and 30 April 2019, the company made 106,987 calls to people without lawful authority.
In 2019, the law changed to place restrictions on companies cold calling people about pensions, with the aim being to protect people from falling victim to cold calling scams. The changes to regulation 21B of the Privacy and Electronic Communications Regulations (PECR) mean that companies can only make live direct marketing calls to people in relation to occupational or personal pensions if:
- the caller is FCA authorised or is a trustee/ manager of a pension scheme; and
- the recipient either (a) consents to the calls, or (b) has an existing relationship with the caller, would reasonably expect to receive those calls, and has been given an opportunity to object to those calls (and has not done so).
Breaches of this requirement can result in fines of up to £500,000.
The ICO found that CPS Advisory had not satisfied either requirement and decided the company was in serious contravention of regulation 21B of PECR. The ICO concluded that the calls denoted “a significant intrusion into the privacy of the recipients of such calls”.