I reckon the DMA ought to act on their remit. Did you know that they are supposed to audit companies data protection compliance once a year? I work for a marketing company and we havent seen them in four years. On the last data compliance visit I intentionally witheld the documentation to see if they would follow up, they didnt.
They ought to perhaps also vet new companies members and run the DP audit on them before they are allowed to join. We used to believe that the DMA logo was a sign of a legitimate business working well within the law but they let anyone pay their membership fees and become a full member. Check out some of the recent one man bands featured in the press recently, all members.