Change to regulation concerning communication service providers

Jan 20th '23

The Information Commissioner’s Office (ICO) has written to communication service providers (CSPs) about their obligations under Regulation 5A of the Privacy and Electronic Communications Regulations 2003 (PECR).


Regulation 5A requires a CSP to notify the ICO within 24 hours of any personal data breach, no matter how small, that has occurred. If a report is not received in time, the ICO can issue a fixed penalty of £1,000 to a CSP.


The ICO has decided to stop enforcing personal data breach reports made under Regulation 5A. That’s because our analysis of these reports indicates that incidents usually relate to human error involving one individual and are quickly resolved, and the providers put remedial measures in place to ensure the error does not happen again.


This decision will not affect the duty of CSPs to report significant personal data breaches within 72 hours in line with UK GDPR.


As part of ICO25 – the ICO three-year strategic plan – they are aiming to reduce data protection compliance burdens and costs for businesses by providing regulatory clarity, support and guidance, as well as focussing resources where they can have the greatest impact.


The change to how they regulate 5A will reduce what the ICO believes is a disproportionate burden on CSPs to report low risk incidents. The ICO currently receives notification of around 10,000 incidents per year under the regulation. The ICO will still expect CSPs to report high risk incidents and we will review them in line with UK GDPR.


This change will also allow the ICO to better use resources on investigations where significant harm has been, or is likely to be, caused to individuals and where they can have the greatest impact as a proportionate regulator.


Source: ICO


About us

At LS Consultancy, we provide a cost-effective and timely bespoke advertising services  including GDPR support services to make sure all your advertising and campaigns are compliant, clear and suitable for their purpose.


Our range of innovative solutions can be tailored to suit your unique requirements, no matter whether you’re currently working from home, or are continuing to go into the office. Our services can be deployed individually or combined to form a broader solution to release your energies and focus on your clients.


Contact us today for a chat or send us an email to find out how we can support you in meeting your current and future challenges with confidence.


Explore our full range today.


Contact us


Why Not Download our FREE Brochures! Click here.


Call Us Today on 020 8087 2377 or send us an email.


Contact us



Connect with us via social media and drop us a message from there. We’d love to hear from you and discuss how we can help.


Facebook  Instagram  LinkedIn  Twitter YouTube