It's certainly not the Christmas present that many serial spammers wanted. But one which many of their victims will welcome.

On 17 December 2018, an amendment to the UK's existing e-privacy regulations (the Privacy and Electronic Communications Regulations, or "PECR" for short) will come into force, giving the UK Information Commissioner the power to issue monetary penalty notices to directors and other officers of businesses found to be in breach of the regulations.

PECR sets out the rules on text, email and other electronic forms of direct marketing (amongst other things). Probably the ICO's prime targets for enforcement have always been those unscrupulous companies bombarding people with unsolicited texts and emails about products and services they don't want or need.  

Until now, the people behind those businesses have largely been getting away with it. As soon as the ICO issues a penalty notice against the offending company, the directors close it down, only to pop up somewhere else with a new corporate identity and none of the enforcement "baggage" of the previous business.

With the new amendment, this depressing game of whack-a-mole should change. Subject to certain conditions, the ICO will be able to issue monetary penalty notices of up to £500,000 against directors and other officers who have consented to or connived in the unlawful activity or where the breach is attributable to their neglect.

All eyes will be on how the ICO tackles those individuals behind the headline-grabbing "pop-up shops" sending hundreds of thousands of texts or emails over a matter of months. However, this change will be relevant for all businesses engaged in direct marketing activities covered by PECR - as well as, of course, their directors, managers, company secretaries and other officers.