“Hello, is that Mr Snell? I’m calling with regard to the accident you recently had.”
We’ve all received these cold calls, be it accidents or mis-sold PPI, and we’re probably all pretty tired of them.
One of the intentions behind the GDPR was to give regulators sharper teeth to tackle firms breaking the law with regard to personal data. Take the example of Keurboom Communications. Fined the maximum of £400,000 by the Information Commissioner’s Office in May for making 100 million nuisance calls to people who had not agreed to be contacted, the firm went into liquidation. Had the offences taken place under the GDPR regime, the fine could have been up to 20 million or 4% of annual, global turnover.
A less frequently mentioned, but equally important, provision of the GDPR is – in addition to the regulatory fines – individuals will be allowed to claim “full and effective” compensation for any damage they might have suffered as a result of their data being abused.
The European Commission has proposed an EU-wide publicity campaign from January 2018 to inform citizens of their rights (although, whether that makes it as far as Brexit Britain remains to be seen), and half of UK adults say they’ll take advantage of the new rights on offer under the legislation.
With the deadline for PPI claims expiring in August 2019, might claims under GDPR prove to be a lucrative replacement for unscrupulous firms who’ve shown little interest in complying with measures designed to prevent unsolicited contact?
It would certainly be ironic if the GDPR was to usher in a wave of cold calls and emails looking to take advantage of the very regulation designed, in part, to prevent them.
“Hello, is that Mr Snell? I’m calling with regards to the email you received that you didn’t consent to…”