UK’s ICO Regulatory Authority Increases Its Focus on Unsolicited Texts
August 15, 2017
The Information Commissioner’s Office (ICO), the United Kingdom’s independent regulatory agency in charge of enforcing various data privacy laws, recently closed a texting case that suggests a renewed interest in protecting consumers from receiving unsolicited marketing communications.
Financial Company Fined £80,000
In July, ICO fined UK-based credit company Provident Personal Credit Limited £80,000 for sending nearly 1 million unsolicited text messages that promoted its personal loan offerings. This case is important for two reasons.
First, Provident tried to avoid being fined by asserting that a third-party vendor had sent the text messages without Provident’s consent. ICO’s Head of Enforcement, Steve Eckersley, dismissed this argument publicly, stating, “[c]ompanies have no excuse whatsoever for sending nuisance texts, whether they do it themselves or employ someone else to do it for them.”
Second, ICO reaffirmed that, when capturing consumer consent, consumers must be explicitly told which entities they are consenting to receive marketing text messages from. This July decision came down after a similar May decision, where ICO fined Concept Car Limited £40,000 for sending hundreds of thousands of spam text calls without proper consent.
This uptick of fines for unsolicited text messages is particularly noticeable, and places a spotlight on all UK companies that wish to text message its customers.
Refresher on ICO’s Consent Guidelines
While US law attempts to regulate text messaging communication by curtailing the types of technologies companies may choose, the UK regulatory scheme focuses on the content of the text messages themselves. ICO has published specific guidelines on how to perform direct marketing through both email and text messaging.
For instance, firms must clearly identify themselves within the consent statement and within any marketing communications. “Indirect consent,” which may used for other forms of marketing, most likely cannot be leveraged by firms in sending text messages. Relying on “soft opt-ins” as a basis of consent might also prove to be challenging. The guidelines also outline the proper steps firms must put in place to handle opt-out requests. Firms need to build comprehensive policies and procedures to make sure consent has been obtained properly and legally.
Because consent is the key to unlocking texting as a legitimate communication channel, UK companies need to be particularly mindful of the accuracy and clarity of consent statements, as well as make sure that there are technologies in place, such as Hearsay Messages, to ensure that all texts closely match this scope of consent.
Disclaimer: The material available in this article is for informational purposes only and not for the purpose of providing legal advice.
- Scaling Compliance for Social Media and Texting
- Introducing New AI-Powered Compliance Controls and Risk Meter
- How to Roll Out a Compliant Text Messaging Program [Webinar]