The Royal Mail in the United Kingdom have been fined £12,000 for sending 327,000 nuisance emails to people who had opted out of receiving such emails from them. By sending the emails, the Royal Mail broke the law, says the Information Commissioner's Office (ICO) and they took appropriate action. The emails were sent to customers on two separate occasions in July 2017.
Royal Mail defended the action as they believed the emails were more a "service" than marketing, for the emails that informed the reader of lower prices for parcels. The ICO disagreed with this, and that they were sent to advertise lower prices as part of a marketing strategy.
"Royal Mail did not follow the law on direct marketing when it sent such a huge volume of emails, because the recipients had already clearly expressed they did not want to receive them. These rules are there for a reason - to protect people from the irritation and, on occasions, distress nuisance emails cause. I hope this sends the message that we will take action against companies who flout them.
ICO's Head of Enforcement, Steve Eckersley
Royal Mail has since apologised for their actions, stating that it would be carrying out additional training for staff, stating that they take customers' privacy "extremely seriously".
After Friday 25th May 2018, these types of marketing campaigns will be directly affected by the General Data Protection Regulation (GDPR) that so many of us have heard a lot about in the past year or more. As the deadline looms, how companies handle data is incredibly important, and making sure that email marketing campaigns are only sent to those who have chosen to be informed or contacted.
There is additional legislation that is still pending relating to business people's details, and whether these too are classed as personal data. With stories including Facebook, Mark Zuckerberg, Cambridge Analytica, and the 87 million people who had their details shared, Cliff Richard and the BBC, YouTube and Global Child Privacy issues, the stories of fines will continue long into this year, and next. Some 30 social media platforms are under investigation as we write this, to see how they have been used in global political campaigns. Interesting times, but if you think the ICO will just be chasing the "bigger companies", think again.
A complaint can be logged by anybody against your organisation, who does not want you to keep their personal data. You must show that you have procedures in place to deal with this, and prove how the data has been removed. Fines will by up to €20 million or 4% of annual turnover, whichever is higher. Can you afford not to deal with the GDPR's watchful eye? Your office equipment, such as multifunctional devices and software are at the forefront of your GDPR "compliance". Speak to us to learn more, on how we can help your business or organisation.