The DMC website uses cookies to help enhance your experience and improve functionality on our website.

By continuing to use our website you are agreeing to the use of these cookies. Cookies terms and conditions can be found here.

Direct Marketing Commission - Enforcing Higher Industry Standards

ICO warns data broking industry after issuing £80,000 fine to data supplier

6th November, 2017 at 17:17pm

Verso Group (UK) Limited failed to comply with data protection law because it was not clear with people about what it was doing with their personal information.

This is the first fine to be issued following a wider investigation by the ICO into the data broking industry.

The Hertfordshire-based business generated leads by contacting people in the UK from two overseas call centres. Personal data was gathered from what telephone operators described as surveys, but were in fact lead generation calls. Other practices included buying in data from various firms to be packaged up to sell on to companies for use in direct marketing without the correct consent required.

The firm’s practices spanned a number of years and as a result, anyone affected could not have known who would be obtaining and using their personal data for marketing.

Verso should have ensured that the people whose personal data it was dealing in were given specific information about the companies who would potentially be marketing services to them.

Along with the requirement to process data fairly, Verso should have had people’s consent to use their information in this way. The company could not provide proof of this consent. If businesses are buying data they must be sure of the source of the information and obtain the correct consent.

George Kidd, DMC Chief Commissioner said:

“Properly done, sourcing leads and securing consent to marketing is absolutely core to businesses, charity fundraisers and others. When it’s not not done properly and when the consents are uncertain at best or even non existent the result is intrusion, frustration and even fear on the part of those getting calls and messages.

Good businesses understand that. This understanding is underpinned by self-regulation as exists with the DMA Code. When things may not be as they should be self-regulation can play a valuable role in ensuring improvements are made that up the standards and reduce the demands on statutory regulators such as the ICO. While Verso was in DMA membership we tried, through an investigation and adjudication to get the company to review and change their practices. Mostly that approach works: sometimes, as with Verso, it  does not. In these situation we are clear on the importance of the Direct Marketing Commission giving the ICO information and support to help them reach the appropriate decision.