Skip links

Spam crusade lands charity in hot water with data watchdog

Typically it is energy improvement peddlers or debt help specialists that are disgraced by Britain’s data watchdog for spamming unsuspecting households, but the latest entrant in the hall of shame is a charity.

The Information Commissioner’s Office (ICO) has ordered Penny Appeal, which sends aid to more than 30 crisis-hit countries worldwide, to cease and desist.

The charity was found to have dispatched more than 460,000 unsolicited texts during a ten-day period to 52,000 people that had not consented to receive the messages or had “clearly opted out,” the ICO said.

Following receipt of the texts, the ICO and Mobile UK’s Spam Reporting Services received 354 complaints. Among them individuals reported saying their opt-out replies were ignored and others described the messages as “intrusive” and often received late at night.

During the course of its official probe, the ICO says it found Penny Appeal had constructed a new database and users’ requests to opt out were not recorded, with messages transmitted to “anyone that had interacted” with the charity inside the past five years.

The watchdog has been engaged with Penny Appeal since 2020, addressing prior complaints about a similar campaign in the past. The charity had previously “committed to improving compliance with direct marketing law” yet the latest batch of complaints show it was “still sending illegal marketing texts,” the ICO said.

Penny Appeal has 30 days to stop sending marketing comms for which it doesn’t have valid consent, something the data regulator wants to remind all charities of.

Andy Curry, head of investigations at the ICO, said in a statement: “Penny Appeal inundated people with text messages, with no regard for their consent or their right to opt out. This is unacceptable and we will act decisively to protect the public from unsolicited marketing texts.”

“We also appreciate that small charities may need a helping hand when it comes to understanding the law. However, this is not an excuse for breaking it. All organisations sending direct marketing messages are responsible for ensuring they have valid consent to contact every recipient.”

Charities falling under the glare of the ICO is not unheard of. In 2018, a counseling charity attracted the watchdog’s ire after leaving confidential files in a former office building. And 11 charities were fined in 2017 over dealings with people’s personal data, including Cancer Research UK and Oxfam.

Mostly, however, it is still commercial organizations that are falling afoul of the regulator. ®