Why I think the ICO have got it wrong when it comes to consent and third party email marketing | DMA

Filter By

Show All

Connect to


Why I think the ICO have got it wrong when it comes to consent and third party email marketing


The ICO have recently stated that to do third-party marketing via email you cannot rely on an explicit opt-in to receive marketing messages from selected third parties. Your only option is to have been named at point of collection, or you have to have opted in to one or two verticals, e.g. to receive marketing messages from retail brands.

If you ask a consumer what they consider spam and what they consider marketing, the most typical consumer perspective is that marketing is something relevant and spam is anything irrelevant.

If a consumer is sat in on a Friday night thinking about getting a take away, and they receive an email containing a voucher for Deliveroo, they will think it was a timely piece of marketing. Do they really care if the email was from a third party or Deliveroo? No, because they just got a cheaper dinner as a result of a timely and relevant marketing message.

Nor, when they look at their postal mail and find a voucher for Dominos, are they thinking, “I wonder if Dominos delivered this or a third party?” They are either thinking: “Yes, I can now get a cheaper pizza.” Or: “This is junk mail.”

Likewise, when a consumer is deciding to open an email, they usually base their decision on whether to open the email or not by reading a subject line which is related to the content of the email and the same is true if they open and go on to unsubscribe. If it’s not relevant, they may then question why this brand is emailing me, how did they get my data, and how do I prevent any further communication from this brand? But, at every point in this process, they are crucially still thinking about the brand and the content of the email, and not the sender (whether first or third party).

And this is where, arguably, the ICO guideline fails the consumer. Unlike corresponding guidelines in America, the UK guidance purely focuses on the sender and not the content; and any innovation to improve profiling (ultimately, driving at delivering better targeted and more relevant messages to the consumer), is hit with more regulation.

The net result is that the consumer is not able to receive relevant messages from brands, which they may well be interested in, leaving them only able to receive messages from brands they have signed up to, which could well be less profiled and less relevant. This is not to deny the usefulness of blocking unwanted and irrelevant messages clogging up consumers’ inboxes; but the vast majority of reputable brands invest heavily in responsible consumer profiling and targeting, so their emails are much less likely to be viewed as spam in the first place.

Let’s not forget that consumer research shows year-on-year that consumers actually like receiving relevant messages from brands via email – in fact, 2016 UK research by the DMA, and US research by Adestra, clearly shows that over 70% of consumers prefer to receive offers from brands via email. Email is the number one preferred channel, ahead by over 50 percentage points of any other channel, including SMS and social.

So, effectively, what the latest ICO ruling has done, is shut down a viable way for consumers to receive relevant offers – and offers from brands that might, in fact, be more competitive than the select number of brands they have already signed up to. As well as blocking a valuable advertising channel for brands that have spent considerable amounts of money in complying with previous ICO rulings and emailing responsibly, always giving consumers the choice to be able to opt-out of receiving messages. Ultimately, this cannot be in the interests of the consumer.

Why have the ICO got it wrong?

Cases brought to ICO, like the Optical Express case (Optical Express versus ICO 2015), existed because the end consumer received multiple marketing messages for Optical Express from six senders. Even if the sender, or Optical Express, had been named at the point of opt-in, the consumers could still have received the same email six times a day; and if they unsubscribed from one, they would have still received another. Consumers here would have still complained because they didn’t want six emails from Optical Express.

If the ICO enforced rules similar to CAN-SPAM in the US, you would be unsubscribing from the advertiser, preventing any further mail from Optical Express, regardless of sender.

Third-party advertising via email offers small and large brands a cost effective way to engage with relevant audiences. Targeting is deterministic, so leads to much more relevant marketing messages being sent and allows the consumer to hear about new brands and offers.

It is a valid advertising channel, which unlike others is opt-in and opt-out and most responsible mailers make it easy for anyone to do so. Adchoices have made some ground in display, but for most consumers they have no idea how to opt-out of marketing in display, social, and video. Email and SMS are the only channels to require both an opt-in and an opt-out.

Engagement via third-party marketing on email is high and comparable to a first-party sender – open rates average 20% (first-party is 22%), CTRs over 4% (first-party is 3%), unsubscribe rates are minimal at 0.02% (first-party is 0.5%) and complaint rates negligible.

So, if third-party sends are generating as good engagement as first parties, and fewer complaints, is the ICO stance the right path to take?

Consumers are not dumb; and we shouldn’t treat them as if they are. When they tick a box consenting to receiving marketing messages from third parties, they understand it is marketing they will receive from unnamed third parties. Yes, there should be time limits and data shouldn’t be re-brokered for years on end. But if you market responsibly, as many do, the third-party email channel provides an effective advertising channel and significant revenue contribution to the UK digital economy.

There is no incentive for an advertiser to limit how many email partners they use to market their message to, because there is little repercussion to them. As long as the opt-in exists for the sender, why not use ten mailers?

Why have the US got it right?

The US acknowledge that there was widespread consumer acceptance of email marketing and that, for the advertiser, it offered a low-cost marketing channel with better returns than other channels, like display. In 2003, Congress enacted the CAN-SPAM Act. This does not flatly prohibit all unsolicited commercial e-mail. Instead, it sets out specific requirements for the content of these messages and to ensure that consumers can opt-out of receiving them.

Essentially, when an email is being used for affiliate marketing/third party, then the company being advertised is seen as the sender and the affiliate is seen as the initiator. Therefore, a consumer unsubscribes from the company being advertised and it is their responsibility to ensure the consumer is never mailed again by anyone.

In essence, you are giving the consumer the power to say they like or dislike your content and it encourages the advertiser to not spam people across multiple senders. You are also providing brands, big and small, with an advertising channel that doesn’t cost the earth and delivers a strong CTR.

So, what I think the email marketing industry should ask the ICO to consider is, do their guidelines accurately address the consumers’ frustrations (i.e. does the consumer actually just want to block messages based on content rather than the sender?) and is third-party email marketing the worst thing in the world when it can be shown to be relevant? Should the email channel really be so heavily penalised when it has already spent years investing in cleaning up its practises, improving its consumer profiling, maintaining meticulous hygiene practices, and ensuring explicit opt-in to third-party marketing?

Hear more from the DMA

Please login to comment.