Is contacting non-members illegal spamming?
23 Aug 2011
We have definitive legal advice on
the subject of sending 'unsolicited
direct marketing emails' and a few
suggestions on how to guard against
breach of the legislation are also set
out below.
What is the legal position?
1) The two key pieces of legislation
governing the use of personal
data are (a) the Data Protection
Act, 1998 (DPA) and (b) the Privacy
and Electronic Communications
Regulations, 2003 (PECR). There
is more detail on the Information
Commissioner's Office (ICO)
website (below).
2) The law states that we cannot
transmit, or instigate the
transmission of, unsolicited
marketing material by electronic
mail to an individual unless they
have previously notified us, the
sender, that they consent, for
the time being, to receiving such
communications.
There is an exception to this
rule, which has been widely
referred to as the 'soft opt in'
clause of the PECR - Regulation
22(2). These rules state that we may send or instigate the sending
of electronic mail for marketing
purposes to an individual
subscriber where:
- We have obtained the contact
details of the recipient in the
course of a sale or negotiations
for the sale of a product or
service to that recipient;
- The direct marketing material
we send relates to similar
products and services from SCI;
- The recipient has been given
a simple means of refusing
the use of their contact details
for marketing purposes at
the time those details were
initially collected and, where
the recipient did not refuse
the use of those details, at
the time of each subsequent
communication.
We must satisfy all these criteria.
If we do, then we do not need
prior consent to send marketing
by electronic mail to individuals.
If we do not satisfy these criteria,
we cannot send marketing by
electronic mail to anyone without
their prior consent.
SCI would generally meet the
'soft opt in' clause, as delegates
(non-members) who attend our conferences/meetings were
obtained in the course of a sale as
outlined above. These individuals
have 'consented' to our invitation
to take part and can be contacted
again so long as they do not
'opt out' of any future email
communications we may send
them to promote conferences
(thereby refusing SCI or any
member acting on behalf of SCI
the use of their contact details).
3) Obtaining consent from an
individual prior to carrying out 'any
direct marketing' is paramount.
Failure to do so would not only
be unlawful, but would put the
Society at potential risk of a fine
and damage its brand reputation.
The level of fine, the ICO can issue,
has recently increased from £5,000
to £500,000. Two charities recently
escaped being fined by the ICO for
failure to secure their data, but a
host of others organisations have
been fined. It would appear that
the maximum fine so far issued by
the ICO is £120,000.
Who does it affect?
The DPA and PECR affects the SCI and
anyone acting on its behalf (eg, SCI
members or its partners).
John Brown, Honorary Treasurer,
Board of Trustees
Related Links