back to article Merry Christmas, you filthy directors: ICO granted powers to fine bosses for spam calls

Company bosses will be personally liable for nuisance calls made by their firms from 17 December, and could be forced to pay up to £500,000. The UK's data protection watchdog has been pushing for director liability for years as it often struggles to claw back the cash for fines it hands out under direct marketing laws. The …

  1. Anonymous Coward
    1. JetSetJim
      Thumb Up

      Couldn't happen to nicer people, and looking forward to seeing the examples.

      Hope there's no loopholes - e.g. transfer of assets to spouse

      1. Anonymous Coward
        Anonymous Coward

        It's alright, she's probably the company secretary anyway, so she's on the hook for the fine as well.

      2. LucreLout

        Hope there's no loopholes - e.g. transfer of assets to spouse

        That is a loophole they could use, but not without risk. If spouse tranfers them to tennis coach and elopes, you're screwed. There's other loopholes too, such as using offshore people as directors where they're beyond the reach of our legal system.

        Fining the directors is a good idea, but I don't think it'll achieve a drop off in calls.

  2. Outski

    Not a bad return

    Given the low level of fines they were able to impose up until April, and the habit of these companies of folding once clobbered, recovering >50% of fines imposed is actually pretty good going.

    But being able to hammer the sewer rats behind them is definitely a step forward.

    1. bombastic bob Silver badge

      Re: Not a bad return

      they'd still have a burden of proof [most likely] that "the boss" either ordered his employees to disobey the law, or made a policy of it (etc.) so they can't feign ignorance. Hopefully it works well enough to make nuisance-calling disappear. Here in the USA we need something *VERY* *SIMILAR*.

      Downside: many of those responsible for violating the USA's "do not call" list use subterfuge and overseas lines to hide who they are until they "make that sale". Robo-dialers are illegal (except for politicians, don't get me started on THAT one) and yet I still get obvious robo-dialed calls when I'm on the do not call list [they talk over the answering machine message].

      It's bad enough (especially during election seasons) that I have turned off the ringer, and just let the answering machine answer. If it's important, I'll return the call (or pick up during the message).

      But that BREAKS the idea of having a telephone, doesn't it?

      It's as bad as... as... as having an OPERATING SYSTEM SHOVE ADS IN YOUR FACE. /me self-slaps for bringing THAT one up...

      1. John Brown (no body) Silver badge

        Re: Not a bad return

        "they'd still have a burden of proof [most likely] that "the boss" either ordered his employees to disobey the law, or made a policy of it (etc.) so they can't feign ignorance."

        There's likely to be a number of disgruntled employees now out of work, probably with no pay off, possibly even still owed their last salary.

  3. alain williams Silver badge


    It would have been better if the ICO also was given the powers to fill some cupboards with porridge for these directors to eat for a few months.

    1. Doctor Syntax Silver badge

      Re: Brilliant

      "It would have been better if the ICO also was given the powers to fill some cupboards with porridge for these directors to eat for a few months."

      That happens if the fines don't get paid.

      If the actual owners stuff someone's aunt into the directorship to try to avoid fines on themselves that's also a porridge earner.

  4. A K Stiles


    Now all we have to do is be able to identify the calling organisation. On the odd occasion that I answer a spam call and ask for which organisation they are calling from, that's usually the point they hang up.

    I do look forward to the first rounds of directors getting caught with it though!

    1. Mark 85

      Re: Identity

      Can the ICO prosecute those not living in Blighty? Seems that the perps would just use layers of shell companies between themselves and those actually doing the calling. Or, the board moves offshore if they can. But as you point out, tracking them down is a problem already.

    2. Sapient Fridge

      Re: Identity

      What you do feign interest for long enough to get them hooked, then ask for a web site address to "verify that they are a real company". Or even give them a throwaway E-mail address and wait for them to send more information and/or contracts to it. Once you have that you can prove which company it is.

      Sometimes they sell the details to another company (who doesn't care that the original call was illegal). Send the the second company a SAR (Subject Access Request) asking where they purchased your personal contact information from. That works pretty reliably, and the ICO will back you up if they try to ignore you.

  5. DJV Silver badge


    See title!

  6. sanmigueelbeer

    will grant the ICO the powers to fine directors and senior officers of a company up to £500,000.

    And that's where the "start of the crack" is. "UP TO" is not as terrifying as "a minimum of".

    Any hack of an accountant and lawyer can just declare bankrupt, go to an eastern European country and restart the business.

    between 2010 and April 2018, the ICO recouped just £9.7m of the £17.8m fines it handed down for PECR violations.

    It only proves to show that the method of handing out "fines" is not really working. In 8 years, the ICO only got £9.7m. How about a little more "teeth" than bad breath? Seize the asset of the directors & senior officers, freeze the assets of each of their spouses and children, and jail time.

    1. Lee D Silver badge

      But fining a tiny one-man firm £500k for accidentally phoning what they thought was an old customer but getting you instead... and someone being stroppy and reporting that... is hardly fair.

      I never understood why there's ANY upper limit on a fine, anyway. Google could pay that every day and just suck up the fines and continue doing illegal things.

      Fines should be "per offence" with a modifier for the seriousness of the offence. No maximum just because they phoned 10,000,000 people - it actually then makes it cheaper to bulk-infringe than to just do it casually, which isn't the message you want.

      1. Nick Kew

        You seem to be seeing a grey area there.

        I'd fix it by a per-call levy initiated by recipients of nuisance calls. Say, a button you could press that would initiated an automated penalty payment of £1 for the call, administered by the telcos. With basic safeguards against malicious or accidental activation, like a threshold number of calls before penalties start.

        Proceeds to go to charity (less a small admin charge determined by ofcom), in the manner of the Lottery.

        1. Doctor Syntax Silver badge

          Proceeds to go to charity recipient of call* (less a small substantial admin charge determined by ofcom)


          One of the advantages of this scheme is that the caller's telecoms provider will be left holding the charges if the caller absconds. Their credit control will, in practice, crack down on the whole business.

          * If they expect people to take their calls they should be prepared to pay them for their time. Just credit it to the recipient's telephone account.

        2. Mark 85

          The telcos will resist one big time. Not just because of the expense for the button but loss of revenue if they lose the charges for the spammer's phone usage. Profit is king. Nail that one down for the telcos and I'd bet they would willingly block spam calls.

          1. phuzz Silver badge
            Thumb Up

            "Nail that one down for the telcos and I'd bet they would willingly block spam calls."

            ^^^^ This right here. If it wasn't profitable for your phone company to pass spam calls on to you, then you wouldn't get any spam calls.

          2. This post has been deleted by its author

      2. This post has been deleted by its author

  7. Jonathon Green

    A step in the right direction. I still feel that it would be A Good Thing(tm) if the ICO could also go after the companies whose products and services were being promoted...

    1. Anonymous Coward
      Anonymous Coward

      Why can't they also fine the company that they are representing, if appropriate?

    2. Doctor Syntax Silver badge

      "if the ICO could also go after the companies whose products and services were being promoted."

      Maybe they can. A fine can be levied on the officer of a company if the offence "took place with the consent or connivance of the officer". Without delving back into the original regulations it seems reasonable that the calls must have been made with the connivance of the client company and its officer(s).

  8. I can't believe its not butter


    Wake me up when they collect the cold hard cash from them.

    Sounds good in principle, but I suspect that collection rates will be very low.

    1. Anonymous Coward

      Re: Meh

      Sounds good in principle, but I suspect that collection rates will be very low.

      Doubtless most spam calls are about to be subcontracted to companies operating from sunnier climates.

      Especially those small "business friendly" islands where director names are kept secret. And directors can always be other similarly obfuscated companies. Or just made up names.

      Good luck collecting those fines.

    2. Lee D Silver badge

      Re: Meh

      It's a lot harder to avoid a personal debt than it is to avoid a company debt on a defunct company.

      In the latter case, people just shrug and say "Company doesn't exist any more". Being a legal entity in itself, if it doesn't exist, it's the same as someone dying. You can get something from their estate/assets but otherwise that's game over.

      A personal debt, though, affects everything they do, means you can seize their home, cars, etc. you can apply to have it automatically taken out of any salary or benefits, and they only thing they can do is declare personal bankruptcy if they want to avoid it.

      Personal bankruptcy, by definition, stops you being a company director again. Company bankruptcy doesn't (necessarily). Personal bankruptcy means anything you could conceivably be classed as owning (including any holdings / profits in other companies you set up, your own assets, etc.) are sold to pay for it. And attempting to sell off or move assets to others to do that is an offence with a jail term behind it (companies can't go to jail, people can).

      It's not that it's perfect but... take the latest IndieGoGo saga with Retro Computers Limited. If the company doesn't deliver, but people get court judgements against the company... the company can just fold and directors run away and that's the end of it. If, however, those directors could be held personally liable... they can be personally chased for YEARS after the company folded, destroying their personal credit, ability to run any business (they have to pay themselves a salary or at minimum stock, no?), their ability to sustain or acquire any substantial asset, etc.

      I suspect that we'll see quite a dramatic fall in these kinds of companies... especially as, if one director authorised this, then flees when the fines start landing, not one sod in that company will want to step up and take over if they think they could be liable. As it stands, people are quite happy to be landed in that position, so long as renumeration is adequate, because they know it can never affect their personal situation and the company is tanking anyway.

      What you'll see is a load of companies with directors trying to resign and push responsibility elsewhere and, like the RCL cases, end up with a company where the only person left in charge is the person responsible and unable to shirk their responsibilities - you can't just resign if you're the only company director, you have to fold up the company... which means that - now - that fine becomes yours.

      1. Anonymous Coward
        Anonymous Coward

        Re: I suspect that we'll see quite a dramatic fall in these kinds of companies

        I suspect we'll see them come up immediately with a fail-safe workaround, which will take another fucking 25 years to close and hail a "huge success for the consumers", rinse, repeat.

  9. Tel

    I wonder if it will make any difference to the robocall woman who incessantly calls me with the "Hello, I'm [made up name] from [made up company] calling about the accident that wasn't your fault".

    Tip: if you've got time to waste, answer yes / plausibly to get round the IVR system they use to screen out swearing. Sometimes there are two layers of IVR. Then you can go to town on the fake accident details. I once managed to waste about half an hour of their time (and phone bill) until I ran out of implausible ways I could have been injured in an accident where I had been driving my non existent offspring's car from the back seat when it hit a bus that braked suddenly and consequently sustained damage to the rear of the car and 'my ribs'. When they asked for details of my ephemeral offspring, they only twigged when I told them offspring's middle name was unusual and needed spelling phonetically... i.e Foxtrot Uniform Charlie Kilo Oscar Foxtrot Foxtrot... Short pause... Click.. Brr... and the sound of me cackling.

    1. Anonymous Coward
      Anonymous Coward

      I usually wind them up by telling about an accident I suffered, which was most definitely not my fault - faulty equipment was certainly to blame. Then I tell them about how I was injured by a defective chainsaw/blowtorch/industrial shredder when dismembering the body of the last coldcaller that I hunted down and brutally killed. It's fun to freak them out a bit, and actually quite cathartic.

      1. My other car WAS an IAV Stryker

        @AC: Be sure to reference the film "Fargo" when you mention the woodchipper out back.

    2. John G Imrie

      Could I get charged with assult ...

      if I blow a whistle very loudly down the phone at them?

      1. KLane

        Re: Could I get charged with assult ...

        That means they would have to come forward and be identified. Maybe it wouldn't help you directly, but others called from the same number, and/or about the same scam, would then know.

      2. Voland's right hand Silver badge

        Re: Could I get charged with assult ...

        if I blow a whistle very loudly down the phone at them

        I have the technological version. My asterisk dial plan has an extension which plays a FN P90 firing on automatic at maximum volume. You transfer them to that and they generally never call again.

        1. sanmigueelbeer

          Re: Could I get charged with assult ...

          My asterisk dial plan has an extension which plays a FN P90 firing on automatic at maximum volume.

          My Asterisk got Lenny.

          I win.

          £500,000 - per call?

          Issued through a bank cheque from BCCI.

      3. Doctor Syntax Silver badge

        Re: Could I get charged with assult ...

        "blow a whistle very loudly down the phone at them?"

        That was the advice that used to be handed out to victims of what were referred to as "heavy breathing" calls. Probably a bit of googling would bring up an old reference to that so your defence, if needed, would be that you were following official advice.

    3. My other car WAS an IAV Stryker
      Thumb Up

      Re: Phonetic spelling

      Thumbs up for correct NATO syntax.

  10. Ramis101

    death penalty for insurance company directors

    While were at it can we bring back the death penalty for insurance company directors (thanks DA)

    or updated for year=now PPI Claims Company Directors

    500 grand fine? these scum deserve to loose a bollok per offence minimum!

    1. John G Imrie

      Re: death penalty for insurance company directors

      I don't believe in the death penalty, I want them to live a very long and painful life.

      1. Mark 85

        Re: death penalty for insurance company directors

        I don't believe in the death penalty, I want them to live a very long and painful life.

        Time to bring back the staking them out on the anthill then. And make them pay for the honey to be spread as bait on their bodies.

        1. Alan Brown Silver badge

          Re: death penalty for insurance company directors

          Before the staking, they need a good going over with a lemonzester, then a sprinkling with rubbing alcohol.

  11. batfink

    Beers all round...

    ...when we see the first fine collected.

  12. Herring`

    As someone mentioned above, likely it will just drive them offshore. It would be nice to put some responsibility onto Telcos - who are making money out of this.

    And has nobody posted a link to the Bill Hicks Marketing bit yet?

  13. Inventor of the Marmite Laser Silver badge

    £500,000 - per call?

    No chance but wouldn't that be cool?

  14. eldakka

    Bankruptcy law?

    This is one thing I've never understood about Bankruptcy/liquidation law, that secured creditors and then unsecured creditors are paid first before anyone else.

    Surely one of the better ways to handle companies liquidating to avoid fines and/or legal judgments would be to elevate court-ordered payouts above that of creditors or anyone else?

    As well as the government and/or civil litigants getting their money first, it'd also make creditors perform more due-diligence into companies they are offering credit to, as their risk of not getting paid back due to dodgy corporations would be increased. Therefore many of these dodgy fly-by-night companies may be nipped in the bud before they even get off the ground in the first place.

    1. Alan Brown Silver badge

      Re: Bankruptcy law?

      In a lot of cases you can't declare bankruptcy to avoid court fines

  15. Steve Davies 3 Silver badge

    Then there are the scammers

    who call you up with an American accent 'This is a call from the Internet Service Provider....'

    Then there are the slimeballs who pretend that they are

    'The Official Call Blocking Service'

    Then there are the scumbags who call pretending to be from BT and say 'your line has been compromised...' even though your service is not provided by BT.

    Then there are the [redacted] who call with a strong Indian accent claiming to be called John (other lies are also available) and ...

    Etc ...


    etc ...

    When will OfCom and ICO prove that they are not just a bunch of nerdwanglers and grow some balls and stop these calls?

    You could make all phone providers include a call blocker for free. That would be a start

    Oh, and make the NHS stop blocking numbers on outbound calls. Use a central switchboard number and don't let them get away with 'for reasons of data security' as an excuse.

    Yes, I did get out of bed on the wrong side today and would like to Nuke both OfCom and ICO and start again with people and terms of reference that have some teeth

  16. Andy Livingstone

    Stable door firmly closed?

    Given that the number of nuisance calls currently being received is almost Zero, what's the point? Only two calls came in so far during October and November.

    One was from abroad, so not covered, the other from a fake number 012855924834 , so even better luck with that.

    Those were received on a phone line that used to be getting many nuisance calls daily and I don't expect other users to be seeing a different pattern of activity.

    What chance of a Parliament that acts sensibly or in time to deal with citizens' problems?

  17. clyde666

    Be careful what you wish for

    First off - I hate the cold callers as much as everyone else does, and wish the fires of hell upon them, but ...

    Justice is very different from revenge.

    Once you open a circumstance where directors of some bad practice businesses get hammered, you leave open a precedent. What about, if in 10 years time, some quango decided to go after the directors of corporations who show these annoying christmas jingle ads on TV ?

    Or why is this different to companies who cause serious harm ? Whether intentional or not ? Without making light of a horrendous disaster - where are the moves to take the assets of the directors or local councillors of organisations that were involved in the terrible Grenfell fire ?

    Rule by quango bureaucracy is no substitute for rule by law. If cold calling is bad, let there be a law against that - (is that actually against a law right now ?). Then let the forces of law & order follow the procedures honed over centuries to go after those responsible - and if there is a proven case against named individuals let them be hammered by the courts.

    Once you start moulding reactions to suit your own morals, it's the thin end of the wedge that cracks civilisation.

    1. Lee D Silver badge

      Re: Be careful what you wish for

      Much, much easier solution.

      If you're director of a company that does these things... you can't be director any more.

      If you're director of a company that declares bankruptcy... you can't be director of a company ever again.

      If you're found to be a director again... jail.

      The problem is not "company did something illegal"... it's that everyone involved avoids punishment for that and you can't send a "company" to jail.

      So you fine the company. They fold. Now what? You need some kind of long-term solution so that it doesn't happen again, that hurts the people who did it.

      And a permanent blacklist is really the only way. Sure, you can work round it with having someone else in charge but you have to a) find a mug to do that, b) not be found to be running the company, c) not run out of people to do that for you. And if they know they can be permanently blacklisted too, then they'll be more cautious.

      We also need business credit firms to start DENYING credit to companies run by directors with bad histories. They shouldn't be able to get credit accounts and not pay suppliers, simple as that.

      It's the 80's software house problem all over - form company, extract the urine, not pay anyone, disappear, fold company, sell assets, form new company, buy old assets, hire previous staff, rinse and repeat.

      If once the company folded you couldn't start a new company, at least without convincing someone else to take the same fall from you, then you could break the cycle.

      But, in absence of that, deliberately and knowingly breaking the law, whether as part of a company or in your personal life, should mean fines and jail terms for you too. Just because you were part of a company, shouldn't exclude you from legal liability when YOU deliberately and knowingly broke the law. In a huge multinational, sure, there may not be one person who pressed the "break the law" button. But in these firms, there's clear and obvious responsibility for who put that list into the call center and allowed it, and even on behalf of the operatives when they get told "I'm on the TPS, you shouldn't ever be phoning me".

      I don't see why being part of a company should insulate you from the law - data protection has personal liability, health and safety can have personal liability, so why shouldn't deliberate avoidance of compliance with telecommunications laws?

      In terms of FINANCIAL liability - yes, that should be limited. A billion dollar company going bust shouldn't mean every employee gets landed with a bill. But where they have broken the law, those individuals knowingly responsible should be prosecuted personally too - you can't prosecute or jail a company, only fine it.

      I'd give them the choice. You can pay the outstanding company's fines from your own pocket even though it went bust. Or we can prosecute you personally as if you were the entity responsible, because you were the person in legal charge of the entity responsible.

      Then, maybe, such illegal actions wouldn't carry from chairperson to chairperson unnoticed. Taking over a company means you have to purge all illegal actions, or at least be seen to be doing that as well as can reasonably be expected. Not just carry on and take the fine.

      P.S. this would trickle down to things like delivery firms that "just pay" parking fines they incur as part of their business. There's no point having a parking restriction that you can just ignore. Start taking their vehicles off the road and putting points on driver's licences for doing it.

      If you're only enforcement of an illegal act is a fine, and that fine can be avoided by folding with no penalty whatsoever, and the person who folded the company can just start another literally the next day and carry on, then the system is flawed. It would be like never putting a single person in jail or arresting them, just fining them, and then watch as criminals murder people and pay a fine, or just declare bankruptcy, and then go out and murder again, knowing it'll just be another fine.

      If it's illegal... stop it. Don't give them a financial slap that literally doesn't affect one employee in any way, shape or form and can just be accepted as a natural consequence of business.

  18. Richard Cranium

    TPS created 1999 (home users only, I immediately registered)

    Given statutory force 2003 (& Business registrations now allowed, I signed up ASAP)

    2013 described as "not fit for purpose"

    Until ?2013 ICO's response to complaints was (I paraphrase) "If a large number of complaints is received relating to one organisation we send a 'please stop doing this' letter, if complaints continue we send stronger warnings" but had never used to power to impose fines.

    And am I right in thinking political parties are exempt?

    2018 Still almost useless (I get at least one scam call a day) finally, fines on directors BUT what about silent calls? What about robocalls? What about calls from overseas? What about getting Telcos to cooperate by operating blacklists & blocking fake caller IDs.

    When will the UK government realise that whenever they launch a scheme like "Grants for loft insulation" the first result will be every "home improvement" business will be on the phone to us (Govt. considers that as a positive: free publicity for the scheme). And so will the "home improvement" scam callers.

    19 years on Govt. is intentionally dragging its feet in response to marketing industry lobbying.

    My business line is always on straight to voicemail

    My home line is on 2 rings then answerphone (so I do get a brief opportunity to see CLI and most legit callers start speaking so I can then pick-up when I recognise the caller)

    A problem: the NHS makes calls to confirm I'll be attending an appointment, number withheld, line drops if its answerphone. Is this Govt. policy to stop us using answerphone?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like