Seen at GPDP:
Telemarketing: the Privacy Guarantor sanctions Enel Energia
The company had not protected its databases from access by abusive toutsThe Privacy Guarantor has imposed a fine of over 79 million euros on Enel Energia for serious shortcomings in the processing of personal data of numerous users in the electricity and gas sector, carried out for telemarketing purposes.
The proceeding originated from an investigation by the Financial Police following which the Authority had already applied fines of 1 million and 800 thousand euros to four companies and confiscated some databases used for illicit activities.
From further investigations carried out by the Guarantor, it emerged that Enel Energia had acquired 978 contracts from the four companies, despite the fact that these did not belong to the energy company’s sales network.
Furthermore, following subsequent inspections at Enel Energia, the Authority ascertained that the information systems intended for customer management and the activation of services by the company showed serious security deficiencies. Enel had not implemented all the necessary measures to prevent the illicit activities of abusive canvassers who – by identifying easy “entry doors” into the company’s information systems – have fueled for years an illicit business carried out through nuisance calls, promotions of services and signing of contracts without real economic benefits for customers.
In light of the serious violations found, which over time concerned the activation of at least 9300 contracts, the Guarantor therefore imposed a fine of 79,107,101 euros on Enel Energia, the highest ever applied by the Authority.