Evolution t/a Green Button – Complaint about direct marketing
Please note that the Commission investigates complaints against DMA members involving breaches of the DMA Code. Any adjudication is based solely on compliance with the DMA Code and it does not, and cannot make comment on the lawfulness or not of the members’ actions.
This case centred on the supply of data of over 2 million consumer records to be used for an SMS marketing campaign. The texts sent promoted an opportunity to place bets with a gambling company. The complainant had received two unwanted text messages to this effect over the Xmas period. The complainant was certain that he had not consented to receive the messages and had uncovered a lengthy supply chain over which his data was passed and which involved three DMA members. The messages the complainant received were mis-matched to an incorrect Christian name.
In considering cases where there is some form of value chain and where the member is using suppliers for a service to provide opted-in data to an explicit channel and sector, the Commission looks for assurance that sufficient due diligence is undertaken to show that supplier arrangements are compliant. Given the high volume of records required for this order, the ‘sensitive’ nature of gambling and the requirements for the provision of clearly opted-in data, each member in the supply chain had a responsibility to undertake adequate controls and checks.
As of 1st May this year, Green Button became a separate legal entity to Evolution Direct Marketing Ltd – the Commission’s adjudication was based on its status and relationship with Evolution at the time of this investigation.
Evolution (trading as Green Button) sought to source data in order to send this over to Verso which in turn sent the data to Digitonic, the text broadcaster. The supplier was known to Evolution (Green Button), but only through a partnership delivering an unrelated campaign. In the absence of any documented materials, the Commission could not see how Evolution (Green Button) assured itself that the data was owned and controlled by the supplier as claimed and felt able to forward it to Verso. As part of the investigation Evolution (Green Button) confirmed the data the sourced and supplied to Verso was not generated and owned by its supplier, and that the original provenance of the data could not be ascertained.
The Commission concluded that there was insufficient due diligence undertaken, and did not think that Evolution’s (Green Button) awareness of the issues and risk in procuring this type of data was reflected in its arrangements.
The Commission accepted that Evolution (Green Button) had undertaken remedial actions and produced revised due diligence materials and that there was no intent to supply data of this nature again. The Commission also noted the declaration that in future data would not be accepted from amalgamated sources and record samples would be obtained to include screen shots of opt-ins and corresponding dates.
The Commission found Evolution to be in breach of Rules 3.11 and 4.1 below.
The Commission strongly reminded Evolution of their obligations under the DMA Code.
3.11 When buying or renting personal data, members must satisfy themselves that the data has been properly sourced, permissioned and cleaned.
4.1 Members must act decently, fairly and reasonably, fulfilling their contractual obligations at all times.