Send a bunch of SMSes
"Have you ever worked for Prodial Ltd?"
A Brighton-based robo-call spam operation has been hit by a record £350,000 fine by data privacy watchdogs. Since the firm has been closed down and entered liquidation, however, even the Information Commissioner admits the fine is unlikely to be paid. Prodial Ltd, a lead generation firm responsible for more than 46 million …
Limited liability is for the shareholders.
Directors can and should be held fully accountable for illegal actions.
It's perfectly possible to write rules so that when companies go titsup, the fines pass to the directors, but the ICO won't do it (it's also possible to make sure fines can't be counted against taxable income, but the ICO donesn't bother with that either)
Oh look. Brighton Huh?
125-127 Union Street
125-127 Union Street
Prodial Ltd was incorporated on 07 Nov 2014 and is located in Lancashire. The company's status is listed as "Liquidation" and it currently has one director. The company's first director was Mr Louis Kidd. Prodial Ltd does not have any subsidiaries.
That name's popped up before in these kinds of cases.
https://www.endole.co.uk/company/09300430/prodial-ltd has a bunch more information. The usual suspects show up again and again.
Greatest respect etc, but perhaps you're not aware that Bridgestones are (presumably the) liquidators?
Prodial Ltd were registered in Brighton till July 2015 and then there were several changes of address, ultimately ending up at Bridgestones in Oldham. Companies House has the info:
https://www.youtube.com/watch?v=LmLDf9XKMfk Harry J
When I first ran a Limited Liability company, I was told that "if I broke the law, then the liability would no longer be limited".
Is this no longer true?
Was it ever true?
Why the hell is it not true?
We, the people, give permission for people to incorporate limited liability companies on our terms it is up to us to set terms that are good for society. The people giveth, and the people can take away.
Disqualify them from any and all future director ships.
Get the HMRC special investigation unit on their case.
Take the property as something used for crime.
Impound any passports as they are clearly a flight risk.
Block all accounts until' matters have been cleared up'.
Get really and truly inventive and tie them up in tax and legal knots.
As long as fines aren't enforceable against individuals (read: directors, or ex-directors as the case may be), the only message being sent clearly is: If you run that kind of business, make sure to re-distribute your profits quickly elsewhere, so that you can fold, rinse and repeat quickly. That is exactly what's going to happen here, if it hasn't already. The ICO is mistaken if he really thinks that fines against limited companies as a whole (as opposed to individual officers of such an entity) will change a thing.
Edit: How did the debt collection against a nuisance call blocking (and making) company go, dear ICO?
"fines enforceable against individuals"
Wouldn't that be nice, though it rather defeats the point of limited liability companies. Which may be a good thing - even Gilbert and Sullivan knew they were a bad idea, back in 1893 (as depicted in Utopia Limited  - no, not Todd Rundgren's Utopia, the G+S one).
The sole director of Prodial Ltd during the period concerned would appear to be listed at Companies House:
and that person still appears to have one active directorship elsewhere:
A well known mapping website has the registered address as in a residential area and lists a chip shop trading from the *house* next door (I realise that kind of thing used to happen, this is a modern estate...)
"fines enforceable against individuals"...Wouldn't that be nice, though it rather defeats the point of limited liability
Utter rubbish. The point of limited liability is simply to put a limit on the investment risk exposure of investors, not to allow directors to shield themselves from fines for their own actions in breach of law.
There's a whole host of activities where directors can be personally held to account for their actions in a limited company, including Health & Safety breaches, competition law offences, controlling a company whilst being disqualified as a director, contempt of court by the company etc. As usual, the statute relating to data protection is decades out of date, and the enforcement is limited by the rules that Parliament rubber stamped without reading or understanding.
Every Thursday afternoon I get such a call. A Recorded message going on about PPI and how the banks owe me zillions. Press one number to talk to someone or press another number to be removed from their database. I just put the receiver on one side and let the message ramble on for its full duration of a minute or so until it disconnects then hang up the phone. No way I'm pressing any buttons. I figure that while their message is rambling on to my number they aren't pestering someone else.
I reported the caller's number to ICO; maybe the calls will eventually stop, but I have doubts, they've gone on for around four months now, every week like clockwork. You would have thought that after all this time that they would have figured out I'm never going to respond and removed me from their list, it must cost them something to keep making these futile calls to the same people over and over again.
"I reported the caller's number to ICO; maybe the calls will eventually stop, but I have doubts, they've gone on for around four months now, every week like clockwork"
The problem I have with these tossers (the companies not the ICO) is that they are spoofing CLI - you can see the number come in and it is always one digit short.
So Mr ICO.... make it mandatory that a commercial entity must be registered in order to spoof CLI. There are undoubtedly legitimate reasons to do so and it should be a simple enough process to register.
For any unregistered commercial entity, it should be illegal to spoof CLI - punishable with a custodial sentence for the appropriate directing corporate officer.
It probably won't stop the overseas callers but I suspect that if the politicians were to define and pass the law and the CPS prosecute a test case or three we would see many of these vanish from the UK.
"[...] it didn't look right and I got the impression it had a digit missing."
The purpose of the spoofed number is to bypass filters that block "withheld" or "international" callers.
What annoys me is that the doctors' surgery and the local council all register as "withheld". I don't understand why they aren't presenting some general number that can be recognised and rung back if necessary. British Gas do that correctly.
What annoys me is that the doctors' surgery and the local council all register as "withheld"
Anyone who does that to me gets a recorded message to callback without callerid block or dial a (expensive) 070 number instead.
I'd use a 090 and charge £15 a shot, but £1.50 per minute is enough and I get this number for £5/year vs £50 for the 090
the 070 is also given to businesses. If they want to circulate my number for marketing purposes then the callers can pay for the privilege.
NHS systems have the option to enable CLI, but even when you tell them the call will be blocked if they dont, they STILL usually try to call you with it disabled.
The Police system blocks CLI and supposedly, they cant turn it off.
Yeah, the judgement is a joke; never going to see a penny of it; in fact they will probably spend twice as much trying to enforce it.
UK law almost never goes after company directors, the governments (of all flavours), love their money too much.
It's perfectly possible for the telcos to filter spoofed Caller ID.
BT already do it on their ISDN lines (you can set any callerID you want on ISDN), restricting allowable CLI to the assigned numbers on the trunks.
Unsurprisingly when they did that, all the phone spammers they had, went away.
CLI is what's presented to the end user. There's another layer - ANI - used for billing purposes and if stuff is coming in that doesn't match then telcos are in a position to refuse to complete the call on fraud prevention grounds. (For that matter mobilecos are also able to refuse SMSes based on fake message centre data, but they won't)
I rather suspect that the plague of PPI scammers will only end when a few of the PPI scammers meet grisely ends. I'll happily crowdsource such an event too.
"There's another layer - ANI - used for billing purposes and if stuff is coming in that doesn't match then telcos are in a position to refuse to complete the call on fraud prevention grounds."
To spoof the ANI (Automatic Number Identification), you would have to do some serious hacking, I doubt that these guys knew how to do that.
Caller ID spoofing is trivial with modern VoIP systems.
"I rather suspect that the plague of PPI scammers will only end when a few of the PPI scammers meet grisely ends. I'll happily crowdsource such an event too."
* Make them toe the line - ten available. Pledge £20 and receive one of the PPI spammer's toes.
* Give them the finger - eight available. Pledge £20 and receive one of the PPI spammer's fingers.
* Thumbs up to this idea - two available. Pledge £30 and receive one of the PPI spammer's thumbs.
* The shoe's on the other foot - two available. Pledge £100 and receive one of the PPI spammer's feet (toes removed).
* This'll cost them an arm and a leg 1 - two available. Pledge £500 and receive one of the PPI spammer's arms.
* This'll cost them an arm and a leg 2 - two available. Pledge £500 and receive one of the PPI spammer's legs.
And so on.
While BT may be very careful to stop people spoofing caller ID while being directly attached to their network, many unscrupulous VoIP companies don't (especially the ones that aren't based in the UK and don't care about UK rules and regs).
Given the numbers of "0044203....." calls I've had I'd guess that some of these calls originate abroad, using a telco that is not in the UK, and something en-route is appending the international access code as the call didn't originate here.
It's said that BT used to block all international caller ID because they couldn't trust the origin. For once, BT might have been right about something!
"It probably won't stop the overseas callers but I suspect that if the politicians were to define and pass the law and the CPS prosecute a test case or three we would see many of these vanish from the UK."
Overseas callers usually trace back to UK companies.
The problem in the UK is that an overseas origin is used to play "not my problem mate".
German and USA enforcement agencies trace things through to the local origin and have been known to kick in doors without warning.
I say! That's a tad extreme, don't you think.
I dunno weren't these the people doing the nuisance calls in the early am betwen 1 and 6.
Speaking as an insomnaic who really likes sleep when he can get it.
I think hunted down eviscerated and left as a blood eagle on the company doorsteps would have been a suitable response and warning.
Here's an idea. Pass the fine onto the new company, but how can we prove who the new company is? Simple, just see who their telecoms supplier is and find out who the account was passed to and confirm that the new company paid off the old debt confirming that this is indeed the company who should pay the fine.
I used to work in telecoms a long time ago and that was what all companies doing the lets go bump, dodge debts and start up again as someone else did. Some did it multiple times and had multiple family members as directors. Some even had all the companies lined up ready to move to on companies house.
Unfortunately - unless you rewrite huge swathes of company law, you will have a problem.
One of the primary concepts encapsulated in limited liability exists to ring fence the debts of a company. If it didn't, then you could go straight after the directors and their personal assets.
There are many independents who use limited companies in order to ring-fence their business away from the family home - that's perfectly legitimate and I for one wouldn't change it.
It might be possible to cross that divide - everything is possible with enough time and effort. Something to the effect that criminal fines can be retrieved from directors in the event of a liquidation. But that is the start of a very slippery slope and will produce howls of protest.
The ICO might be more successful if they tried placing the appropriate directing corporate officer on the hook for a custodial sentence - it would hold regardless of liquidation and might slow some of the buggers down.
"Unfortunately - unless you rewrite huge swathes of company law, you will have a problem."
Leave company law alone but amend insolvency law to prevent a company being liquidated whilst criminal proceedings or fines are pending with the body issuing the fines joining HMRC in getting first dibs at the assets.
"One of the primary concepts encapsulated in limited liability exists to ring fence the debts of a company. If it didn't, then you could go straight after the directors and their personal assets."
Directors are not held harmless for illegal activities - and knowingly engaging in illegal activities is sufficient grounds for "piercing the company veil" to hold all officers personally liable.
The ICO _could_ get their money if they're willing to go to court and get a declaratory judgement, however they can't be arsed - all they care about is issuing press releases about "XYZ fine issued, woo woo"
"One of the primary concepts encapsulated in limited liability exists to ring fence the debts of a company. If it didn't, then you could go straight after the directors and their personal assets."
This isn't a company debt - it's a lawfully applied financial penalty for a breach of UK law.
Utterly different, and criminal directors are absolutely fair game for asset-stripping in these circumstances..
"Looks like it: Louis KIDD, Phillip John CARRINGTON."
Hmmm...Lois Kidd is an "IT consultant" for CRM TECH LTD. They don't appear to have a website and barely show on Google. Not much of a "tech" company.
I wonder how upset their current companies would be if a large number of unaffiliated El Reg stringers kept phoning repeatedly asking for them by name for further comments on this story?
. . . .but in the late 1990s, a bunch of us zapped a spammer back by stopping by the local news-stand, and flipping though the filthiest porn they had, harvesting several mail-back subscription cards (postage pre-paid via "Business Reply Mail" here in the US. . . )
We had already obtained the physical address of the spammer's home. And also his place of work.
By the time we were finished, over 900 subscription to the tawdriest possible smut were going to his home and office. Oh, and several carefully mis-addressed to his neighbors. . . .
Go to the Directors' houses with a jerry can of water. Pour it on them and hold a lighter to them. Tell them if they don't pay up it'll be petrol in the can next time.
We shouldn't show these people any respect, if the ICO had the above as a means of getting their money back the PPI calls would stop overnight.
"By the time we were finished, over 900 subscription to the tawdriest possible smut were going to his home and office. Oh, and several carefully mis-addressed to his neighbors. . ."
--Possibly effective, on the odd chance that the spammer has any sense of moral turpitude, which seems unlikely, at best.
“We want to send a clear message to other firms that this type of law-breaking will not pay.'
On the contrary, the message seems to be that you can make a million pounds and keep £650,000 of it.
The fine is less than 1p per call, which is even more pathetic than the other recent ones. As a start, I'd like to raise it to at least as much as the fines for littering, parking etc.
From ProDial's local paper
26 Nov 2015
"A COLD call company set up from a 27-year-old's mother’s house is being investigated over claims it was responsible for dialling more than a million numbers a day.
Louis Kidd, 27, launched Prodial Limited in November 2014 from his mother’s house in Catherine Vale, Woodingdean, before selling it on to business partner Phil Carrington for £40,000 in July.
During its last three months of trading it turned over £100,000 a month before the Information Commissioner’s Office (ICO) stepped in to investigate." (continues)
Hmmm - interesting?
In the voluntary sector guvernors/trustees of charities can be held personally responsible
In your local (UK) authority your councillors can be held personally responsible
But individuals registered as directors in a company limited by guarantee have limitations on personal responsibility
Pondering why directors of a company limited by shares should not be held responsible.
And in all that mix of fluxions there are thoughts about Whitehall mandarins being held personally responsible and bankers being held personally responsible?
Ans: don't know , haven't got a clue
Voluntary liquidation is a very dodgy area. To often it is used by dodgy directors to avoid debt. The general practice is to keep the cash flowing in and straight out of the company until a big debts becomes due and then enter voluntary liquidation, when there are few actual assets. I'm not just talking about blatantly. Bent companies with a couple of directors and no employees here, but directors who see their company as a way of earning huge amounts with no liabilities as such. The law on this sport of thing needs reviewing and the circumstances where companies can enter voluntary liquidation need to be severely restricted.
Even when it's 'not voluntary' some companies still extract the urine. Employees have been laid off, suppliers will not have been paid much, but lo! the company has been rapidly snapped up by someone else!
The new company then contacts you, and notes that as they have software product <n> which has a contract assigned to <old company>, can it be re-assigned to <new company> ? Certainly, we can re-sell you the product, as you are a new company. No - you may not have the massive discount you seem to consider appropriate, you are a new company and will be charged practically full price.
...naming and shaming.
You could - but as their "Business" doesn't involve face to face contact, and is never initiated by the recipient of the call, it wouldn't matter a fiddlers fart in a force five wind.
This will only ever be resolved with revised penalties. As this story has shown, it's possible to dodge the fines. Switch it up to include custodial sentences, possibly go after the cash using the "Proceeds from Criminal Activity" argument.
It's not going to stop until the ICO/powers that (should) be make these guys feel teh pain.
So folks, for those of you who aren't aware, the law looks like its going to change in Euroland this Spring with the final votes on the General Data Protection Register for all EU citizens. Since the Google Spain case, the law in the back end of all this is getting an over-hall and becoming a Regulation (read as no need to vote into Parliament) that has a 20 million Euro knuckle sandwich at the end of it... or if its a global entity then its up to 4% of their annual turnover.
Whilst it may be a pain in the testicles at this moment to see companies like this escaping the law by dissolving the company down, in about 2 years time you, yes you, will get the chance to be able to write to such companies and ask them the sweet sweet question of "What data do you hold on me?" and "As there is no contract between myself and your company for my personal data, please delete all data from all locations of said personal data; including, as the company has acted as a data controller, all 3rd parties entities that the data has been sold to, ensuring that all the locations of the data are firstly recorded (and evidence to show it) and then deleted in a non recoverable fashion."
A couple of those coming in per day should throw a spanner in the works of companies like this, the ICO will be forced to dole out the fines and then take appropriate auditing steps to ensure that the company has done what it has been asked to otherwise there should be another 20 million Euro fine (I'd assume that a cold calling companies are about to have a bad case of "non-profit-isus" leading to "windup-itus".
So, I hear you ask, whats so special about this... They close down, they start up again and the calls begin again... Absolutely this will happen, its in the nature of stupidity to do such things, but as the new "company" doesn't have any contractual relationship with you and therefore doesn't have the right to hold your personal data, the ICO will have to keep getting involved until it comes to the conclusion its going to be cheaper to enforce on the directors the maximum penalties so that all the other cold calling companies get the message (either that or a couple of goons to offer the director his very own high speed brick-testicle-brick sandwich with no mayo).
Personally I'm looking forward to every single spam email that I get from the companies I've unregistered the marketing from and keep getting spammed. I hope the ICO has thought ahead as when this kicks off there should be about 64.1 million people in the UK writing letters/emails/logging requests with every single company out there that they'll have to track and respond to.
And for those with a political slant thinking we'll (UK) "Brexit" and not care - its based on the right of an EU citizen to their data, and applies no matter where that data is held in the world, so no matter where the company is registered from they must comply with the request (since a lot of the international penalty mechanisms already exist due to financial regulations) .
So howdy doodie world, delete my data*!
(*Rinse and repeat every Friday between lunchtime beers and clock out time - just for shits and giggles!)
No need for any of that - just press 5 and the company stops calling your number. (I did. They haven't. I was joking.)
I wonder if the banks are sponsoring the "annoy people about PPI claims" phone spammers / scammers. It must encourage support for a "put an end to PPI claims" cutoff date, and maybe also the bank gets a lot of its PPI compensation penalty returned to it via the dodgy PPI agents - lovely! Yes, I would do that! If I had my soul removed beforehand.
"...but as the new "company" doesn't have any contractual relationship with you and therefore doesn't have the right to hold your personal data, the ICO will have to keep getting involved "
Except it won't. I've just been through 3 years of fighting with them to get a FOI out of Surrey Police on a speed survey performed on my street. All that's been achieved so far is an apology and a fraction of the data requested (not enough to go to the DfT and certainly nowhere near as much as was on the report I managed to cast eyes over before it was put back into a briefcase), so now I have to start over for the rest of it. About the most useful piece of information given was that in a 9 day period they detected 5500 cars exceeding 40mph and 500 exceeding 50mph (3 schools, 2 estates, paralleled by a bypass road, yet this residential road got 95k cars along it)
All companies to include recruitment agencies that collect loads of personal data and on most occasions mishandle it should not be allowed to send no-reply e-mails to people. They should not be allowed to advertise jobs with no direct e-mail accounts and contact phone nos. On most occasions you are not short-listed for the job but you end up receiving loads of garbage adverts from training courses to franchising 'opportunities'. ICO is a waste of space - they take ages to deal with individual queries (3 months plus). This is disgusting when people's careers depend on the likes of Experian and other very responsible data controllers...