The Information Commissioner’s Office has assessed a £250,000 monetary penalty against Reliance Advisory Limited, a Manchester-based claims management company, for failure to comply with the provisions of Regulation 21A of the Privacy and Electronic Communications Regulations 2003, which prohibits unsolicited direct marketing calls without the recipient’s consent.
The ICO began its investigation following the receipt of 85 consumer complaints about Reliance Advisory in the first half of 2019. The ICO found that during that period, Reliance Advisory or a related entity made 1,197,390 connecting calls for the purpose of claims management services, and that consent as defined in the GDPR* had not been obtained from the call recipients.
In determining the penalty amount, the ICO took into consideration Reliance Advisory’s use of aggressive and rude practices, the commercial nature of the calls (to generate leads for claims management), the widespread availability of information about the legal restrictions on unsolicited claims management calls, and the ICO’s own conclusion that the contraventions, although not deliberate, had been negligent. The maximum penalty allowed by the Data Protection Regulations 2010 is £500,000.
*Consent under Article 4(11) of the General Data Protection Regulation 2016/679 consists of “any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.”