Freelancers get alerts on unsolicited texts after spam marketer fined £80,000
Freelance marketers eyeing texting as a cheap or easy way to promote a client’s business should think again – if they plan on sending the SMS messages unsolicited.
The Information Commissioner’s Office says that, in 2020, marketing agency H&L Business Consulting Limited did exactly that -- texted people who hadn’t given consent to be texted.
And not just the odd message.
In fact, H&L’s “high volume” of unsolicited messages touting a get-out-of-debt scheme equated to it sending out more than 14,000 texts a week.
In total, from Jan 2020 to July 2020, the firm led by its owner Julius Gray sent 451,705 spam messages for “direct marketing purposes” (only 378,000 were delivered), the ICO added.
'My phone isn't their advertising platform'
Potentially realising that uninvited texts breach the Privacy and Electronic Communications Regulations (PECR), some 300 people on the receiving end of the messages complained.
One complainant, albeit not to Mobile UK’s Spam Reporting Service (contact 7726 and spell out ‘SPAM’ while forwarding the message ), but to the ICO directly, blasted: “My phone is not their advertising platform.”
Other recipients reported feeling not just “annoyed” but also “anxious,” according to ICO head of investigations Andy Curry.
Clearly astounded at the insensitivity of its director, Mr Curry said H&L sought to “profit from the covid-19 pandemic” by targeting people who may have felt “vulnerable due to the health crisis.”
“The company director also failed to cooperate with the ICO,” reflected an equally unimpressed Charlotte Gerrish, founder of data law advisory Gerrish Legal.
“[In addition Mr Gray] concealed his identity by using false company details on his websites, changed the wording on the text messages and changed his company’s registered address after becoming aware of the [ICO’s] investigation.”
'No longer self-employed'
Interestingly for freelancers who operate as sole traders, Mr Gray originally operated as a sole trader -- JG Consulting, but upon being probed by the ICO, moved to a limited company.
But not only did this apparent bid to conceal his activities fail (he did not mention his new business to the ICO), the structure-change also failed to thwart an ICO data-request.
In October 2020, Mr Gray told probing ICO officials he was “no longer self-employed” and so no longer had the laptop which he ran his marketing agency business from.
So he would only be able to answer the ICO’s queries “from memory,” he claimed at the time.
'Sole traders required by HMRC to record-keep for five years'
“His comments about the laptop were noted”, said the ICO’s Mr Curry, “but it was also noted [by us] that sole traders are legally required to keep records for at least five years for tax purposes”.
With its awareness of HMRC’s requirements for sole traders, the ICO may have outsmarted Mr Gray but, ultimately it was the watchdog’s own framework which was his undoing.
“The PECR restrict unsolicited marketing calls, emails and texts,” says data lawyer Ms Gerrish, pointing out that the ICO ruled that H&L breached regulation 22.
She added: “Under these regulations, marketers must obtain specific consent to send unsolicited direct marketing. When marketers are in breach of this obligation, the ICO has the power to impose a monetary fine on the data-controller.”
Given other factors including H&L concealing its identity (a breach of regulation 23), the ICO decided that a financial penalty was “appropriate.”
And mirroring the volume of spam which Mr Gray sent, the penalty is hefty.
“The commissioner has decided that a penalty in the sum of £80,000 is reasonable and proportionate, given the particular facts of the case and the underlying objective in imposing the penalty.”
'No means the first or last ICO penalty of its kind'
The ICO also said the penalty would go down -- to £64,000 -- if Mr Gray paid early.
But the risk of more firms being slapped with financial sanctions for unlawful marketing appears to be going up, according to Gerrish Legal’s Komal Shemar.
“The fine imposed by the ICO on H&L Business Consulting Ltd is by no means the first or last of its kind.”
In a statement yesterday, Ms Shemar continued to FreelanceUK: “Any company or freelancer in the UK looking to conduct marketing through calls, emails and text messages needs to be aware of the Privacy and Electronic Communications Regulations.
“These rules apply to all unsolicited marketing regardless of the size of your economic undertaking.
“So, freelancers who are deemed to be acting as data-controllers in this respect are also under an obligation to obtain specific consent for such direct marketing before sending such material out.”
'Freely given consent'
In the official ruling against H&L, the ICO reminds that to be valid, consent must be “freely given;” “specific,” and “informed” -- which it cannot be if people “do not understand what they are consenting to.”
And guidance from the data regulator for direct marketing agencies adds that “organisations need to be aware that ‘indirect’ consent will not be enough for texts, emails or automated calls.”
Given the legal complexities with direct marketing, far from saving money by using techniques like texting, freelancers who flout the PECR risk ending up facing untold costs.
'Freelancers looking to keep legal costs down'
“Although the regime is different for ‘solicited’ marketing -- i.e. marketing proactively requested by the individual, where legitimate interests as opposed to consent could be relied on, this is still an area that should be reviewed with legal advice on a case-by-case basis,” advised Gerrish Legal.
The law firm added: “Or for freelancers looking to keep legal costs down, [this is an area best-] avoided altogether by relying on consent and options to retract such consent.”
12th April 2022