British telco Virgin Media is facing a £50k financial penalty after spamming more than 400,000 opted-out customers urging them to sign back up to receive marketing bumf.
Just one customer complained to the Information Commissioner’s Office (ICO) about receiving the spam – but that was enough to spur the regulator into investigating.
In a message disguised as a routine communication about tariff prices, Virgin told the unfortunate 451,217 recipients it knew full well they’d opted out of marketing emails but wanted them to opt back in.
A dischuffed customer wrote to the ICO urging action, describing the spam as “basically a service message dressed up as an attempt to get me to opt back in to marketing communications.”
When the ICO asked Virgin why it did this thing, the telco said the 451,000 recipients had opted out of being spammed more than a year ago, and therefore “might have changed their marketing preferences.”
Even though 6,500 customers decided to opt back into receiving marketing emails as a result of the mailshot, the ICO said this wasn’t enough to ignore regulation 22 of the Privacy and Electronic Communications (EC Directive) Regulations 2003. This is the bit of the law that says email marketers must have your consent before filling your mailbox with enticing new ways to part you from your hard-earned cash.
“The fact that Virgin Media had the potential for financial gain from its breach of the regulation (by signing up more clients to direct marketing) is an aggravating factor, not a defence,” sniffed the unamused watchdog.
We have asked Virgin Media for comment and will update this article if we hear back from the firm.
The ICO offered Virgin a £10k discount on the fine if it pays up by 9 January 2022, adding in its monetary penalty notice: “However, you should be aware that the early payment discount is not available if you decide to exercise your right of appeal.”
This financial inducement not to appeal against ICO rulings dates back to at least 2019 and appears to be routine text included in the regulator’s penalty notices.
A week ago The Register revealed that the ICO had been quietly slapping the wrists of large and public-sector organisations that broke data protection laws while reserving the majority of its meaningful punishments for SMEs.
In November, we also revealed that the data protection authority has £5m outstanding in unpaid fines. ®