Personal director liability under PECR introduced

On 17th December 2o18 a new PECR amendment regulation (Privacy and Electronic Communications (Amendment) Regulations 2018) came into force. The updated regulation extends the powers of the Information Commissioner’s Office (ICO) to enable them to fine “officers” of data controllers for breaches of the Regulation relating to electronic marketing including unsolicited marketing, automated calling, etc.

The Privacy and Electronic Communications Regulations 2003 (PECR) govern electronic marketing and the use of cookies and the amendment now means that directors of businesses could find themselves personally fined for breaches where it is clear that the breach occurred due to the actions or non-action of the director or officer. Currently fines under PECR can be up to £500,000 so company officers now face up to £500k fines themselves.

Leave a comment