Online broker Carfinance247 has been fined £30,000 by the Information Commissioner’s Office (ICO), after an affiliate partner sent 65,000 unsolicited text messages on its behalf in 2015.
These messages were sent between 28 August 2015 and 18 December 2015, and were sent to individuals whose details had been obtained from a third party.
This resulted over 900 complaints being made, either to ICO directly or to a spam reporting service.
When contacted by the Commissioner in November 2015 about the texts, the broker said the messages had been sent by an affiliate partner with whom they had a commercial relationship. It said the messages were sent without their prior knowledge or authorisation and that it only became aware of the activity after receiving a number of direct complaints from individuals.
However ICO concluded that detailed guidance exists for those carrying out direct marketing, explaining a company’s legal obligations for direct marketing, including the circumstances under which organisations are able to carry out marketing. In particular, it states that organisations can generally only send marketing texts to individuals if that person has specifically consented to receiving them.
ICO said: “It is therefore reasonable to suppose that the Company knew or ought to reasonably have known that there was a risk that these contraventions would occur.”
Carfinance247, ICO said, was unable to provide any evidence that it had taken due diligence to ensure the party had obtained the personal data using fair and lawful means, and that they had the necessary consent.
As a result, the broker was fined £30,000, though this could be reduced to £24,000 if the fine is paid by 12 October 2016.
Louis Rix, co-founder and director at Carfinance247 said: “This is a troubling story and we take absolute responsibility. We pride ourselves on our relationships with our customers and potential customers and this outcome was not intentional. We would like to reassure you that we absolutely understand the severity of this situation and would like to apologise to anyone affected.
“We entered into a commercial partnership with a third party last year in good faith believing that the data they held was fully opted in and that consumers had agreed to receive communications from the third party. As soon as it emerged that this was not in fact the case, we ceased the partnership and stopped the campaign immediately.
“During the ICOs investigation, we have worked extremely closely with them to address the problem and have put in place robust processes to prevent anything like this happening again with future relationships.”