Legal help for data breach compensation claims

“Unsolicited marketing calls have landed a legal firm a £30,000 fine” – Assist Law Ltd used private information solely to make unsolicited marketing calls

Start Your Claim Today!

Your privacy is extremely important to us. Read how we handle your data in our Privacy Policy

Assist Law Limited has been hit with a monetary penalty from the Information Commissioner’s Office (ICO) for making unsolicited marketing phone calls to people who were registered with the Telephone Preference Service (TPS).

The Weston Super Mare legal firm felt the force of the ICO who imposed the monetary penalty for making the phone calls for marketing purposes over a period of a year.

Assist Law were providing Will making and related services to members of the public using (opted-in) data that was purchased from a third party to which they believed they had the consent to make these unsolicited calls. However, they were wrong – and it’s against the law for companies and/or organisations to make marketing calls to people registered on the TPS without full consent.

As such, it’s crucial that companies and organisations do proper background checks to make sure that the people they’re calling aren’t on the TPS register. The data protection watchdog is becoming more and more stringent against companies who are purchasing opted-in data, as they’re doing so and using the data without full consideration of data protection and security.

Telephone Preference Service (TPS)

The TPS provides a free of charge service which allows U.K. customers to opt out of receiving telemarketing calls. In a space of a year, between April 2015 and April 2016, the TPS received 99 complaints (84 directly to the TPS and 15 to the ICO). On face value, the complaints may not seem like a lot, but it was enough for the ICO to launch an investigation.

The Data Protection Act and Privacy and Electronic Communications Regulations

Under section 55A of the Data Protection Act (DPA), the ICO fined the company £30,000 for the breach of Regulation 21 of the Privacy and Electronic Communications Regulations (PECR) 2003. Regulation 21 of the PECR states that a person shall not use a public electronic communications service for the purposes of making unsolicited calls for direct marketing purposes. The 2003 Regulation sits alongside the DPA, affording specific privacy rights for breaches in relation to electronic communications. The ICO undertakes to take enforcement action against companies and organisations who ignore these obligations, as Assist Law Ltd did.

The Commissioner must satisfy the following three prongs of section 55A of the DPA to impose a monetary penalty:

  • That there has been a serious contravention of the requirements of the PECR by the person (company);
  • The contravention was deliberate;
  • The person knew or ought to have known that there was a risk that the contravention would occur but failed to take reasonable steps to prevent contravention.

ICO’s warnings

The Commissioner first wrote to Assist Law Ltd in May 2015 following the complaints, warning them of monetary penalties of up to £500,000. It seems that the legal firm failed to take up the guidance of the ICO as they continued to receive complaints of unsolicited marketing calls. A second warning was issued to the firm, but this didn’t seem to have any effect on them.

The ICO had to take into consideration all the factual evidence making findings of fact on the balance of probabilities. They were satisfied to find such.

No excuse

Assist Law Ltd’s actions have brought disrepute to the already heavily scrutinised legal industry. As legal professionals, they had the obligation to maintain a standard of professional conduct when handling private data. The actions they’ve taken aren’t a representation of the rest of the legal industry, but it does highlight that misuse of private information by companies and organisations is on the upwards trend. By failing to address the guidance and notices served on them by the ICO, they’ve brought the £30,000 burden on themselves.

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a call back from our team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.

First published by Editor on January 10, 2017
Posted in the following categories: Latest and tagged with


“Millions of car dealership information spread on the web” – DealerBuilt’s “shoddy” system has reportedly caused a massive data breach
“Spam marketing has landed Nouveau Finance a £70,000 fine” – Companies who use personal data for spam purposes remain in the ICO’s firing line
%d bloggers like this: