Filter By

Show All

Connect to


DMA Customer Data Council: Responding to the ICO'S Experian Enforcement Notice


This article is written by the Thought Leadership and Best Practice hub of the Customer Data Council.

Hear from the Customer Data Council’s Thought Leadership and Best Practice Hub about the wider implications of the ICO’s enforcement notice against Experian and what steps you can take next.

In October the ICO issued an enforcement notice against Experian in a legal first step to halt data processing here.

Recent discussions by the DMA’s Customer Data Council recognise the impact this has especially on organisations processing third party data, with the DMA receiving enquiries from across its member base.

The Council’s Best Practice Hub has some recommendations to follow whilst we await the outcome of Experian’s appeal against the notice.

Don’t Panic

The knee jerk reaction to minimise your own risk is to halt any kind of processing that is affected by the enforcement notice. However, whilst the enforcement notice is being appealed it is on hold – so if you had previously understood your processes to be compliant you should treat it as a watching brief. In the midst of a challenging climate and with Christmas approaching, it is important that you don’t simply turn off the tap. Working with third party data is going to be vital for organisations in the coming months.

Review the DMA’s resources on Third-Party data

The current Third Party best practice guidance is still the accepted standard to date and will continue to be so until further clarification is received. Make sure you review this and check your data processing practices against this.

The DMA has a host of other helpful resources such as the channel Best Practice guides here, as well as white papers including third party email list rental and lead generation.

Ensure Accountability

The DMA’s Director of Policy and Compliance, John Mitchison, has summed up the key findings of the notice. It is important you understand the notice and check your own processing, especially against those points.

One of the most important elements of the GDPR is accountability. Make sure you are abiding by your legal basis, ensure your data mapping is up to date, log examples of data capture statements and processing notices presented to audiences (the what and the when) and include examples of opt-out opportunities. Make sure your logs of withdrawals, complaints and access requests are up to date. Take this opportunity to edit or review privacy policies and contact details to ensure processing notices are clear and up-to-date. And do not treat these as just a paper exercise, be brutally honest they still stand and live by your words.

Reach out to the DMA

It is important for us to understand the queries and concerns our members have, which we are here to help with. If you have any concerns, please do get in touch with us. You can find out how best to do this, here.

Check in

The DMA is committed to understanding the ICO’s ruling, as well as the basis for Experian’s appeal and will be reviewing and reporting on the situation. Please look out for further information on the DMA website.

Hear more from the DMA

Please login to comment.


Related Articles

The Consumer Email Tracker is highly valuable when it comes to helping marketers walk a mile in their subscribers’ shoes, providing an effective mirror for changing subscriber behaviours, especially when broader drivers are at play. The recently launched 2021 edition (sponsored by Validity) is no exception: the impact of the Covid-19 pandemic, and the continuing GDPR “Halo Effect” are clearly visible, as the following key take-outs show.

Consumer Email Tracker- Deep-Dive Insights from the Email Council_Research articles copy (002).png

It’s time to go back and plan the future. After a global pandemic that is lasting way longer than anyone would have expected, what will consumer behaviour look like in the coming years? Sit back, relax and enjoy this journey into the future, according to Dentsu’s latest trends.

A Roadmap to 2030 - Attempt Two-01.png

Email marketing is part of a much bigger ecosystem and the way consumers engage with their emails reflects this. This report will provide you with a wealth of deep insights into how subscribers engage with their messages – their perceptions, preferences, and dislikes when it comes to email.

Report web image.jpg

The DMA’s Responsible Marketing Committee’s Privacy Working Group provides a detailed guide to DSARs. Read on for practical information on the importance of DSARs, templates and case studies.

Cover web image.png