Firm fined £80k for breaching data protection law
A firm which described itself as ‘the UK’s premier lead generation provider’ has been fined £80,000 following an investigation into its data trading practices.
The Information Commissioner’s Office (ICO) says Verso Group (UK) failed to comply with data protection law because it was not clear with people about what it was doing with their personal information.
This is the first fine to be issued following a wider investigation by the ICO into the data broking industry.
“We have concerns about the impact of invisible data processing on UK citizens and are currently looking at the data broking industry including how businesses trade and use personal data behind the scenes,” James Dipple-Johnstone, ICO deputy commissioner – operations, said.
Verso had supplied personal data for direct marketing to Prodial Ltd, which received a record fine for making 46 million nuisance calls, and to EMC Advisory Services Ltd, which was also fined by the ICO for making unsolicited calls.
The Hertfordshire-based business generated leads by contacting people in the UK from two overseas call centres. Personal data was gathered from what telephone operators described as surveys, but were in fact lead generation calls.
Other practices included buying in data from various firms to be packaged up to sell on to companies for use in direct marketing without the correct consent required.
“This type of unlawful data trading directly fuels the nuisance call and spam text industry and creates misery for millions of UK citizens,” Dipple-Johnstone said:
“Businesses need to understand they don’t own personal data - people do and those people have the right to know what is happening to it and who is likely to be contacting them for marketing."
The ICO says people contacted by Verso should have been given specific information about the companies who would potentially be marketing services to them. More importantly, the company should have had people's consent to use their information in this way.