A visit to see my parents and to meet local Councillors and their contacts for World Book Day inspired me to write about nuisance calls, which is something that afflicts all of us yet many individuals do not know how to take action.
My parents were continually receiving calls from TalkTalk and they were at their wits end because they didn’t know what to do to put a stop to it.
As it happens, I do, hence sharing this with you.
The data that these firms are using to harass you belongs to you and is being misused under the General Data Protection Regulation Act 2018. You will have probably heard of the GDPR Act, although most people don’t fully understand the implications and impact it has on everyone’s lives.
GENERAL DATA PROTECTION REGULATION (‘GDPR’) 2018
By way of a brief background, the Data Protection Act 1998 (2002 in the Isle of Man) was recently updated and replaced with a harmonised version in May 2018, although the principles remain the same with a new accountability requirement.
The reason for this is because of technological and digital advances that were not relevant or covered in the old legislation, and to harmonise and empower EU citizens with more powers over the use of their personal data. This legislation will remain in place after the UK has left the EU, so it’s here to stay.
The most significant addition is the accountability principle. The GDPR requires organisations to evidence how they have complied with the principles – for example by documenting the decisions taken about a processing activity.
The penalties for non-compliance can range up to €20m or 4% of annual global turnover, whichever is higher, and the Information Commissioner’s Office (‘ICO‘) take a variety of factors in to account including the gravity of the offence, damage to the individual, if the infringement has been disclosed to the ICO and other aspects.
It is worth knowing that it is mandatory for any organisation to report any infringements of the GDPR Act 2018 to the ICO, and non-compliance and not reporting the infringement will be taken more seriously with the penalties incurred to reflect that.
In this scenario, the data held by the organisation (it maybe TalkTalk) is clearly misusing the data held for harassment and this is evidenced by 3 phone calls being made from similar telephone numbers within 30 minutes.
The ICO are duty bound to identify, investigate and take action against these organisations, although they cannot liaise with you directly. The ICO do issue hefty fines and these are widely circulated and can be found in the public domain, so I personally would encourage anyone to do this.
The online form gives you various options and I chose the most serious option for harassment and I wrote on my parents’ behalf;
“I am elderly and this automated call made me feel stressful and anxious. I am being plagued by these calls that are being made without my consent”.
You are asked, “Please choose the statement which most closely describes the way you felt when you first received the call”. The options are: not a problem, annoyed, distressed.
I chose the most serious option ‘distressed’ as this was the third call that was made within 30 minutes.
TalkTalk put a block on unknown telephone numbers with a filter so they could manage and approve incoming calls.
I wrote about GDPR and misdirected post, and people need to be aware that the data that firms casually use belongs to the individual.
Abusive, malicious or threatening calls are a criminal offence and you are urged to report these to the Police.