Regulation Hub Update - April 2018 | DMA

Filter By

Show All
X

Connect to

X

Regulation Hub Update - April 2018

Tad4b1bf2ca0a-blog-image-for-reg-updates_5ad4b1bf2c973-263.png

Written by Steve Sullivan, deputy chair of the Contact Centre Council and founder of Channel Doctors.

PCI DSS

After 12 months of wondering what’s happened to the proposed new guidance from the PCI DSS Council (ruling that ‘pause & resume’ won’t take a contact centre out of scope), I finally decided to show some initiative and emailed the PCI’s press office to enquire. I’ll let you know what they say…

​Operation Linden

The minutes of the January Linden meeting are now on the ICO’s website here. The next meeting is on 5th June, 10.30 to 12.30. Dave and I will probably go along. Let me know if you’d like to attend, too.

The Fundraising Regulator (FR)

Gerald Oppenheim has been appointed as the FR’s new Chief Executive and the FR has launched the FPS (Fundraising Preference Service) in Northern Ireland. Scotland appears to be going its own way when it comes to fundraising (self) regulation.

Nothing else of note, I think.

Director Fines

Yet again, still no sign of the government asking Parliament to approve taking action on individuals, not just companies – although in the last year the ICO has got 7 directors disqualified for a total of 56 years.

Direct Marketing Commission

No news from the DM Commission this month – and possibly won’t be until next year’s annual report for 2018. www.dmcommission.com/?attachment_id=3507

Ofcom

We now have the initial results of the Council’s survey into how outbound contact centres have responded to Ofcom’s revised Persistent Misuse rules www.ofcom.org.uk/__data/assets/pdf_file/0024/96135/Persistent-Misuse-Policy-Statement.pdf

As discussed, we’ll agree how best to present and share them (blog, infographic, etc)

Ofcom’s revised ‘General Conditions of Entitlement’ – which go live in October – reinforce Ofcom’s determination to target number ranges which are being allocated to and mis-used by rogue ‘nuisance call’ generators:

www.ofcom.org.uk/__data/assets/pdf_file/0017/112283/Statement-Review-of-the-General-Conditions-of-Entitlement.pdf

Ofcom has also released it’s 2018/19 Annual Plan

www.ofcom.org.uk/__data/assets/pdf_file/0017/112427/Final-Annual-Plan-2018-19.pdf

Its commitments regarding nuisance calls are reassuring but, in fact, word-for-word identical to those in Ofcom’s previous Annual Plans…. Still, it’s enforcement that counts!

Telephone Preference Service (TPS)

As we know, the TPS data cleanse is well underway. The figures below courtesy of Dave show the landline drop-off is up to 10%, but still no mobile numbers being removed. Mike Lordan’s explained that the initial ‘clean up’ is likely to take some months.

GDPR and ICO

Data Protection Bill

The Bill is still in Committee in the House of Commons.

GDPR Guidance

The ICO issued its guidance on the use of Legitimate Interest and just yesterday the ever-helpful Data Protection Network issued their guidance v2.0

www.dpnetwork.org.uk/dpn-legitimate-interests-guidance/

ICO Conference

I had a ticket to attend the ICO’s annual Data Protection Practitioners' Conference 2018 in Manchester this Monday, but couldn’t attend due to a family funeral. However, the ICO have a link to a recording of the day: www.ico.org.uk/global/data-protection-practitioners-conference-2018/live-stream/

DMA and the GDPR Taskforce

After the guides on

The DMA next two sections coming soon on:

  • Consent & Legitimate Interest
  • Profiling

But perhaps the second is due to the ICO’s own delays with their guidance.

Our Agent Training Guide has been received back from the DMA Legal team with (copious!) comments and we’re working through our amends so will be released shortly.

The next DMA GDPR Taskforce meeting is on 17th April.

ICO Enforcement

The previous month was quiet, but this last month has been quieter still, with just a couple of direct marketing-related Enforcement Actions amidst the disorganised police forces and overly-curious school admin workers. No doubt the ICO has got caught up with raiding Cambridge Analytica and preparing for the GDPR implementation from 25th May.

However, WhatsApp (now owned by Facebook) has signed an Undertaking to only share users’ data in a GDPR-compliant manner. This is after being challenged about their rather underhand changes to their privacy policy, allowing data sharing with Facebook group companies

Royal Mail – fined £12,000 for sending over 300,000 emails in 2017 to customers who had opted out of marketing communications. Royal Mail argued that the email – informing customers of a parcels rate price-drop – was a service message, not a marketing communication. And they sent a ‘softer’ less promotionally toned version to customers who had opted out. The relatively low level of the fine might show that the ICO had some sympathy with Royal Mail, but essentially they rejected its argument and said that emails were marketing to those who had opted out. Sound familiar?

NB The ICO investigated Royal Mail after receiving one complaint, so perhaps another example of the ICO ‘pursuing the big brands’ for understandable reasons.

Finally, while the ICO Down South was busy raiding Cambridge Analytica, the Scottish division was donning its fetching ICO blouson jackets to raid an alleged source of millions of automated / robo calls promoting boiler cover and window replacements

Hear more from the DMA

Please login to comment.

Comments