ICO Delivers £60K Fine to Nuisance Email Firm
The Information Commissioner’s Office (ICO) has been forced to fine yet another marketing company for breaking privacy laws by failing to gain consent from individuals before bombarding them with messages.
Stevenage-based Everything DM Ltd (EDML) sent a whopping 1.42 million emails to recipients on behalf of its clients via a direct marketing systems called Touchpoint.
That meant recipients had no clue the emails were being issued by EDML, which performed the service for clients for a fee.
“Whilst EDML have indicated that they carry out due diligence checks on the organizations that they license the data from, sight of the third party privacy policies and fair processing notices relied on by EDML for the marketing campaigns indicate that there is only reference to data being passed to unspecified ‘partners’ and/or ‘third party companies’, involved in a wide range of marketing sectors,” the ICO said in its penalty notice.
“EDML are not specifically named and in the circumstances do not appear to hold valid consent to engage in direct marketing. Furthermore there is no indication that the individuals had consented with the original list owners to receive direct marketing from the organizations for whom EDML sent direct marketing emails. The Commissioner is of the view that EDML relied wholly on indirect consent for their actions in relation to the licensed data.”
EDML has received a £60,000 fine for breaking the PECR, privacy regulations which dealing with the sending of marketing missives.
EDML is certainly not the first to be hit with a fine for email marketing. Last year Moneysupermarket.com was handed down an £80,000 penalty after bombarding customers with over seven million emails in a 10-day period, even though they’d opted out of direct marketing.
Consumer rights group Which? last month called on the government to come good on its promise of making directors of firms responsible for their PECR breaches. As it stands, many try to circumvent fines by declaring bankruptcy — leaving them free to start all over again.
Source: Information Security Magazine