On March 2, 2020, the UK Information Commissioner’s Office imposed the maximum fine (under pre GDPR legislation) of £500,000 on CRDNN Limited, a Scottish company formerly known as Contact Reach Digital Limited, for making 193 million nuisance calls from spoofed numbers, including 1.6 million per day. The action was pursuant to the Privacy and Electronic Communications Regulations 2003 (PECR), which gives the ICO the power to impose a monetary penalty up to £500,000 on a data controller for transmitting recorded calls for direct marketing purposes using inaccessible calling IDs or to consumers who have notified the caller that they do not consent to receive the calls. The ICO found that CRDNN’s actions were in contravention of PECR regulations 19 (non-consensual automated direct marketing calls) and 24 (from spoofed numbers). An Enforcement Notice was issued on February 26, 2020, requiring the company to comply within 35 days.
March 13, 2020
Nuisance caller fined by UK ICO
Related by Topic
New Post
Cash App agrees to pay $375,000 to resolve allegations that it failed to adequately protect customer data
October 7, 2025
News Alert
Tractor Supply Company reaches historic $1.35 million settlement with privacy regulator in California
October 3, 2025
News Alert
Data Privacy Litigation Trends Against Insurers and Financial Services Companies
October 2, 2025
Insight