{"id":1290,"date":"2022-07-08T12:28:21","date_gmt":"2022-07-08T12:28:21","guid":{"rendered":"https:\/\/test.thesmsworks.co.uk\/blog\/?p=1290"},"modified":"2023-09-26T09:00:18","modified_gmt":"2023-09-26T09:00:18","slug":"ico-fines-analysis","status":"publish","type":"post","link":"https:\/\/thesmsworks.co.uk\/blog\/ico-fines-analysis\/","title":{"rendered":"ICO Fines Analysis"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"1290\" class=\"elementor elementor-1290\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-138c2bb6 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"138c2bb6\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-5017f138\" data-id=\"5017f138\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-c9c3258 elementor-widget elementor-widget-text-editor\" data-id=\"c9c3258\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\n<h1 class=\"wp-block-heading\">The Complete Guide to ICO Fines<\/h1>\n\n<h2 class=\"wp-block-heading\">Fines top \u00a323.5 million as ICO cracks down on data breaches and spammers<\/h2>\n\n<p>Since 2010,\u00a0<a href=\"https:\/\/ico.org.uk\/\">The Information Commissioner\u2019s Office<\/a>\u00a0has handed out an eye-watering \u00a323.5 million in fines to organisations found to have been breaking the rules on spamming or failing to look after consumer data.<\/p>\n\n<p>Before we dive and look at the fines data, just a quick recap.<\/p>\n\n<h2 class=\"wp-block-heading\">What is the Information Commissioners Office or\u00a0ICO?<\/h2>\n\n<p>The ICO website has a rather tortuous summary of what they do on their homepage.<\/p>\n\n<figure class=\"wp-block-image size-full\"><img fetchpriority=\"high\" decoding=\"async\" width=\"955\" height=\"145\" class=\"wp-image-363\" src=\"http:\/\/test.thesmsworks.co.uk\/blog\/wp-content\/uploads\/2022\/06\/ICO20header.png\" alt=\"ICO header\" srcset=\"https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/ICO20header.png 955w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/ICO20header-300x46.png 300w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/ICO20header-768x117.png 768w\" sizes=\"(max-width: 955px) 100vw, 955px\" \/><\/figure>\n\n<p>What that actually means is that they are the UK authority that oversees how consumer data is handled. They have the power to hand out hefty fines to companies that break the rules on spam or data protection.<\/p>\n\n<p>The fines that the ICO have the power to hand out, fall into 4 main categories<\/p>\n\n<ul class=\"wp-block-list\">\n<li><strong>Data Breaches<\/strong><\/li>\n<li><strong>Nuisance Calls<\/strong><\/li>\n<li><strong>SMS spam<\/strong><\/li>\n<li><strong>Email spam<\/strong><\/li>\n<\/ul>\n\n<p>As the scope of their work has gathered pace, so the organisation has swelled in numbers. When the organisation first started in 1984, they had just 10 members of staff. The ICO now employs of 700 across\u00a04 UK offices.<\/p>\n\n<figure class=\"wp-block-image size-full is-resized\"><img decoding=\"async\" class=\"wp-image-359\" src=\"http:\/\/test.thesmsworks.co.uk\/blog\/wp-content\/uploads\/2022\/06\/Elizabeth20Denham.jpg\" alt=\"Elizabeth Denham\" width=\"259\" height=\"259\" srcset=\"https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/Elizabeth20Denham.jpg 330w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/Elizabeth20Denham-300x300.jpg 300w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/Elizabeth20Denham-150x150.jpg 150w\" sizes=\"(max-width: 259px) 100vw, 259px\" \/><\/figure>\n\n<p>They are\u00a0<a href=\"https:\/\/realbusiness.co.uk\/a-profile-of-information-commissioner-elizabeth-denham\/\">headed up by Elizabeth Denham<\/a>, the grandly titled Information Commissioner. A native Canadian with an impressive background in all things data protection,<\/p>\n\n<p>it\u2019s her job to implement GDPR and is ultimately responsible for sanctioning the fines.<br \/>\u00a0<br \/>She has repeatedly laid out \u00a0her intention to crack down hard on organisations that fail to look after customer data.\u00a0<\/p>\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><strong>\u201cWhen you are entrusted with personal data you must look after it. Those that don\u2019t will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights.\u201d<\/strong><\/p>\n<\/blockquote>\n\n<h2 class=\"wp-block-heading\">How much can the ICO fine companies for data breaches or spam?<\/h2>\n\n<p>Until GDPR became law in May 2018, the maximum fine that they could hand out was \u00a3500,000.<br \/>Under the new rules that has soared to 20 million Euros or 4% of global turnover.<\/p>\n\n<p>It hasn\u2019t taken too long for the ICO to wield its new found powers.<\/p>\n\n<p>In summer 2019, They announced their\u00a0<strong><a href=\"https:\/\/edubirdie.com\/blog\/ico-announces-intention-to-fine-british-airways\">intent to fine British Airways<\/a><\/strong>\u00a0\u00a3183 million pounds for allowing unauthorised access to around 500,000 of its customer records, including payment details.<\/p>\n\n<p>Just 2 days later, it was the turn of Marriott Hotels to\u00a0<a href=\"https:\/\/ico.org.uk\/about-the-ico\/news-and-events\/news-and-blogs\/2019\/07\/statement-intention-to-fine-marriott-international-inc-more-than-99-million-under-gdpr-for-data-breach\/\">receive a mauling and a monster\u00a0<\/a><a href=\"https:\/\/ico.org.uk\/about-the-ico\/news-and-events\/news-and-blogs\/2019\/07\/statement-intention-to-fine-marriott-international-inc-more-than-99-million-under-gdpr-for-data-breach\/\">fine<\/a>. Their penalty of \u00a399 million was for an equally inept leak of around 339 million customer records.<\/p>\n\n<h2 class=\"wp-block-heading\">The complete ICO fines analysis from 2010 \u2013 2019<\/h2>\n\n<p>The ICO helpfully publish\u00a0<a href=\"https:\/\/ico.org.uk\/action-weve-taken\/enforcement\/\">details of all the fines<\/a>\u00a0they hand out along with details of the organisation and the precise reasons for the fine.<\/p>\n\n<p>While the information that they release is pretty comprehensive, they don\u2019t really provide any analysis.\u00a0<\/p>\n\n<p>This research by\u00a0<a href=\"https:\/\/thesmsworks.co.uk\/\">The\u00a0SMS Works<\/a>\u00a0excludes the 2 massive fines that British Airways and Marriott received in summer 2019.<\/p>\n\n<p>The ICO has announced its intent to hand out the fines, but both are unsurprisingly being appealed, so don\u2019t yet appear on the ICO\u2019s website as actual fines.<\/p>\n\n<h2 class=\"wp-block-heading\">ICO fines rise by 450% over 5 years<\/h2>\n\n<p>Excluding the 2 monster fines of 2019, the ICO has issued 216 fines totalling \u00a323.5 million.<\/p>\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"523\" class=\"wp-image-367\" src=\"http:\/\/test.thesmsworks.co.uk\/blog\/wp-content\/uploads\/2022\/06\/Number20of20ICO20fines20by20Year_0-1024x523.png\" alt=\"Number of ICO fines by year chart\" srcset=\"https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/Number20of20ICO20fines20by20Year_0-1024x523.png 1024w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/Number20of20ICO20fines20by20Year_0-300x153.png 300w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/Number20of20ICO20fines20by20Year_0-768x393.png 768w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/Number20of20ICO20fines20by20Year_0.png 1029w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n<p>In the past 5 years, fines have risen\u00a0<strong>450%<\/strong>, from\u00a0<strong>\u00a31.15 million<\/strong>\u00a0in 2014 to\u00a0<strong>\u00a36.3 million<\/strong>\u00a0in 2018.<\/p>\n\n<p>This rise is likely to accelerate as post GDPR data breaches and spam offences come to light and fines are issued.<\/p>\n\n<p>Interestingly and perhaps surprisingly given the hype surrounding GDPR, 2019 has been a quiet year for fines. In the first 9 months, only 13 fines have been issued. During the same period in 2018, that figure was up to 29.<\/p>\n\n<p>The total number of fines has also been on the rise, as well as the total amount fined. In 2011, just 11 organisations received an ICO fine. By 2017 the number had surged to 52,\u00a0<strong>a rise of 372% over 4 years<\/strong>.\u00a0<\/p>\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"523\" class=\"wp-image-367\" src=\"http:\/\/test.thesmsworks.co.uk\/blog\/wp-content\/uploads\/2022\/06\/Number20of20ICO20fines20by20Year_0-1024x523.png\" alt=\"Number of ICO fines by year chart\" srcset=\"https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/Number20of20ICO20fines20by20Year_0-1024x523.png 1024w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/Number20of20ICO20fines20by20Year_0-300x153.png 300w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/Number20of20ICO20fines20by20Year_0-768x393.png 768w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/Number20of20ICO20fines20by20Year_0.png 1029w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n<h2 class=\"wp-block-heading\">Data breaches account for over 50% of all monetary penalties<\/h2>\n\n<p>Of the four main offence types, data breaches, email, SMS and nuisance calls, data breaches are by far the most fined offence. Since 2010,\u00a0<strong>110 fines have been handed out for data breaches<\/strong>, that\u2019s 50.9 % of the total.<\/p>\n\n<p>Nuisance calls, undoubtedly the most invasive of the 3 spam offences, make up 27% of all fines, with SMS spam representing a modest 16% of the total.<\/p>\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"558\" class=\"wp-image-360\" src=\"http:\/\/test.thesmsworks.co.uk\/blog\/wp-content\/uploads\/2022\/06\/Fined20issues20by20offence20type-1024x558.png\" alt=\"Fines issued by offence type\" srcset=\"https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/Fined20issues20by20offence20type-1024x558.png 1024w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/Fined20issues20by20offence20type-300x163.png 300w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/Fined20issues20by20offence20type-768x418.png 768w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/Fined20issues20by20offence20type.png 1136w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n<p>Email spam offences are the least fined, with just 13 fines being handed out over the same period or 6%<\/p>\n\n<h2 class=\"wp-block-heading\">Data breaches attract \u00a312.5 million in fines<\/h2>\n\n<p>The total amount fined for each type of offence reflects the numbers of fines figures.<br \/>Once again data breaches dominate with a \u00a312.6 million in fines or 54% of the total figure<\/p>\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"157\" class=\"wp-image-361\" src=\"http:\/\/test.thesmsworks.co.uk\/blog\/wp-content\/uploads\/2022\/06\/ICO20fine20comparison.jpg-1024x157.png\" alt=\"ICO fines comparison\" srcset=\"https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/ICO20fine20comparison.jpg-1024x157.png 1024w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/ICO20fine20comparison.jpg-300x46.png 300w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/ICO20fine20comparison.jpg-768x117.png 768w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/ICO20fine20comparison.jpg-1536x235.png 1536w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/ICO20fine20comparison.jpg-2048x313.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n<p>The fines for nuisance calls are more than double those of SMS and email combined.<\/p>\n\n<h2 class=\"wp-block-heading\">Company fined \u00a3400,000 for making nearly 100 million nuisance calls.<\/h2>\n\n<p>The largest fine for a nuisance call campaign was issued to Keurboom Communications Ltd in May 2017.The company was responsible for a staggering 99.5 million calls to UK consumers.<\/p>\n\n<p>In his typically forthright manner, Steve Eckersley, head of enforcement at the ICO said:<\/p>\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><strong>\u201cKeurboom showed scant regard for the rules, causing upset and distress to people unfortunate enough to be on the receiving end of one its 100 million calls.<br \/>These calls have now stopped \u2013 as has Keurboom \u2013 but our work has not. We\u2019ll continue to track down companies that blight people\u2019s lives with nuisance calls, texts and emails.\u201d<\/strong><\/p>\n<\/blockquote>\n\n<p><strong>Email spam slips under the\u00a0radar<\/strong><\/p>\n\n<p>Since 2010, just \u00a3635,000 were for email spam offences, a very modest 2.8% of the total. And only 13 fines in total.<\/p>\n\n<h2 class=\"wp-block-heading\">Public sector organisations responsible for over 27% of all fines<\/h2>\n\n<p>Contrary to what you might expect, public sector bodies receive far more fines than any other type of organisation.\u00a0<\/p>\n\n<p>60 fines have been handed out to the public sector, over 27% of all fines that\u2019s nearly double those in the financial services sector which is often cited as the worst culprit for ICO offences.<\/p>\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"967\" height=\"557\" class=\"wp-image-366\" src=\"http:\/\/test.thesmsworks.co.uk\/blog\/wp-content\/uploads\/2022\/06\/No20of20ICO20fines20by20industry20sector_0.png\" alt=\"Number of ICO fines by industry sector\" srcset=\"https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/No20of20ICO20fines20by20industry20sector_0.png 967w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/No20of20ICO20fines20by20industry20sector_0-300x173.png 300w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/No20of20ICO20fines20by20industry20sector_0-768x442.png 768w\" sizes=\"(max-width: 967px) 100vw, 967px\" \/><\/figure>\n\n<p>Those 60 fines have raised more than \u00a37.3 million fines and represent 31% of the total amount fined.<\/p>\n\n<p>Out of the\u00a060 public sector fines,12 of them were handed out to the NHS and 9 to the The Police. All public sector fines were for data breaches.<\/p>\n\n<h2 class=\"wp-block-heading\">54% of all data breach fines were handed out to Public Sector organisations<\/h2>\n\n<p>Focusing solely on the fines for data breaches, the public sector is responsible for\u00a054% of all fines.\u00a0The\u00a060 fines have raised more than \u00a37.3 million and represent 31% of the total amount fined for data breaches.<\/p>\n\n<p>Local council were responsible for half of all data breaches.<\/p>\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"919\" height=\"518\" class=\"wp-image-368\" src=\"http:\/\/test.thesmsworks.co.uk\/blog\/wp-content\/uploads\/2022\/06\/Public20sector20Data20Breaches_0.png\" alt=\"Public sector data breaches chart\" srcset=\"https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/Public20sector20Data20Breaches_0.png 919w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/Public20sector20Data20Breaches_0-300x169.png 300w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/Public20sector20Data20Breaches_0-768x433.png 768w\" sizes=\"(max-width: 919px) 100vw, 919px\" \/><\/figure>\n\n<p>It seems that public sector organisation\u00a0have trouble holding on to and adequately\u00a0looking after devices that contain sensitive or personal information. On 18 separate occasions,\u00a0departments have either lost laptops, USB drives or folders containing sensitive information.<\/p>\n\n<p>They have a habit of leaving offices buildings empty except for desks and a few cabinets still containing\u00a0personal data. On\u00a0one occasion a filing cabinet was sent to an office supplies auction still stuffed with files containing sensitive personal\u00a0data.<\/p>\n\n<p>None of the public sector data breach fines was\u00a0for a data leak following\u00a0a successful hack. All were down to human error of some sort.<\/p>\n\n<h2 class=\"wp-block-heading\">PPI and accident claims\u00a0calls continue to be a public menace<\/h2>\n\n<p>Most of us wonder how PPI and accident claims calls can ever have worked. There are massive call centre costs and the conversion rate must be infinitesimal.<\/p>\n\n<p>Think of the cost of trying to recruit for this sort of call centre, I can\u2019t imagine there would be many takers.<\/p>\n\n<p>But it must be working because companies persist in these type of cold calling campaigns, paying no regard for consumers\u2019 distress or anxiety at being pestered in this way.<\/p>\n\n<p>The ICO continues to bring these unscrupulous companies to account, having fined 4 claims companies in 2018 and 2 up to September 2019.<\/p>\n\n<h2 class=\"wp-block-heading\">\u00a3350,000 fine for nuisance caller<\/h2>\n\n<p>One of the largest fines for PPI was given to a company who made 75 million calls in just 4 months.<br \/>The ironically named, Miss-sold Products UK, were fined \u00a3350,000\u00a0for completely ignoring the rules on marketing calls.<\/p>\n\n<p>Commenting on the case Andy Curry, ICO Group Enforcement Manager said:<\/p>\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><strong>\u201cThis company blatantly ignored the laws on telephone marketing, making a huge volume of intrusive calls over a short period of time and without any apparent attempt to ensure they had the consent of the people they were harassing.<\/strong><\/p>\n<p><strong>The ICO will come down hard on rogue operators who want to treat the law and the UK public with contempt.\u201d<\/strong><\/p>\n<\/blockquote>\n\n<h2 class=\"wp-block-heading\">Home improvements companies under scrutiny<\/h2>\n\n<p>The home improvements sector is not one that you\u2019d readily associate with bad business practice. It has however been on the end of 28 separate fines totalling \u00a33 million.<\/p>\n\n<p>All the offences were related to illegal cold calling consumers at their home address.\u00a0<\/p>\n\n<p>The companies were mainly involved in the selling of solar power and home security equipment.<br \/>The largest fine issued to a home improvement company was \u00a3250,000, given to The Energy Saving Centre Ltd.<\/p>\n\n<p>They were caught phoning an astonishing 7 million people, many of whom who had already registered with The Telephone Preference Service.\u00a0<\/p>\n\n<p>Their intrusive campaign generated 1138 complaints.<\/p>\n\n<h2 class=\"wp-block-heading\">Lack of clarity in ICO fines process?<\/h2>\n\n<p>Examining the amount that some organisations are fined, raises the question of whether the fines process is fair and equal.<\/p>\n\n<p>Looking at fines for SMS spam, there is a massive variance in how much the ICO fined different companies for SMS spam offences.<br \/>There seems to be little correlation between how many texts were sent and the size of the fine handed out.\u00a0<\/p>\n\n<p>The number of complaints that a spam campaign generated could be used a measure of how much irritation or inconvenience the SMS caused.\u00a0<\/p>\n\n<p>But the number of complaints received doesn\u2019t correlate to the fine that the ICO thought appropriate.<\/p>\n\n<h2 class=\"wp-block-heading\">A harsh fine for EE<\/h2>\n\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-358\" src=\"http:\/\/test.thesmsworks.co.uk\/blog\/wp-content\/uploads\/2022\/06\/EE20Logo.jpg\" alt=\"EE Logo\" width=\"169\" height=\"169\" srcset=\"https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/EE20Logo.jpg 660w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/EE20Logo-300x300.jpg 300w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/EE20Logo-150x150.jpg 150w\" sizes=\"(max-width: 169px) 100vw, 169px\" \/><\/figure>\n\n<p>For example, the mobile phone operator EE was handed out a \u00a3100,000 fine for inadvertently breaking the rules on sending SMS.\u00a0<\/p>\n\n<p>They had sent a text to 2.5 million customers that combined a service message with direct marketing, when they hadn\u2019t obtained the correct opt-in for the marketing part of the message.<\/p>\n\n<p>In their ruling, the ICO explicitly stated that \u00a0<\/p>\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><strong>\u201cEE Limited did not deliberately set out to breach electronic marketing laws\u201d.\u00a0<\/strong><\/p>\n<\/blockquote>\n\n<p>The SMS campaign generated no complaints at all.<br \/>It was simply a genuine\u00a0<strong><a href=\"https:\/\/thesmsworks.co.uk\/bulk-SMS\">bulk SMS\u00a0campaign<\/a><\/strong>\u00a0to existing customers<\/p>\n\n<p>For each message sent, EE were fined 4 pence.<\/p>\n\n<h2 class=\"wp-block-heading\">Spammer gets away lightly<\/h2>\n\n<p>By contrast, a company called Tax Return Ltd, sent 14.8 million texts, blatantly blanket spamming huge swathes of the population.<\/p>\n\n<p>The campaign generated an astonishing 2146 complaints, giving a strong indication of the seriousness of the offence.<\/p>\n\n<p>They were fined just \u00a3200,000 for this massive scale spam campaign.<\/p>\n\n<p>For each text they sent, they were fined just 1.35 pence, a third as much as EE, despite the hugely more serious offence.<\/p>\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"157\" class=\"wp-image-361\" src=\"http:\/\/test.thesmsworks.co.uk\/blog\/wp-content\/uploads\/2022\/06\/ICO20fine20comparison.jpg-1024x157.png\" alt=\"ICO fines comparison\" srcset=\"https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/ICO20fine20comparison.jpg-1024x157.png 1024w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/ICO20fine20comparison.jpg-300x46.png 300w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/ICO20fine20comparison.jpg-768x117.png 768w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/ICO20fine20comparison.jpg-1536x235.png 1536w, https:\/\/thesmsworks.wpenginepowered.com\/wp-content\/uploads\/2022\/06\/ICO20fine20comparison.jpg-2048x313.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n<p>There\u2019s an evident lack of clarity as to how the ICO fines companies for spam and the inconsistencies appear quite dramatic.<\/p>\n\n<p>This inequity raises questions about whether the ICO, should reveal the basis on which they fine organisations and whether the whole process should be more transparent.<\/p>\n\n<p>It could be argued that the ICO is making an example of high profile companies while spammers that are causing genuine distress are getting off more leniently.<\/p>\n\n<h2 class=\"wp-block-heading\">Uncharted waters, post GDPR<\/h2>\n\n<p>After a relatively quiet period immediately after GDPR came into force, we are now starting to see the numbers of fines for offences committed post GDPR increasing.<\/p>\n\n<p>The first 2 monster hammer blows for British Airways and Marriott Hotels demonstrate that the ICO will be delivering on its promise to come down hard on companies that don\u2019t look after personal data correctly.<\/p>\n\n<p>Those 2 data breach fines alone are 12 times as much as the ICO has fined for all offences since 2010.<\/p>\n\n<p>It\u2019s a sobering thought.<\/p>\n\n<p>Fines of this size would wipe out most companies and it\u2019s hard to fathom how the ICO can be seen to be being fair if they don\u2019t deploy the same ruthless approach as they have with BA and Marriott.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>The Complete Guide to ICO Fines Fines top \u00a323.5 million as ICO cracks down on data breaches and spammers Since [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":274,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"disabled","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1290","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/thesmsworks.co.uk\/blog\/wp-json\/wp\/v2\/posts\/1290","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/thesmsworks.co.uk\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/thesmsworks.co.uk\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/thesmsworks.co.uk\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/thesmsworks.co.uk\/blog\/wp-json\/wp\/v2\/comments?post=1290"}],"version-history":[{"count":0,"href":"https:\/\/thesmsworks.co.uk\/blog\/wp-json\/wp\/v2\/posts\/1290\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/thesmsworks.co.uk\/blog\/wp-json\/wp\/v2\/media\/274"}],"wp:attachment":[{"href":"https:\/\/thesmsworks.co.uk\/blog\/wp-json\/wp\/v2\/media?parent=1290"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/thesmsworks.co.uk\/blog\/wp-json\/wp\/v2\/categories?post=1290"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/thesmsworks.co.uk\/blog\/wp-json\/wp\/v2\/tags?post=1290"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}