Nuisance call firms face fines of up to £17.5m and internet users will be able to limit the appearance of pop-up cookie consent boxes under a government overhaul of the UK’s data rules.
The financial punishment for cold callers will increase from the current maximum of £500,000 and will be brought in line with General Data Protection Regulation (GDPR), which allows regulators to issue a fine of up to £17.5m or 4% of a company’s global turnover.
The new fine regime is part of the data reform bill, which was announced in the Queen’s speech and is expected to become law next year. Fines are imposed by the Information Commissioner’s Office, which imposed the £500,000 penalty for the first time last year against a Glasgow-based business that made more than 193m automated calls in one year.
The Telephone Preference Service allows people to block persistent callers, but it only blocks calls from people, and not computer-generated calls.
Why do I get so many nuisance calls? We ask an expertRead more
The bill will also target pop-up consent boxes for cookies. Cookies are text files dropped into a user’s browser by a website, which can then record their activity. Under the new proposals, an opt-out model will be introduced, with the aim of of reducing the need for users to click through consent banners on every website they visit.
The Department for Culture, Media and Sport said web users will be able to set their cookie preferences so that they can opt out via automated means.
The bill will also loosen some data protection requirements for small businesses under GDPR, including the need for a data protection officer and undertaking assessments of where data might be at risk. The DCMS said the reforms will create more than £1bn in business savings over 10 years. Both the nuisance call and cookie rules are being updated under the UK’s existing Privacy and Electronic Communications Regulations.
The culture secretary, Nadine Dorries, said the new bill would help “grow the economy and improve society” while retaining the UK’s “global gold standard for data protection”. The bill also proposes reforming the ICO by giving it a chair, chief executive and board, alongside a new set of objectives.
The UK information commissioner, John Edwards, said: “The proposed changes will ensure my office can continue to operate as a trusted, fair and impartial regulator, and enable us to be more flexible and target our action in response to the greatest harms.”