Spam, legitimate marketing and the law

Other sites require users to opt in by ticking a box ­ this is the clearest way for consumers to give prior consent. But the only legal requirement is that the site owner tells the user very clearly how the information they provide will be used so they can decide whether to give prior consent.

Some sites may make consent a condition of registering for a website, service, newsletter or competition. They need to make this point clear by publishing a statement that is large enough to be read and close to the part of the website where the user’s email address is entered. This would be along the lines of: ‘If you sign up for this service you are consenting to receive email marketing from us.’

However, the site must also make it clear how you can opt out from future messages.

Soft options
There are other ways in which we provide information that companies can use to contact us with offers. Every time you make an enquiry and give contact information for a reply, you are giving implicit consent for the company to use that information and there’s no time limit on how long they can hold the information. This is what the ICO calls “a soft opt in”. There are additional rules about what they can use it for, though.

First, your email address must have been collected ‘in the course of a sale or negotiations for a sale’ even if it wasn’t completed. Second, if you have you bought products from the company in the past then only promotional messages relating to ‘similar products and services’ can be sent. Companies may also contact you if your details were collected after you were given the opportunity to opt out but declined to do so.

Cease and desist
All companies that send marketing emails or text messages must make it easy for the consumer to stop receiving them. Every email marketing message must have a link or address that can be used to stop communications.

Our verdict
Most of the spam you will get will be from the criminal fraternity. There is nothing that the ICO can do about this as the spammers are usually based outside UK jurisdiction. These people need to be dealt with by law enforcement, not the ICO, as their intent is criminal.

However, if you have a complaint against a UK company you can involve the ICO. Its official advice is that if the email is from an identifiable UK source, reply with an opt-out request, and keep a copy. If you have already done so and you are still getting emails from the same source, you can file a complaint with the ICO.

Don’t forward the spam to the Office as it has a form on its website designed to help you pick out the information it needs to process your complaint. If appropriate it will take enforcement action, but the ICO does have to give the company time to put things right.

www.ico.gov.uk
01625 545 745