Information Commissioner's Office
|Printable version||E-mail this to a friend|
ICO says ‘there’s nowhere to hide’ for companies bombarding people with nuisance texts
The fight against companies sending spam texts continues as the ICO issues a £30,000 fine to Manchester firm Carfinance247 Ltd.
The penalty is the result of an investigation prompted by 912 complaints about the car finance brokerage firm’s text messaging tactics. Its four month marketing campaign involved 65,000 messages, all sent to members of the public without sufficient consent.
The law says that organisations must only send marketing text messages to individuals if they have agreed to receive them, except where there is a clearly defined customer relationship. Carfinance247 did not do this so they broke the law.
Messages, including the one below, were designed to drive people to a business website.
"You have been accepted for Car Finance no upfront costs or credit checks, Drive away in a car within 24hrs at www.go-finance.com to stop txt stop"
The www.go-finance.com domain is now defunct.
When challenged by the ICO, the company claimed another business had sent the messages without their knowledge.
Steve Eckersley, the ICO’s head of enforcement said:
“Carfinance247 Ltd tried to hide behind another company and distance themselves from the marketing practices involved.
“Let me be clear - if your business has hired someone else to provide direct marketing then the responsibility for the campaign is yours. There is nowhere to hide. If you break the rules we will find you and fine you.”
Notes for editors
The Information Commissioner’s Office upholds information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
The ICO has specific responsibilities set out in the Data Protection Act 1998, the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003.
The ICO can take action to change the behaviour of organisations and individuals that collect, use and keep personal information. This includes criminal prosecution, non-criminal enforcement and audit. The ICO has the power to impose a monetary penalty on a data controller of up to £500,000.
The Privacy and Electronic Communications Regulations (PECR) sit alongside the Data Protection Act. They give people specific privacy rights in relation to electronic communications.
There are specific rules on:
- marketing calls, emails, texts and faxes;
- cookies (and similar technologies);
- keeping communications services secure; and
- customer privacy as regards traffic and location data, itemised billing, line identification, and directory listings.
We aim to help organisations comply with PECR and promote good practice by offering advice and guidance. We will take enforcement action against organisations that persistently ignore their obligations.
The rules on electronic mail marketing (which includes text messages) are in regulation 22 of PECR. In short, you must not send electronic mail marketing to individuals, unless:
- they have specifically consented to electronic mail from you; or
- they are an existing customer who bought (or negotiated to buy) a similar product or service from you in the past, and you gave them a simple way to opt out both when you first collected their details and in every message you have sent.
You must not disguise or conceal your identity, and you must provide a valid contact address so they can opt out or unsubscribe.
Civil Monetary Penalties (CMPs) are subject to a right of appeal to the (First-tier Tribunal) General Regulatory Chamber against the imposition of the monetary penalty and/or the amount of the penalty specified in the monetary penalty notice.
Any monetary penalty is paid into the Treasury’s Consolidated Fund and is not kept by the Information Commissioner’s Office (ICO).
To report a concern to the ICO telephone our helpline 0303 123 1113 or go to ico.org.uk/concerns.
Latest News from
Information Commissioner's Office
Privacy regulators study finds Internet of Things shortfalls23/09/2016 09:20:00
Six in ten Internet of Things devices don’t properly tell customers how their personal information is being used, an international study has found.
ICO statement on Named Person scheme16/09/2016 12:05:00
29 July 2016: Following the Supreme Court judgement about the 'Named Person' scheme, the Information Commissioner's Office has issued a statement.
Information Governance survey15/09/2016 09:25:00
The Information Commissioner’s Office is carrying out some research to understand more about information governance frameworks in local councils.
Complainers trigger two ICO investigations leading to £100,000 in fines09/09/2016 10:15:00
Complaints from people bombarded with spam texts and nuisance calls have helped the ICO fine two companies a total of £100,000.