UK $170K Spam fine; Spam Bosses will be PERSONALLY Liable

sms spamOcean Finance, owned by Intelligent Lending was fined $170,000 for spamming. They say its the brokers fault.

In 2014 the UK based company sent 7.7 million text messages peddling a new credit card. The company purchased the names and phone numbers of the text recipients from a third party data broker, with assurances that it had people’s consent to send texts.

With almost 2000 complaints on record, the Information Commissioners Office (ICO) launched an investigation. The ICO determined that the consent did not meet legal requirements and issued an enforcement notice and imposed the fine. 

Ocean Finance maintained that they were told by the third party vendor that the data was compliant, and as such they were not culpable. However, data privacy law in the UK places responsibility for compliance and consent with the marketer, regardless of any assurances from the vendor.

The ICO wants this to be a learning opportunity for others and said

“Company bosses everywhere should sit up and take note of this fine and check their practices are compliant with the law before embarking on marketing campaigns.

“It’s your responsibility to make rigorous checks to ensure personal data has been obtained fairly and lawfully. It’s not enough to rely on the word of a third party.”

Marketing by text, email, and phone is held to stricter requiremets than postal mail marketing. And marketing to a third party list can be risky because the marketer has not had control of the data collection process from the start.

In the UK the definition of consent says that people are consenting to be contacted by the particular company to whom they gave consent. Say I am selling umbrellas and I ask my buyers if they'd like to be contacted by text the next time my products go on sale. If they agree, they are agreeing to be contacted by ME about my umbrella sale. They have not given consent to be contacted  by anyone else for anything else.

I might also ask if they would be interested in hearing about the rain boots my next door neighbor sells and the raincoats the company down the street makes. If the consumer accepts, they have agreed to third party marketing. But only by the explicit companies I mentioned. If I gave the names and numbers of those consumers to the chap selling insurance, that would be illegal, even if its flood insurance.

In the UK these days it is very common for offending companies to simply go out of business to avoid paying any penalties levied against them. A recent report found that only four of the 22 recent fines issued have actually been paid. The companies simply fold and start right up again under a different name.

While the ICO makes much of their various enforcement actions, critics say that nothing is actually being accomplished. The same companies, just calling themselves something else, continue to bombard people with unwanted solicitations.

The ICO is renewing their efforts to collect the outstanding fines, and to put penalties in place to prevent the "phoenix" companies from rising from the ashes of the firm that evaded fines by going bankrupt.

A new law (Unsolicited Marketing Communications (Company Directors) Bill) is in the works that will beef up the ICO's powers by making the directors of guilty firms personally responsible for fines. The Direct Marketing Association is all for that measure and more. The DMA is calling for prison sentences for chronic offenders as well. 

The DMA promotes the industry and works to keep direct marketers compliant with the letter and the spirit of the law. Its members must agree to abide by a code of conduct in order to join and membership is a badge of accreditation. The DMA works to educate its members through research and events and encourages responsible marketing. It is the industry's strongest advocate and is not reluctant to kick out egregious or chronic offenders.


Further reading: