Filter By

Show All

Connect to


Who's 46% contemptible, 45% inept, 9% clueless? The ICO's fined felons, that's who


ICO fines increase by over 400%

The Information Commissioner’s Office (ICO) is in the midst of a flurry of activity. So far this year it has fined 11 firms for transgressions in their marketing efforts – just one fewer than the total for the whole of 2020. So, is the ICO challenging the murky practices of the adtech players, the widespread ignoring of the cookie rules or delving into marketers’ use of opaque machine learning algorithms for making offer and pricing decisions? Well, it may be, but they’re not what’s prompted the ICO’s £1.2m of fines in the space of 10 weeks.

The ICO’s time warp dance

The General Data Protection Regulation (GDPR) is approaching 3 years old, along with its legal implementation in the UK, the 2018 Data Protection Act (DPA) - but that’s not what might be causing sales, marketing and customer experience professionals sleepless nights. No, all of this year’s fines have been levied under the auspices of the aged Privacy and Electronic Communications Regulations (PECR), a set of rules which date back to 2003 - before most social media, messaging apps or smart phones.

Delving into the ICO’s lengthy Penalty Notices for each of the 11 fines throws up some interesting insight.

The first piece of insight from our analysis is, to be fair, undeniably very subjective. Looking at the companies involved, the way they set about doing business, the explanations they gave the ICO when under investigation and whether they are still in business, all allow some judgements to be made. This isn’t a scientific judgement and because I don’t want to be sued for libel, I’m not saying which specific companies fall into which category, but I’ve grouped them into three groups:

  1. The Contemptibles

Organisations that almost certainly knew the PECR rules very well, but just decided to ignore them

  1. The Clueless

Companies whose attempts at direct marketing were so devoid of forethought and planning that a fine (even a tokenistically small one) seems almost cruel

  1. The Inept

The most interesting group. Companies – including ones turning over ten, even hundreds of million pounds – on this list of 11 which seem to be woefully ignorant of some real basic activities, like:

  • Ensuring online checkout journeys include clear information and customer control over future email marketing contacts
  • Screening outbound calling numbers against the TPS
  • Completing proper due diligence when sourcing third party prospect data
  • Including an opt facility on marketing text messages

Channel choices

Perhaps surprisingly – 20 years after the demise of telemarketing was first predicted – it’s live phone calls that are the most commonly used communication channel in these cases.

What do they do?

It’s a mixed bag of businesses. The lure of trying to sell face masks without stopping to think about the regulatory requirements has added a couple of ecommerce sites to the naughty step, but the biggest group is lead generators. These are businesses that really should – and almost certainly – did know better than to cut the corners that resulted in their fines.

Covid exploitation?

The ICO was explicit from the first lockdown a year ago that it intended to target firms which were breaking the direct marketing rules in order to exploit consumers through the pandemic. To some extent it has done this, with a number of opportunistic hand sanitiser and face mask sellers having been fined. However, in its communications the ICO can (ironically enough) over-sell the extent to which some dodgy marketing practises are Covid-related. It seems to be a stretch to claim that non-compliant marketing is Covid-related just because it’s been carried out during the pandemic. But then, deep down, the ICO seems to be instinctively uncomfortable about a lot of marketing per se.

So, after a quiet 2 years since the implementation of the GDPR and new Data Protection Act the ICO has been coming down hard on firms that disregard personal data protections when acquiring and engaging with customers. It just hasn’t – thus far – been making use of the new rules to do so.

Which makes it even less forgivable when companies fall foul of the old PECR rules, which give specific guidance around how electronic and voice communication channels are used. Like all things in the world of data protection, the rules can be complex in certain situations, but the basics are pretty clear. And should be second nature to competent sales, marketing and customer experience professionals.

If it’s not, make a start with the DMA Code here.

Or drop us a line, sign up to our monthly newsletter Or have a stimulating read through the ICO’s enforcement notices and draw your own conclusions about who's contemptible, who's inpet and who's just clueless.

Hear more from the DMA

Please login to comment.


Related Articles

The Consumer Email Tracker is highly valuable when it comes to helping marketers walk a mile in their subscribers’ shoes, providing an effective mirror for changing subscriber behaviours, especially when broader drivers are at play. The recently launched 2021 edition (sponsored by Validity) is no exception: the impact of the Covid-19 pandemic, and the continuing GDPR “Halo Effect” are clearly visible, as the following key take-outs show.

Consumer Email Tracker- Deep-Dive Insights from the Email Council_Research articles copy (002).png

It’s time to go back and plan the future. After a global pandemic that is lasting way longer than anyone would have expected, what will consumer behaviour look like in the coming years? Sit back, relax and enjoy this journey into the future, according to Dentsu’s latest trends.

A Roadmap to 2030 - Attempt Two-01.png

In February, the Email Council welcomed guests from Virgin Media and Liberty Global to share what they think of the email space - spam, fraud, and the role of legitimate senders. The following Q&A provides a summary of the key talking points from the session.

DMA Email Council February Meeting- Virgin Media Talking Points_Research articles copy 2.png

Email marketing is part of a much bigger ecosystem and the way consumers engage with their emails reflects this. This report will provide you with a wealth of deep insights into how subscribers engage with their messages – their perceptions, preferences, and dislikes when it comes to email.

Report web image.jpg