Price Comparison Site Fined £80K for Ignoring Customers' Email Opt-Outs | Tripwire

Price Comparison Site Fined £80K for Ignoring Customers' Email Opt-Outs

Posted on July 21, 2017
Riviera Beach Pays Nearly $600K to Recover Data after Ransomware Attack
A UK price comparison website must pay an £80,000 fine after it ignored customers' requests to opt out of marketing email blasts. On 20 July, the Information Commissioner's Office (ICO) announced the penalty against Moneysupermarket.com after the business sent out 7.1 million emails over a 10-day period. Those emails included a "Preference Centre Update" section asking customers who had already opted-out of marketing email campaigns to opt back in. Such a move violates UK privacy laws. The exact text of the illegal email segment is presented below:
"We hold an e-mail address for you which means we could be sending you personalised news, products and promotions. You've told us in the past you prefer not to receive these. If you'd like to reconsider, simply click the following link to start receiving our e-mails.”
ms-logo.fp1430224634696fp.png
Customers successfully received 6,788,496 of the millions of emails sent out by Moneysupermarket.com between 30 November 2016 and 10 December 2016. Steve Eckersley, who heads enforcement for the United Kingdom's chief data privacy agency, says that "emails sent by companies to consumers under the guise of 'customer service'" constitute "a circumvention of the rules." He then affirms the ICO's commitment to going after such companies that break the rules. As quoted in a statement released by the Information Commissioner's Office:
"Organisations can’t get around the law by sending direct marketing dressed up as legitimate updates. "When people opt out of direct marketing, organisations must stop sending it, no questions asked, until such time as the consumer gives their consent. They don’t get a chance to persuade people to change their minds."
Moneysupermarket.com's fine will ultimately go to the Treasury's Consolidated Fund, for the ICO doesn't keep any of the monetary payments it receives. News of this penalty emerges less than a year after the Information Commissioner's Office ordered UK telecommunications provider TalkTalk to pay a record fine of £400,000 as a result of the massive data breach that compromised the personal information of 157,000 customers in 2015.
Join over 20,000 IT security pros who get our top stories delivered to their inbox every week!