Firms fined for sending millions of nuisance messages

The ICO has issued fines totalling £495,000 to well-known companies that between them sent more than 354 million nuisance messages. We Buy Any Car, Saga, and Sports Direct were all penalised for sending marketing emails or texts without permission.

We Buy Any Car was fined £200,000 for sending more than 191 million emails. The firm also sent 3.6 million nuisance texts. Saga Services Ltd and Saga Personal Finance were fined £150,000 and £75,000 respectively for instigating more than 157 million emails between them, while Sports Direct was fined £70,000 for sending 2.5 million emails.

Andy Curry, ICO head of investigations, said: “Getting a ping on your phone or constant unwanted messages on your laptop from a company you don’t want to hear from is frustrating and intrusive. These companies should have known better. These fines show the ICO will tackle unsolicited marketing, irrespective of whether the messages have been orchestrated by a small business or organisation, or a leading household name. The law remains the same and we hope today’s action sends out a deterrent message that members of the public must have their choices and privacy respected.”

We Buy Any Car sent emails to people who had requested an online valuation of their vehicles. The Information Commissioner found that the initial emails sent after a valuation request were made within the law, but that subsequent emails which also promoted the We Buy Any Car service were unlawful because they contained marketing as well as being sent without consent.

Both Saga Services and Saga Personal Finance instigated emails using partner companies and their affiliates. These companies used data lists of people who had not given the companies permission to contact them. The companies say they relied on indirect consent, however the laws around electronic messages are stricter as they are more intrusive and the ICO says this form of consent is not adequate.

Meanwhile, Sports Direct sent 2.5 million emails as part of a re-engagement campaign between December 2019 and February 2020 with people they had not contacted for some time. They were unable to show any evidence of consent to contact the recipients.

Curry said: “Companies that want to send direct marketing messages must first have people’s consent. And people must understand what they are consenting to when they hand over their personal information. The same rules apply even when companies use third parties to send messages on their behalf.”

The ICO’s investigations into the companies were sparked by complaints from the public. The ICO has issued 17 fines totalling more than £1.7m so far this year (2021/22) for breaches of direct marketing laws.

    Share Story:

YOU MIGHT ALSO LIKE


Cyber risk in the transportation industry
The connected nature of the transport and logistics industries makes them an attractive target for hackers, with potentially disruptive and costly consequences. Between June 2020 and June 2021, the transportation industry saw an 186% increase in weekly ransomware attacks. At the same time, regulations and cyber security standards are lacking – creating weak postures across the board. This podcast explores the key risks. Published April 2022.

Political risk: A fresh perspective
CIR’s editor, Deborah Ritchie speaks with head of PCS at Verisk, Tom Johansmeyer about the confluence of political, nat cat and pandemic risks in a world that is becoming an increasingly risky place in which to do business. Published February 2022.