Sorry, this post did not retain the original spreadsheet layout of the stats. Request for Information Further to our acknowledgement of 3 April 2012 we are now in a position to provide you with a response to your request for information dated 2 April 2012. As you know we have dealt with your request in accordance with your 'right to know' under section 1(1) of the Freedom of Information Act 2000 (FOIA), which entitles you to be provided with a copy of any information 'held' by a public authority, unless an appropriate exemption applies. Request In your e-mail you referred to your interest in statistics relating to breaches of TPS and CTPS and the subsequent decisions relating to those breaches. As you had been unable to find any information on our website you asked us to provide you with "… specific data relating only to breaches of TPS and CTPS …". Information Held As you may know The Information Commissioner's Office (ICO) regulates the Privacy and Electronic Communications Regulations 2003 (PECR). PECR are concerned with the way organisations send marketing material by fax, text, email and telephone. Marketing can include the promotion of goods, services, aims or ideals. Regulation 21 of PECR says that unsolicited live direct marketing telephone calls cannot be made to a telephone number if: the organisation has specifically been asked not to make marketing calls to that number (Regulation 21(1)(a)) or That number has been registered with the Telephone Preference Service (TPS) or the Corporate Telephone Preference Service (CTPS) for 28 days or more (Regulation 21(1)(b)) Regulation 24 says that the caller must identify themselves when making live marketing calls and, if asked, must provide a valid business address or freephone number. In most cases our approach to complaints is to educate organisations to help them understand what PECR requires. We will also advise them to take any steps necessary to comply with PECR in future. The ICO and the TPS both handle complaints about breaches of PECR. We have a two stage system for handling complaints. Initial complaints are handled by TPS. However, if an identifiable organisation continues to call despite TPS asking them to stop, the complaints are referred to us and a case is created at the ICO. It is important to note that the complaints which are referred to us by the TPS do not necessarily indicate that a breach of PECR has occurred, simply that a complaint has been logged with them. By way of figures, we can confirm that in the financial year 2009/2010 the TPS referred 278 complaints to the ICO, a further 146 in 2010/2011 and 57 complaints from 1 April 2011 to the end of January 2012. Whilst these numbers appear to have been falling over recent years, this is possibly due to individuals choosing to bring their concerns direct to the ICO, rather than complaining to TPS first. As we've suggested above, complaints are also made directly to the ICO by individuals. Every complaint we receive helps us to gather the evidence we require. We are not always able to immediately identify the callers, or resolve the matter for an individual. However, we work with other regulators, such as OFCOM, TPS and the DMA to try and trace the organisations concerned so that we can pursue the appropriate action. We use an electronic case management system to record all complaints and enquiries submitted to the ICO about the legislation we regulate, including PECR. This system enables us to carry out a search of the number of complaints which have been recorded about a breach of PECR involving the use of live phone calls (ie Regulation 21(1) of PECR), whether these complaints relates to TPS or CTPS calls. However, the system does not allow us to conduct a more detailed search as to whether those complaints have come from the individual directly or were referred to the ICO by the TPS. The figures for the last three financial years showing those cases which have been completed with an outcome to suggest that a breach of Regulation 21(1) of PECR was likely are as follows: Financial year: Total: 2009/10 810 2010/11 637 2011/12 520 Our aim is to ensure that the organisation responsible for the calls complies with the law. Where we receive a number of complaints about an organisation, and it is clear they are not complying with the Regulations, we can take formal action to make them comply. Since PECR came into effect the ICO has reached formal undertakings with 8 organisations, and served 9 enforcement notices against organisations for breaches of PECR, all in connection with live telephone calls. The details are as follows: Organisation Marketing method Undertaking Signed TalkTalk Telecom Ltd Phone calls - live 18/12/2006 Carphone Warehouse Group plc Phone calls - live 18/12/2006 LCI Travel Phone calls - live 25/05/2007 Satellite Direct UK Ltd Phone calls - live & automated 01/06/2007 Satcover Ltd Phone calls - live & automated 01/06/2007 Space Kitchens and Bedrooms Ltd Phone calls - live 15/08/2007 Weatherseal Holdings Ltd Phone calls - live 30/08/2007 SBP Ltd t/a Europlas Phone calls - live 25/01/2008 Organisation Marketing method Enforcement Notice Served SAS Fire & Security Systems Ltd Phone calls - live 04/03/10 Direct Response Security Systems Ltd Phone calls - live 19/08/10 Weatherseal Holdings Ltd Phone calls - live 26/06/08 H Morris & Co Ltd t/s Homestyle Kitchens and Bathrooms Phone calls - live 11/07/07 Bowater Home Improvements Ltd Phone calls - live 06/12/06 Bowater Windows Ltd Phone calls - live 06/12/06 Staybrite Windows Ltd Phone calls - live 06/12/06 Zenith Windows Ltd Phone calls - live 06/12/06 IDT Direct Ltd t/a Toucan Phone calls - live & automated 06/12/06 Advice and Assistance You may also be aware that on 26 May 2011, the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 came into force. These amend the original Privacy and Electronic Communications (EC Directive) Regulations 2003. The Information Commissioner already has enforcement powers under the 2003 Regulations, whilst the 2011 Regulations enhance these powers and introduce new requirements, most notably in relation to cookies. Further information about these revised regulations, and the extent to which the ICO will be reviewing and amending our existing guidance to take these changes into account can be found on our website here: http://www.ico.gov.uk/for_organisations/privacy_and_electronic_communications/new_regulations.aspx You can also find details of the Commissioner's strategy for regulatory action, including enforcement of PECR, on our website at: www.ico.gov.uk/what_we_cover/promoting_data_privacy/taking_action.aspx.