Strangers to the law

21 Jun 2006

In some situations zeal and ruthlessness can be applauded. But tell that to a busy person who is besieged by automated phone messages selling them a new credit card or mortgage.

Or a text message telling that person they had just won a weekend break that they can reclaim if they ring a certain premium number. Not to mention the fact that spam, or unsolicited email, now outnumbers the amount of legitimate email we receive.

Intrusive marketing using technology is a day-to-day reality in the 21st century. That is not to say it is right and individuals like Ireland’s Data Protection Commissioner (DPC) Billy Hawkes are keen to remind Irish citizens that they have a right to opt out of receiving unsolicited communications. His policy appears to be taking effect.

In 2005 the number of new complaints received by the DPC decreased to 300, down from 385 in 2004. The biggest factor in this decrease was the significant reduction in the number of complaints dealt with under the Privacy in Electronic Communications Regulations: 66 in 2005 compared to 131 in 2004. The number of complaints concluded during 2005 was 389 and at the end of the year 90 were still on hand.

Just over one third of all complaints (35pc) concerned the exercise of the right of access to data under Section 4 of the Data Protection Acts. Some 33pc of complaints related to direct marketing, including telemarketing.

Hawkes, in unveiling his annual report in recent months, said one of the key threats to privacy comes from the business community. “In their eagerness to sell their products and services to customers, commercial organisations can sometimes overstep the boundary between legitimate marketing activity and unjustified intrusion into the individual’s ‘private space’,” said Hawkes.

The telecoms sector was the worst offender, he added, citing some “appalling examples of aggressive, privacy-invasive sales tactics” used against vulnerable people. He added, however, that the majority of companies respect the right to privacy and said he was hopeful that problems with the telemarketing ‘opt-out’ facility would be resolved soon.

While the DPC has had some success, cases are still emerging. Last week Carphone Warehouse’s fixed telecoms subsidiary Talk Talk was ordered by the Commission for Communications Regulation and the DPC to make a public apology over complaints by consumers who received cold calls despite recording their preference not to receive unsolicited marketing calls.

Last September, premium-rate phone line game company 4’s A Fortune was prosecuted for making unsolicited calls to mobile phones of five people but hung up before calls were answered, leaving a ‘missed call’ notification on the phone.

When the recipients rang back the number they were directed to a premium rate phone line inviting them to take part in a quiz game. The owner of the company, Tom Higgins of Irish Psychics Live and Weathercall, pleaded guilty to the offence.

“The whole basis of the Privacy in Electronic Communications Regulations is that people shouldn’t receive these messages unless they consented,” explains Don McAleese, head of the information technology law group at Matheson Ormsby Prentice Solicitors. “You shouldn’t receive information or be contacted unless you have consented to your personal details being used for such purposes.”

In the case of organisations that direct market by telephone call, faxes, email and text, they cannot send an electronic communication to an individual if that person has not notified the organisation that it consents to receiving that type of direct marketing.

This is generally referred to as ‘opt-in’ and is distinguished from ‘opt-out’ where, for example, an application form might include a statement to the effect that the organisation would like to send the individual direct marketing, and that if the individual does not wish to receive direct marketing he or she should tick the box. If the individual does not tick the box, but nevertheless completes the rest of the application this can be construed as a consent — the individual has not opted out.

McAleese said that in the case of Talk Talk there is a National Directory Database that is operated by Eircom, where individuals and organisations can register the fact that they do not want to receive direct marketing calls. It is incumbent on any company then that undertakes direct marketing by phone to check the numbers they are calling are not registered on this database.

It is an offence under the Privacy in Electronic Communications Regulations for a person to make an unsolicited direct marketing call to a person who has either notified the company that they do not wish to receive such calls or who has registered their line in the National Directory Database.

McAleese indicated that there could be ramifications if a company was up for sale. “If a firm hasn’t created a database that is compliant with the law it has the potential to crop up in due diligence and could impact the sale price going forward. If the books are opened up and lawyers come in, part of the enquiry will be whether the company is in compliance with the regulations.

“The value of the Company could in part depend on the ability of a purchaser to take over a company and use that database,” McAleese concluded.

He warned that businesses should make themselves aware of the regulations and that being prosecuted could cost firms more than just going to court.

“Ignorance of the law is never a defence. All it takes is people to be sufficiently aggravated to complain. From a business perspective this is very poor publicity and from a marketing point of view counter-productive.”

By John Kennedy