Back to more articles

Digitonomy Ltd fined £120,000 for unsolicited texts

 Article added: 17/02/2017

Chester based Digitonomy Ltd has been fined by the Information Commissioners Office (ICO) for sending unsolicited text messages.

This is yet another fine levied by the ICO for a common lack of understanding about what consent is required to contact people by text message (which applies equally to email and calling numbers registered on the Telephone Preference Service).

Digitonomy Ltd

Digitonomy send text messages to generate loan leads including:

Are you still short of cash after XMAS break & need a loan? Get an INSTANT DECISION on loans up to £2000. Go to TODAY txt STOP to 60075

Little Loans: Need Extra Funds This New Year? Get up to ;3,000 with Instant Decision & Same Day Cash. APPLY NOW reply STOP to optout

We have reviewed your details. We could arrange a 250 loan today. Any credit rating. for CASH NOW. Amy at Approvals. Dont Delay. End2OptOut

The company hit the ICO’s top 20 most complained about companies in December 2015.

The ICO investigation discovered that between 6 April 2015 and 29 February 2016, 1408 complaints were made to the 7726 spam text service about the receipt of unsolicited direct marketing text messages sent by the Company. Between 6 April 2015 and 29 February 2016 a further 56 complaints were made direct to the Commissioner.

The Company’s affiliate managers confirmed that the Company had instigated the sending of 5,900,940 text messages during the period.

The ICO did not consider that the Company undertook sufficient due diligence. It did not, for example, carry out a proper review of the privacy notices of the websites from which the data had been obtained. Had it done so, it should have been clear that the Company did not have consent to instigate the sending of unsolicited direct marketing text messages. These notices could have been provided by their affiliate manager had they been requested by the Company. The Commissioner is therefore satisfied that the Company failed to take reasonable steps to prevent the contraventions.

Digitonomy Ltd Monetary Penalty Notice as issued by the ICO

In fining the company, the ICO said

“As instigator of the direct marketing text messages, it was the responsibility of the Company to ensure that sufficient consent had been acquired.

Organisations cannot send, or instigate the sending, of marketing text messages unless the recipient has notified the sender that he consents to messages being sent by, or at the instigation of, that sender.

Consent must be freely given, specific and informed, and involve a positive indication signifying the individual’s agreement. Indirect, or third party, consent can be valid only if it is clear and specific enough. Informing individuals that their details will be shared with unspecified third parties, is neither freely given nor specific and does not amount to a positive indication of consent.

Organisations buying marketing lists from third parties, or contracting with third parties to carry out marketing for them, must make rigorous checks to satisfy themselves that the third party has obtained the personal data it is using fairly and lawfully, and that they have the necessary consent. Organisations must ensure that consent was validly obtained, that it was reasonably recent, and that it clearly extended to them specifically or to organisations fitting their description.”

It is not acceptable to rely on assurances of indirect consent without undertaking proper due diligence. Such due diligence might, for example, include the following:

  • How and when was consent obtained?
  • Who obtained it and in what context?
  • Was the information provided clear and intelligible? How was it provided – e.g. behind a link, in a footnote, in a pop-up box, in a clear statement next to the opt-in box?
  • Did it specifically mention texts, e-mails or automated calls?
  • Did it list organisations by name, by description, or was the consent for disclosure to any third party?
  • Have they checked that the data meets the required standard of consent by obtaining a sample of the data and have they conducted further periodic sample checking of data in addition to the monitoring of complaint levels (and sources of data)?
If your business purchases or sells data then you should read the latest Direct Marketing Guidance issued by the ICO for a complete explanation of what the ICO expects from companies involved in or buying from the direct marketing industry.
Back to more articles