Thursday, 17 March 2016

Call apparently from VERSO GROUP (UK) LIMITED - junk calls

Getting pissed off with junk calls today.

Two so far.

One was apparently from IDENTITY PROTECT LIMITED. Listen here.

The second, and much more amusing, was apparently from VERSO GROUP (UK) LIMITED. Listen here (posted with permission granted in the call recording itself). It seems that they were actually trying to sell me broadband. Wow!

I am not sure they were not the same person calling even, but that may be my being a tad racist... Listen and try and work it out yourself.

Update: Corrected first company name which was mistyped/linked.
Update: Clarified that second recording published with permission given within the call itself.

Update: For more details on why only "apparently" from Verso Group (UK) Ltd, see later blog post.

19 comments:

  1. Verso Group - "...the largest telephone lead generation channel in the UK...". So he probably wasn't trying to sell you something - just updating the information they had on you so that they could sell your details to somebody else who will try to sell you something. Wonder how they got your name, number and address in the first place.

    ReplyDelete
  2. You should install Lenny and divert the junk callers to him, and then post the recordings here.

    ReplyDelete
  3. If you are implying that you struggle to distinguish between different speakers because they are not native English speakers then that is not 'racist'.

    Racism is the belief that people are inferior because they are from a different race and should be treated differently because of this.

    I *know* that you are not racist, you are the most fundamentally evenhanded person I have met!

    Maybe you are criminalist, and scumist which is why you dislike spammers :-)

    ReplyDelete
    Replies
    1. I could barely understand half of his words. I would have told him his accent is appalling and to call me back when they have someone available who can speak coherent English.

      Delete
  4. Did you notice at 1:43 he says "Verso trusted partners ay contact you in the future by phone and email". There! You have opted in.

    ReplyDelete
    Replies
    1. I heard he said something but did not quite catch it at the time and I think I spoke over him. Even if I had heard and agreed clearly to that I would not have given those "trusted partners" my consent but would have given verso, so such sales calls would have been invalid under PECR as far as I know.

      Delete
    2. Yes, if your number is on the TPS register. If it is, then a caller requires consent, and this consent must have been "previously notified" by the subscriber to the caller. Not the caller's friends.

      In the context of other parts of PER, the ICO considers that "indirect consent" might be valid in some specific situations, but it comments that a general approach (e.g. "from selected third parties", which sounds pretty much the same as "trusted partners") is unlikely to be compliant. Although the guidance is not focussed on this particular rule, the same logic would seem to apply, given that the regulation requires a similar approach of the subscriber notifying the caller.

      Delete
  5. It would appear the first one wasn't IDENTITY PROTECT LIMITED, having listened to the call & checked that info obviously came from a whois search on the domain - and a quick google search throws up 123-Reg Domain Registration Privacy... etc

    ReplyDelete
    Replies
    1. Now I am confused, what domain did you think he said?

      Delete
    2. You sound like say Identity project at the end of the first call. But your post refers to Identity protect.

      Delete
    3. Yes I misread the whois during the call.

      Delete
    4. I agree... the first one wasn't IDENTITY PROTECT LIMITED... what I didn't realise was that Nominet allowed .uk domain registrants to use domain privacy services! I thought it was a case you had to register in the correct name with the correct address and if you were an individual you could opt out of full address publication.

      That said go on... complain about them to the ICO... it would be slightly ironic if they were hounded by an investigation or fined or went to went to the wall with all their customers suspect domains! Make them jointly and severally liable like "online market places" i.e. Amazon and Ebay will be for avoided VAT from their sellers.

      Delete
  6. I sent Verso Group a Section 10 DPA notice about 4 weeks ago, as they had been buying and selling on my data for a company to send spam for gambling. While in possession of my data they had also updated my first name in the data set from James to Jill, and then sold the data on to a company who then sent out the spam. When sending the data on to the SMS delivery company, they 'warranted' that I had agreed on a telephone survey to have my data sold on for these purposes.

    In fact they had just purchased a data set from another company, who had in turn purchased it. This chain of purchasing led down through 9 companies back to a dissolved company - all relying on a totally fictitious consent which I never gave.

    Verso failed to confirm they were implementing a process never to process any of my personal data ever again, which is what a Section 10 notice requires. They said they had deleted the data they did have, but that is only half the job. I don't want them ever processing my data again in any form. Just because their business model relies on blindly getting hold of and using personal data is no excuse - they cant use mine any more.

    I gave them 7 further days, which expire on Monday 21st March.

    I shall be commencing proceedings against them unless they reply :-)

    ReplyDelete
    Replies
    1. @James Wild

      "I sent [spammer] a Section 10 DPA notice about 4 weeks ago" (and the rest)

      Are there template letters for the kind of thing you have been issuing?

      They sound like a handy kind of thing to have readily available, somewhere.

      Thanks in advance.

      Delete
    2. I don't think that there's a s10 there currently, but if James is willing, one could be loaded very easily to ukaslr.co.uk :)

      Delete
    3. Without wanting to try and defend spammers here, but isn't there a bit of a circular argument / catch 22, in that to avoid processing your data ever again they'll have to keep a record of your details in e.g. a blacklist or whatever to ensure they reject them if they get them in - but you've asked them to remove all data they hold about you - wouldn't that include something saying never to contact you?

      Delete
    4. Actually I adapted one I found. This is a nice concise one

      http://www.consumerwiki.co.uk/index.php/Data_Protection_Act_-_S10_Notice

      You should word according to your situation.

      The thing about an S10 notice is you can only send one when you have suffered damage or distress. In my example I believe lying to a third party about where my data came from, and mishandling it, and trading in it while not being in possession of my consent is significant distress.

      I also have a dislike for gambling, so I find the messages objectionable. That is a personal point, not a social commentary :-)

      It will be very hard for any company in the data broking trading arena to implement an S10 notice as they should by rights examine every piece of data they receive to validate it is not *my data*. I have no sympathy though, that difficulty is due to their choice of business model and trying to exist right on the very boundaries of the law.

      Delete
    5. I am happy for a company to put together a suppression process, and use that, maybe by holding a hash of the data and then hashing any incoming data to do a comparison to stop them using the same data again.

      That would suffice in the normal case.

      The point about an S10 is that they should also put in effort to make sure that they genuinely know who any new data they are using relates to, and that it is not me.

      After all if they cant do that, how can they be confident they are also in possession of consent, as they wont know who it is they are processing.

      I don't mind people holding data to suppress, I do mind when they use or sell data without my consent. That being the most basic principle of the DPA after all.



      Delete
    6. I have had numerous issues with supression files, actually causing spam directed at me on several occasions.

      I'm battling one company currently, served a S10 on them which they refused as they didn't believe they were causing damage, or distress.

      So Served a S11 notice on them instead, which is a bit easier to read and has less get-outs. Well, no get-outs. They're using the data for the purposes of digital marketing, so must cease doing so!

      Delete