Popular Posts

Friday 26 November 2010

Cold Calling and The Data Protection Act 1998

"Altes Telefon" by Kornelia und Hartmut Häfele
A few days ago, I emailed some comments to Jancis Robinson about one of her articles on cold calling (unsolicited sales calls) which she added to her article.

You can read the full article here, including my comments and those of Lionel Nierop, a fellow Cambridge (UK) resident and MD of The Wine Trade.

I have no formal legal training or qualifications, but my day job as a company director in the UK requires me to know a little about these sorts of things - and also inevitably to deal with them; so I thought it might be worthwhile expanding on the advice I gave on Jancis' site.

The first thing to say is that cold calling is generally illegal in the UK - unless the caller has received your permission to call you.

The basis of this is two principles in the UK's Data Protection Act 1998 which state that the person being contacted must have consented to their personal data being collected and held for the specified purpose if the contacting organisation holds personal data in an organised, searchable form; this includes databases, spreadsheets or even hanging files.

These principles can be found here and state that personal data must be obtained and processed fairly and lawfully (that the subject of the data has consented to its collection and use) and must be held only for the specified purposes.

So, if someone is calling me to offer fine wine investment opportunities, and they have my details on a database, they need to demonstrate that I gave permission for this.

Hence, I find the quickest and easiest way to sniff out and stop a cold caller is to ask from where they have obtained my personal details and how have they obtained my permission to contact me.

Many cold callers seem ignorant of the law on this, so the next step can be point out that they are in breach of the Data Protection Act 1998 if they do not have my permission to call me.

At this point the conversation can go a number of ways - either an apology and agreement not to call again. Maybe even a small gift as compensation (thank you Alex Barr of GenLead - I'm saving it for Christmas) or a less satisfactory response which requires further steps.

The Data Protection Act 1998 requires you to raise the issue in the first instance with the person or company who made the breach. So I generally obtain:

- full company details (name and address)
- contact details of company senior management (MD,CEO, chairman or even better, all three)
- full name of the person who called

I do tend to find that many people either hang up or suddenly profess complete ignorance of their work address, boss's name etc at this stage.

I then usually contact the company with a letter along the following lines:

"Subject Access Request

Further to a conversation I have just had with one of your staff, [insert name here], please confirm:

- from where you have obtained my contact details
- how you have obtained my approval to make sales calls to me
- what data you hold about me

Moreover, please delete all personal data that you hold about me and confirm that you have put in place adequate measures to ensure that [I am / my company is] not cold called again.

A prompt and satisfactory answer from you will ensure that this matter need not be taken any further."

If this does not elicit an appropriate response, then the next step is to refer the matter to the Information Commissioner's Office - contact details are on the ICO's website - http://www.ico.gov.uk/.

Another preventative option is to register with the Telephone Preference Service, details here - http://www.mpsonline.org.uk/tps/

According to the TPS website "The Telephone Preference Service (TPS) is a free service. It is the official central opt out register on which you can record your preference not to receive unsolicited sales or marketing calls. It is a legal requirement that all organisations (including charities, voluntary organisations and political parties) do not make such calls to numbers registered on the TPS unless they have your consent to do so."

Footnote - December 3

A increasingly common cold-call scam of recent years (which I have experienced several times, the most recent being this morning) is someone phoning up claiming to have some connection with, or calling "on behalf of" the Police or Fire services. In reality, they prove to be asking for sponsorship in a "Police Diary" or "Fire Officer's Annual Report", but the mere mention of an emergency service often gets them past an unwitting receptionist. The person who called me today, as so often happens, was able to give me his full name, but not the full company name and suddenly could not remember his address when asked for it.


Data Protection Act - http://www.legislation.gov.uk/ukpga/1998/29/contents

Information Commissioner's Office - http://www.ico.gov.uk/

Telephone Preference Service - http://www.mpsonline.org.uk/tps/

Jancis Robinson - http://www.jancisrobinson.com/

Jancis' article on cold-calling - http://www.jancisrobinson.com/articles/a20101117.html


  1. That is a great tip especially to those new to the blogosphere. Simple but very precise info… Appreciate your sharing this one. A must read article!

  2. Thanks for sharing your thoughts about %meta_keyword%. Regards