LAD Media Ltd fined £50,000 for unsolicited text messages
Article added: 06/02/2017
Bury based LAD Media Ltd have been fined by the Information Commissioners Office (ICO).
LAD Media are a lead generation and data brokerage company, two of the data related business areas most recently being targeted by the ICO.
Over a 2 month period between early January 2016 and early March 2016, the ICO received 158 complaints about the company sending unsolicited direct marketing messages.
Not only were there complaints about the text messages being unsolicited, but the messages broke several other guidelines published by the FCA because companies advertising for Debt must ensure that:
8.9.2 (3) That the lead generator has processes in place to ensure it complies with the Data Protection Act and with the Privacy and Electronic Communications (EC Directive) Regulations 2003.;
8.9.4 (9) They do not falsely claim or imply in any way that it is or represents a charitable or not-for-profit body or government or local government organisation.;
8.9.7 Check the lead generator’s Privacy and Electronic Communications (EC Directive) Regulations 2003 process documentation; and
8.12 Does not send, or cause to be sent, an electronic communication to a customer(C) unless C has previously notified the lead generator that C consents for the time being to such communications being sent or caused to be sent by the lead generator
LAD Media’s messages read:
“Government schemes allow you to write off a high % of debt you cannot afford, reply HELP or go to www.resolvefinance.co.uk for information. Or Stop to opt-out”
The company said it had purchased opted-in data from a third party supplier who had generated their data from a number of websites, but the consents obtained on those websites did not meet the required standard to satisfy the Privacy Electronic Communications Regulations (PECR) which is necessary for the sending of texts and automated voice calls.
Although LAD Media’s data suppliers had claimed that the data they had supplied was suitably opted in for the sending of text messages, a commonly misunderstood fact is that it is the company whose message is carried on the text who is held liable and not the data supplier if the opt-ins are later found to be insufficient. In this case, the ICO did not accept the company’s data supplier’s claims that the data was suitably opted in so LAD Media were held liable for breaching PECR.
The ICO stated that the company had failed to conduct sufficient due diligence on its data suppliers before starting the text campaign. A lack of due diligence is becoming a common criticism levied by the ICO of the companies it has fined during 2016 and 2017.
The ICO have stated:
It is not acceptable to rely on assurances of consent without undertaking proper due diligence. Such due diligence might, for example, include checking the following:
- How and when was consent obtained?
- Who obtained it and in what context?
- What method was used - e.g. was it opt-in or opt-out?
- Was the information provided clear and intelligible? How was it provided - e.g. behind a link, in a footnote, in a pop-up box, in a clear statement next to the opt-in box?
- Did it specifically mention texts, emails or automated calls?
- Did it list organisations by name, by description, or was the consent for disclosure to any third party?
- Is the seller a member of a professional body or accredited in some way?
A reputable list broker should be able to demonstrate that the marketing list for sale is reliable by explaining how it was compiled and providing full details of what individuals consented to, when and how. If the seller cannot provide this information, a buyer should not use the list.
LAD Media Ltd Monetary Penalty Notice as issued by the ICO
TPS Services Richard Kane said:
“The primary reasons for LAD Media getting fined are fundamentally the same reasons for many other fines recently. The ICO’s change of position on the way it interprets PECR has caught and will continue to catch many companies out.
Processes and practices that have been adopted by the data industry as a whole, and seen by the ICO over many years, have now become unacceptable. Its right that this new line of compliance should be in place, but the ICO could certainly have done a better job educating the industry and, moreover, accepted some responsibility for why the industry operates in this way in the first place.”
If your business purchases or sells data then you should read the latest
Direct Marketing Guidance issued by the ICO for a complete explanation of what the ICO expects from companies involved in or buying from the direct marketing industry.