Direct Marketing Commission - Enforcing Higher Industry Standards

Data & Marketing Commission | Enforcing Higher Industry Standards



Tribute to Matti Alderson 28th October, 2020

On 16 September 2020, we said goodbye to Matti Alderson, former Chair of the Direct Marketing Authority (before she launched the Direct Marketing Commission) and former Director General of the Advertising Standards Authority (ASA), but we have not lost her legacy, described as “an unrelenting focus on making sure that all UK ads are legal, decent, honest, and truthful.”

A passionate advocate of self-regulation, Matti was a committed leader of the UK ad watchdog, which has credited her as a “driving force” in raising its profile. In 1974, Matti joined the ASA as a case officer and became Director General in 1990, spending ten years in the role, in which she particularly focussed on regulating tobacco advertising.

During her tenure, Matti also helped co-found the European Advertising Standards Alliance (EASA), the organisation that coordinates advertising work of self-regulatory bodies across Europe. She became Vice Chair in 1997, the same year Matti joined other industry figures at the European Parliament to give a powerful presentation on the portrayal of women in advertising.

When Matti left the ASA in 2000, its annual report praised her contributions.

She went on to become Managing Director of FireHorses, which providedadvice on regulatory policy and strategy to clients in the public and private sectors, and lead the Direct Marketing Authority (now the Direct Marketing Commission). She expanded the DMC’s role and influence, developed the responsibilities of its directorate, and strengthened relationships with the industry and consumers.

Charles Ping, former DMA Chairman and currently Industry Commissioner on the DMC, said:

“I was lucky enough to work with Matti as DMA Chair when she started her tenure at the DMC.

Matti arrived at the Direct Marketing Commission with a fully rounded understanding of how a regulator works, and what makes the difference between a regulatory environment that supports good business and one that doesn’t. Her view was robust, questioning and always centred in a fair view of how regulation should work.

From her time at the ASA, she instinctively understood that clarity and consistency were key, as well as the ability to clearly articulate the logic behind decisions. It was a challenge within a regulator who had a remit to regulate the code of a body, not an all-encompassing industry wide endeavour, and this made for an interesting journey over the years.

Matti’s commitment to the DMC was clear and she will be remembered by me, and those with whom she worked, as a professional committed to improving the standards of industry through better regulation.”

The obituary from The Times stated that Martha (Matti) Hallyburton Connolly was born on 20 December 1951 in Alexandria, West Dunbartonshire, the daughter of Edward, a captain in the Merchant Navy, and Helen, a nurse. She lived in London with her husband Alan Alderson, IT Director for the Bauer Media Group.

“The couple did not have children, but welcomed young people into their home every year from the former Soviet regions affected by the Chernobyl disaster. They never formally adopted but supported one Belarusian boy from the age of 11 through school and university. He later changed his name to Alex Alderson and called the couple mum and dad.”

Matti died peacefully of undisclosed causes at the age of 68.

The DMA and DMC expresses their deepest condolences to Matti’s family, and the many colleagues and friends she left behind within the ad industry and beyond.

click for more information

Vacancy – Independent Commissioner 2nd June, 2020

Independent Commissioner

Location: London

Approximately 7-10 days per annum.

Salary – £5,250: plus reasonable expenses

Closing Date end July

The Data & Marketing Commission (DMC) is the body which oversees and enforces the Data & Marketing Association (DMA)’s Code.  The Code and DMC are there to give effective protection to recipients, users and practitioners of the data driven marketing sector. It aims to ensure companies observe the highest standards of integrity and trade fairly with their customers and with each other.  This is achieved by investigating complaints and identifying trends in data driven marketing that might raise issues for consumers and the sector. The DMA are looking to appoint a new Independent Commissioner as the current incumbent’s term is due to expire at the end of 2020.  The term would be for three years, renewable once.

Historically the DMC has adjudicated against complaints about DMA members but now has an extended remit in support of the Advertising Standards Authority (ASA) with complaints by consumers in relation to data and in particular Legitimate Interest and related matters.

The Independent Commissioner will need to have experience in a senior strategic role within regulation or governance, and to have a broad understanding of regulatory principles, process and practice, and ideally have a legal background.


The Independent Commissioner will be expected to attend a minimum of four meetings a year held at the DMA’s offices, attend adjudications, and review and process case and other paperwork relating to these meetings.

The Independent Commissioner will also be expected to represent the DMC at DMA meetings and other events and meetings as required.


  • Sound judgement and analytical skills
  • Ability to digest and make good sense of complex cases
  • Ability to understand the legal context in which an adjudication is required
  • Ability to work and debate effectively
  • To adjudicate, acting objectively

A full Job Description is available on request.

Applications to

click for more information

Data & Marketing Commission announce new Chief Commissioner 7th May, 2020

Amerdeep Somal confirmed as new Chief Commissioner of the Data & Marketing Commission

07 May 2020 – Amerdeep Somal has been named as the new Chief Commissioner of the Data & Marketing Commission (DMC) – the industry body that oversees and enforces the DMA Code.

Led by the Chief Commissioner, the DMC investigates and adjudicates on reported breaches of the DMA Code by members of the Data & Marketing Association (DMA). The team of commissioners work to ensure responsible marketing and ethical marketing practices are maintained.

“I am honoured to be appointed as the new Chief Commissioner. Over the past 25 years, I have remained committed to serving organisations where independence, public interest and trust are placed front and centre of all practices,” said Amerdeep Somal, Chief Commissioner of the DMC. “Responsible marketing, transparency and ethics are key drivers for building consumer trust in the data and marketing industry – the DMC will continue to promote and enforce these values across the DMA’s membership. I am privileged to lead the DMC into the next stage of its evolution.”

Somal brings 25 years’ senior executive and non-executive experience to the position, previously operating within a series of high-profile stakeholder roles across a variety of sectors.

Previous roles include founding Commissioner and Board Member at the Independent Police Complaints Commission. She is presently Independent Assessor of the Financial Ombudsman Service, She will also continue to hold her positions as a Judge at the Ministry of Justice UK, Council Member of the General Medical Council and Board Trustee at Refuge.

Somal’s appointment comes as George Kidd comes to the end of his term, after 12 years with the DMC – first as an independent member of the DMC Board and then selected as Chief Commissioner in 2010.

“I’d like to personally thank George for his leadership, expertise and commitment to the DMC throughout his long tenure. He has been a truly remarkable ambassador to our industry,” added Stephen Maher, Chair of the Data & Marketing Association Board. “I am also delighted to welcome Amerdeep as the new Chief Commissioner. Her wealth of experience and invaluable knowledge of regulatory and judiciary practices will help drive the DMC forward into a new era.”

click for more information

DMC Annual Report – 2018/19 22nd April, 2020

“We are pleased to share our latest Annual Report of the Data & Marketing Commission. If there is a message running through the report it is one of partnership: partnership with the DMA as the author of the Code and partnership with fellow regulators of data, privacy and marketing practice. This becomes ever more important as  technology enables amazing innovation that goes beyond the understanding people have of how information about them is collected, built on and interpreted when offers are then put before them.”

Please see here for a copy of the 2018-19 Annual Report

George Kidd, Chief Commissioner

click for more information

Postra Communications Ltd (t/a – complaints about direct marketing 20th April, 2020

The DMC investigated complaints from two businesses who had ordered a door drop delivery. Neither complainants were satisfied that the deliveries had been carried out adequately and they had both described their relationship with the member as strongly lacking in terms of engagement, responses and assurance that their leaflets had been delivered.

In the materials provided by the complainants, the DMC could not find any evidence to show that Postra Communications had been clear and transparent with its two clients.  It appeared that the clients had made multiple attempts to make contact so that they could be assured their deliveries were to be carried out as agreed and ordered. The material seen clearly indicated a reluctance or inability to share information on delivery schedules or evidence of completed deliveries. In the absence of any meaningful responses to the DMC or the clients on the matters raised it seemed appropriate to conclude Postra misled customers over performance under the contracts in question and that the deliveries were not adequately fulfilled.

The DMC did not think that Postra had complied with any of the key principles which asks members to value their customers, to act in accordance with their expectations, to be honest, fair and transparent and to act responsibly at all times. The DMC considered that Postra was in breach of the following rules set out in the DMA Code because it did not give the DMC any reason to believe that it had adhered to them.

2.1 Companies must not mislead customers; companies must be clear, open and transparent.

4.1 Members must act decently, fairly and reasonably, fulfilling their contractual obligations at all times.

4.6 Members must maintain adequate records to demonstrate compliance with the Code – and must maintain an adequate system of monitoring and audit.

4.8 Members must at all times give prompt, efficient and courteous service to customers – and must ensure they have in place adequate administrative procedures and resources to achieve this.

The lack of engagement and responses to Postra’s two clients was also mirrored in its lack of engagement with the DMC process.  The DMC did not think Postra had co-operated fully with its investigations or enquiries and had ignored frequent approaches.  The DMC found a breach of rule 4.9 in the DMA Code which states: 

Members must accept the jurisdiction of the Data & Marketing Commission (DMC) and co-operate fully with their investigations or enquiries. Members must comply with any conclusion reached by the DMC, including any decision to take disciplinary action resulting from a breach of the Code.

The DMC reached the view that Postra had shown itself unconcerned by a failure to meet contractual commitments, with failures thereafter to engage with clients or in any meaningful way with the DMC. Commissioners saw nothing to show the company was committed to complying with the DMA Code and the DMA principles.

The DMC would recommend to the DMA Board that it considers removing Postra from membership of the Association.

The DMA Board approved and the member has now been removed from membership.

click for more information

ICO consultation – Direct Marketing Code of Practice 15th January, 2020

The ICO has published its long-awaited draft of the direct marketing code of practice and invited comments from professionals across the industry.

It is a critical document for the data and marketing industry because its elevated status as a code of practice, as opposed to guidance, will give it statutory status. Meaning that it will effectively become the legal rulebook for the sector.

The code consolidates previous GDPR guidance, PECR and cookie advice, and focusses solely on direct marketing – defined by the ICO as essentially one-to-one marketing.

The code has really benefitted from the experience and knowledge that the ICO have gathered since May 2018, in terms of frequently asked questions (FAQs) by organisations and case studies.

The ICO have included relatable, straightforward subject matter and examples that clearly make use of their learnings from previous industry engagement that help clarify grey areas and common mistakes made.

Their understanding of the data and marketing industry has expanded and been brought in line with modern technological advancements and regulatory changes.

There is plenty of useful preamble and scene setting – defining terms i.e. ‘direct marketing’ and ‘service messages’ etc. It also specifically mentions the DMA Code as a point of reference for marketing best practice.

It is aimed at “anyone that processes personal data for direct marketing. purposes”.

Key takeaways and chapter summaries

The code does not address each marketing channel or type of processing separately, as was the case with its predecessor.

Instead it takes a “lifecycle approach” with the main chapters including:

Generating and collecting data
Sending messages
There are also chapters on online advertising, selling and sharing data, and individual rights.

In addition, the code includes sections on marketing in mobile apps, in game advertising, TV advertising, and location-based marketing etc.

It also addresses the impact on different sectors, such as charity and B2B, where the rules are applied slightly differently.

In the planning chapter, there is a lot of focus on getting things right from the start by talking about data protection by design and the benefits of doing data protection impact assessments (DPIA) and conducting appropriate due diligence.

As well as how to understand the correct legal basis to use and the data controller to processor relationship.

Well established marketing practices are clearly explained and there are no huge issues or concerns in the interpretation of the law.

Although some of the finer details may come as a surprise to some i.e. Data appending is considered unfair processing, hosted email campaigns breach PECR, as do ‘Refer a Friend’ promotional campaigns.

Article 14 of GDPR says that if you obtain personal data from somewhere other than directly from the data subject, you are obliged to provide privacy information to that person within a month.

For companies that collect data from such sources as Companies House, Edited Electoral Roll or third-party data providers, this could have a major impact.

There is also a section on sharing data and switching legal basis that appears to be written because the ICO have seen this in practice and want to address it.

There are outstanding compliance questions regarding digital advertising and naturally these are not resolved by this code.

The online advertising and new technologies section has a focus on the need for transparency and the benefits of conducting a DPIA. It also summarises the relevant cookie requirements.

For those that use social media, the code makes it clear that social audiences and ‘lookalike’ audiences require consent.

Also, as a joint controller, the marketer needs to undertake due diligence on the social media platform to ensure that the data being used has valid consent.

Additionally, the code also states that in-app marketing will now need consent by the user, which could significantly impact the market for free apps in the future.

Next steps

The code will be circulated for consultation until 4 March 2020 and the final version is expected to be published later this year.

John Mitchison
Data & Marketing Association
Director of Policy and Compliance

click for more information

The DMC sets out its position for cases where Legitimate Interest is presented as the basis for marketing activity 6th January, 2020

The Direct Marketing Commission has had complaints relating to direct mail and telephone marketing where the activity was based on a Legitimate Interest rationale.  This is permissible under ICO guidance and the DMA and others have also issued guidance. The complaints received prompted an assessment of the practices seen in terms of the DMA Code, looking in particular at the timeframes in which data might be used and what might be considered ‘fair and reasonable’; a key Code provision. The assessment did not result in any formal adjudications but we will use this set of conclusions in considering any future complaints:

  • Direct Marketing, in particular for post and telephony, will often be practiced under the grounds of Legitimate Interest as is provided for in law and supporting guidance.
  • The DMC believes the reasoning behind a wholly consistent approach to timeframes for use of data irrespective of the basis on which it is used, is sound and unexceptional.
  • In the light of some evidence seen the DMC believes there is a need to address parameters for the use of data for marketing purposes.  It believes this will be valuable to businesses wishing to use Legitimate Interests and, therefore, required to carry out a Balancing Test.
  • Whilst the DMA guidance on the minimum standards of the lifetime of consent was levered towards the grounds for Consent, the DMC intends to use the same guidance applied to the grounds for Legitimate Interest for both third party and first party processing activity.
  • This means the DMC intends to use the six and 24 month standard set out in DMA guidance for the valid use of Consent* (see below) to market to apply equally to marketing based on Legitimate Interests.
  • These time periods are for guidance and it will be up to individual users of data to consider, justify and record any applicable valid reasons for extending the time period. These could include an annualised product purchase cycle, such as in travel, insurance or utilities.
  • When considering data used under a legitimate interest purpose that is coming to the end of a valid lifetime period, the new legitimate interest assessment should treat the time since the original personal data point was captured as a key factor in the assessment.
  • Building on this move to alignment over the timeframes for marketing based on Consent or a Legitimate Interest the DMC thinks it is right that there should be broad consistency in relation to how data subjects can exercise a right to opt-out of marketing.
  • The DMC believes marketing activity based on Legitimate Interest should make clear how people can ask to stop the unwanted mailings. That explanation should be prominent and the process should be as simple to use as possible. Wherever possible the DMC would expect a request to be removed for marketing lists operated under the Legitimate Interest rationale i.e. it should go to the entity providing this data to third parties. That is to say the consumer should not have to make repeated opt-out requests to individual marketeers. Their wish should be actioned by the originator of the data.

DMA guidance on consent timescales *

The DMA advises its members to adhere to these minimum standards on the lifetime of consent:

  • For third-party data: telephone, email, SMS; the maximum time that consent can remain valid is six months after initial collection or any other positive contact
  • For third-party postal marketing: the maximum time consent can remain valid is 24 months after initial collection or any other positive contact
  • For all first-party data: telephone, email, SMS and post; the maximum time that consent can remain valid is 24 months after initial collection or any other positive contact

The timeframes run from either the initial collection or further positive contact with the customer.

click for more information

Fulcio Marketing has DMA membership revoked 30th May, 2019

DM Commission investigation into Fulcio Marketing identifies several breaches to the DMA Code

9 May 2019 – Fulcio Marketing, a business-to-business direct marketing company, has had their DMA membership revoked. The Direct Marketing Commission (DMC), an independent body that oversees and enforces the DMA Code to which all DMA members must comply, launched a full investigation after receiving a number of complaints.

The DMC’s investigation identified several serious breaches relating to the absence of contracts and supply agreements, unsubstantiated responses (to both complainants and the DMC), and lack of evidence to the DMC of due diligence done by Fulcio in relation to the data it sourced and supplied. Complaints also made reference to poor customer service and unprofessional conduct.

The DMC concluded that Fulcio Marketing was in breach of a number of Code provisions and was not working to the customer first principles expected of DMA members. In response to the investigation’s conclusive evidence and the DMC’s recommendation, the DMA’s Board of directors took prompt action to revoke Fulcio Marketing’s membership.

Rachel Aldighieri, MD, DMA, said: “The DMA Code is an agreement undertaken by all DMA members upon joining the association. It demands that members put the needs of their customers first and be accountable for their actions. The data and marketing industry is on a positive trajectory and it is essential to the future of our industry that organisations adhere to the high standards set out by the DMA Code. It is never an easy decision to remove a member, but the integrity of the industry and customers’ best interests will always take precedence.”

George Kidd, Chief Commissioner of the DM Commission, added: “Consumers and businesses need to know they are dealing with organisations that are transparent, honest, efficient and professional, but also responsive if things go wrong. Complaints about Fulcio Marketing listed concerns over poor customer service, an absence of clear terms & conditions to underpin customer orders, and misleading information contained on Fulcio’s marketing material. This was followed by repeated failures to deal with legitimate queries and customer complaints.”

Fulcio Marketing (Rodgerson Black) – complaints about direct marketing


click for more information

DMC supports ASA as advisory panel 30th May, 2019

George Kidd, Chief Commissioner:

We are pleased to confirm the DMC will be supporting the ASA in relation to complaints relating to data use and particularly any issues around the legitimate interest grounds that can be referenced under GDPR.  The DMC has years of experience in dealing with issues of data supply chains and the consents or other grounds that will give them the possibility of consulting the DMC as an advisory panel.  This strengthens the self-regulatory arrangements that complement the ICO by helping address consumer concerns quickly and ensure high compliance.

(Information on the partnership under Organisations with Whom We Work in Partnership)

click for more information

Complaints about data and privacy still dominate 2018 14th February, 2019

Data, privacy and quality of data continue to lead consumer complaints,
according to the latest DM Commission report

Issues around data, privacy and its accuracy are the biggest concerns for consumers in 2018, according to the DM Commission’s Annual Report. In a year that saw the introduction of the General Data Protection Regulations (GDPR) coming into force, the DM Commission reported a marked reduction in complaints to the Commission against businesses in the direct marketing sector – from over 200 in 2017 to just over 100 this year.

The Commission investigated 27 cases involving members of the DMA in 2018. Of these, 83% related to data, privacy and quality (up from 69% last year), with the remaining complaints split between customer service (14%) and contractual (3%) issues. The Commission referred 76 complaints against non-member organisations to other relevant statutory or self-regulatory bodies, but also reached out to the businesses involved to inform them of the complaints, remind them of their legal and regulatory duties and ask them to address the consumers’ concerns.

Over the course of the year, the Commission Board decided it was necessary to conduct formal investigations into two businesses, finding one in breach of the DMA Code. Both of these cases were looked at against  the DMA Code and the guidance in place at the time of the incidents reported, so prior to the onset of GDPR in May.

George Kidd, Chief Commissioner of the DM Commission, said: “This has been quite a year for anyone and everyone involved in the marketing data lifecycle. The GDPR has put direct marketing in the spotlight as never before. The question now is ‘Has this made a difference?’ My sense is for most yes and for some no. Today most businesses understand the importance of their customer relationships and are conscious of the impact on their brands of not abiding by the new laws.”

Kidd continues: “Sadly, there is still a dreadful minority whose whole purpose in life seems to be to ‘spam and scam’, who misrepresent themselves, mislead those they target and have no regard for the law, except perhaps if the changes really do expose them to tougher action. The GDPR should give state regulators the power to focus on those organisations that spam and scam by intent.”


click for more information

New GDPR rules set the tone for consumers 29th May, 2018

The Commission welcomes new GDPR rules which came into force on 25th May, and which put the consumer firmly in the driving seat.  With the new law in place, individuals have more control over how their data is used, shared and stored and businesses must be accountable and transparent in the way they handle data.   The principles of the DMA’s Industry Code to put your customer first, respect privacy, to be fair and transparent, exercise diligence and to take responsibility are very much reflected in the new legislation. It will be business as usual for the Commission’s investigations, which are set against those principles in the Code, with the advantage that they are now supported by a higher legal standard.  Further details on GDPR can be found on the DMA website at

George Kidd, Chief Commissioner said:

“Its eye-opening how many different organisations are contacting us about the continued use of personal data: eye-opening in terms of how often and, perhaps, how casually we share data, consciously or otherwise.

I hope this new awareness – and who’d ever have thought data privacy would be a hot topic of conversation – is great news. It makes businesses, charities and data professionals think hard and creatively about how to explain the consents they seek to take and use data and about how this might benefit us as we get these requests. 

GDPR should not be about bringing the shutters down on use of data but opening the blinds to let us see when and how this can happen and how it can benefit us as customers, and citizens.”



click for more information

BT announces new service to prevent spam calls 25th January, 2017

The Direct Marketing Commission warmly welcomes the announcement by BT of new customer services that prevent spam calls.

In 2014 in our Annual Report and in evidence to an All Party political group we argued the case for action at the network level alongside regulation, co-regulation and work to inform and empower people.  It has been a long-time coming but it is good that this is now happening. We would look to all fixed and mobile carriers to look at how this protection can be assured for all.

For our part the DMC has taken and investigated complaints about marketing and so-called “lead generation” activities. We have set out our concerns over the reliance some businesses put on consents to marketing that are as unclear as they are old. The Direct Marketing Association are taking up this challenge with testing and audits. It is important these are set against clear and challenging requirements.

This is part of the “jigsaw solution” that looks necessary here as in other fields of consumer protection. Smart use of technology and meaningful industry expectations sit alongside action to educate and empower users and regulation. For our part regulators must learn from our past experiences.

Treating every sector and every service the same makes no sense when the commercial drivers and the nature of the customer relationship vary dramatically. Anyone looking at how the incentives, personal injury and PPI businesses had to reach out and capture clients should not have been surprised at how some of them went about their business. Sudden shifts in circumstances can stimulate rapid and sometimes unacceptable responses from those who want to get high benefit from the changes.

As soon as the Government suggested a far more liberal regime from taking funds from pension funds the DMC flagged the risk both of rogue activity but also of high volume and aggressive marketing to the millions who might be tempted to take advantage of the changes. Our worry, learning from past events, was that some stampede to win this business would outweigh any duty to respect TPS registrations and regulations on e-mail and other digital marketing. This ability to identify terms and risks is something self-regulation should be good at – and it’s something statutory regulators need to learn if they are to do more than sweep up the damage after it has occurred.

click for more information

DMC Annual Report 2015/16: Concerns over consent dominate complaints in 2016 4th January, 2017

Two problems continue to bother consumers in 2016: clarity of consent; and how far that consent extends to third parties according to the Direct Marketing Commission’s annual report for 2015/16.

Complex supply chains and confusion over consent represented the biggest concerns to consumers in 2016 according to the annual report of the Direct Marketing Commission, the independent body which investigates complaints made about DMA Members.

In 2016 the Direct Marketing Commission recorded 230 complaints between 1 July 2015 and 30 June 2016.  Those unrelated to DMA Members were passed to the relevant authority where possible. The DM Commission tackled 48 separate cases in total: 40 consumer complaints and eight business complaints.

During the year in question, the Commission Board formally investigated six businesses, four of which were found, following a complete adjudication process, to be in breach of the DMA Code.

Of the 48 cases, 35 (73%) related to data, privacy and quality. These cases often related to complex supply chains where insufficient due diligence meant the original consent or lack of consent had been overlooked, in breach of the DMA Code.

DM Commissioner George Kidd said, “In almost every case the Commission considered we found ourselves looking at lengthy supply chains that resulted in messages and calls to people who had made clear they did not want these and had not agreed to them,” he said.

Kidd is keen to remind DMA Members that failure to conduct sufficient due diligence could result in reputational damage for the supplier, agency and brand. “It’s simply not good enough just to say ‘I didn’t know’, ‘I work on a basis of trust’, ‘my suppliers filled in a form saying they would behave’ and ‘it’s not my fault; someone let me down’,” he said.

He said that consistent complaints about, “These issues with sub-contractors, call centres and ill-managed data supply chains prompted the Commission to raise matters with the DMA.

We are delighted the Association has started a process of audit and review of data broker and lead generation businesses to ensure they have the processes and the practices in place to ensure the consents they secure and the data they supply are clear,” he said.

The DMC Annual Report can be downloaded here at dmc-annual-report-15-16


click for more information

How long does customer consent last? 24th October, 2016

The data we collect on our customers and the data they give us is at the heart of everything we do as marketers. Of all of this data, the most important is how and when they gave (or renewed) consent to receive communication from your business.

The collection of this consent is something covered in the GDPR as needing to be ‘explicit’ and ‘unambiguous’. This means brand businesses will no longer be able to use pre-ticked boxes and justify consent through inactivity or silence.

But what happens once you have that consent? The law says that consent is given ‘for the time being’, but with the ICO adding that ‘consent decays over time’ what is the lifespan of consent? Unfortunately, this is where the laws and guidance become less specific.

The ICO has made a recommendation for third party data that consent should be considered invalid after 6 months. In essence, this means that marketers would have six months from the initial collection for first use.

On the topics of postal and all first party marketing data, however, there are no timeframes offered in the ICO’s guidance to date. That’s why the DMA’s Responsible marketing committee is launching a new consultation process open to all members to ask for your thoughts on how long you believe consent should last and how we should go about setting this as a standard for our industry. This may vary depending on the sector, vertical, channel and any number of other factors, but as responsible marketers we should be able to agree on a minimum standard.

The link below will take you through to a brief survey where you can offer your thoughts anonymously, unless you’d like to leave us your email address to continue the conversation further. The survey will run until 17th October and if you have any further questions or thoughts you would like to share with the committee, please contact Rosie Atherfold on or on 020 7291 3300.

By Skip Fidura, Chair of the DMA’s Responsible marketing committee

Tell us what you think

click for more information

DMA extends compliance process for businesses that buy or sell data 24th October, 2016

The DMA has announced the introduction of an additional compliance audit for all companies that buy and sell data. In line with the DMA’s drive for the highest standards and a responsible approach to data-driven marketing, the audit has been introduced to provide additional assurance to brands and reinforce the importance of only working with DMA member companies.

DMA member businesses that buy or sell data will be asked to go through an external audit that has been designed by the DMA, and will be conducted by an independent third party. At launch, the DMA has partnered with DQM GRC to conduct these audits.

Rachel Aldighieri, MD at the DMA, comments: “In an increasingly connected world, data forms the backbone of many businesses. Customers need to be able to trust that any data a company has on them will be treated in the correct way and that any business is being transparent about how they want to use that information. The updated compliance process ensures that DMA members continue to work to the highest standards and that membership remains a badge of accreditation that can be trusted in a data-driven world. Using an independent third party brings specialist knowledge in this area and ensures objective scrutiny so that the audit process is as stringent as it needs to be.

Fedelma Good, Director, Information policy & business controls at Barclays, added: “In today’s digital era, every interaction has the potential to create new data on existing or prospective customers. It’s crucial that everyone – whether brand, marketing agency or supplier – embraces fully the objectives of transparency and trust when it comes to the gathering and use of this data so that confidence in digital and direct marketing is consistently reinforced. The DMA’s extension of its compliance process means that when we’re working with another member, we can be sure we’re working with a likeminded business that is accountable and acts responsibly.”

The updated process for those companies buying and selling data who wish to join the DMA will be implemented immediately. Existing members of the DMA that fall into this business category will be made aware of the need for an external audit a minimum of three months before their scheduled renewal date in 2017.

click for more information

Industry watchdog: “DMC – Consent should be given, not taken” 14th January, 2016

In 2015 the actions of data brokers came under tremendous media scrutiny. The work of the Direct Marketing Commission (DMC) over 2014 to 2015 has reflected these developments while investigating those DMA members that have been the subject of complaints.

Between 1 July 2014 and 30 June 2015, the DMC received 262 complaints direct from the public. Of these, 60 related to DMA members and the remainder were referred to the appropriate statutory or self-regulatory body. There were five formal investigations and most of these involved issues that had affected many of the general public and had been the cause of hundreds of complaints to other bodies or media criticism.

In two cases the Commission upheld breaches of the DMA Code. In three cases the Commission set out where it thought reforms were need to ensure compliance with the DMA Code. In all cases the changes were agreed. In each case the Commission shares its findings with the DMA and it has been an active contributor to initiatives by the Association to ensure DMA membership is seen as proof of a commitment to standards and trust in the market place.

Complaints have typically been around consent to marketing calls and messages, how and when it was given, and how the data was then used.

“The DMA Code says members are responsible for the proper sourcing, consents and cleansing of the data they trade and that members are responsible for the actions of their suppliers. The DMC wants to make sure that these rules are applied.  We see it as a problem if things go wrong and members tell us they relied on the assurances of others that consent has been given for the use of data but did nothing to check that this was true. 

“It’s simply not good enough for people to buy and sell data if they have no means of satisfying themselves that the people involved have given consent for the information to be shared in the way proposed. 

“Consent is something people give, not something that is taken,” said DMC Chief Commissioner George Kidd.

From 1st January 2016, the DMC has appointed two new Industry Commissioners to help in its work – Fuel CEO Charles Ping and Fedelma Good, Director of Information Policy and Strategy at Barclays, who replaces retiring Commissioners David Coupe and Danny Meadows-Klue. We thank David and Danny for their hard work and commitment to the DMC.

Both Charles and Fedelma are data specialists. Fedelma Good began her career in banking in Dublin, gaining her MSc in computer science, and then moving to London where she further built her career with Deloitte, Equifax, Acxiom and running her own consultancy before going back to banking, this time with Barclays as Director of Information Policy and Strategy.

Charles has more than 25 years’ experience as a client, a supplier and running an agency. He is also a former chair of the Direct Marketing Association, and for the past 10 years has been a non-executive director of the Advertising Standards Board of Finance, which regulates non-broadcast advertising.

The DMC’s annual report can be downloaded from


click for more information

George Kidd, Chief Commissioner receives accolade for services to the industry 22nd July, 2015

George Kidd, Chief Commissioner has received this year’s Roll of Honour award from the DMA for his services to the direct marketing industry.

George Kidd said: “I was surprised and delighted to be added to the Roll of Honour. I see it as recognition of the work of the Commission as a team and of the ways in which the DMA has focused on the user experience of direct marketing, investing hugely in an amazing new Code that deals with the big picture issues of privacy, honesty, taking responsibility for services and conduct and diligence in managing data. In less than ten pages the Code sets standards we can all understand, that few could debate and that we can all follow. There are lessons here for lawmakers: less is more!

Please here see link to DMA website.

click for more information

Recent adjudications – businesses that buy and sell data 20th July, 2015

The Commission recently conducted adjudications on two companies which were the subject of extensive coverage in the Daily Mail earlier this year. The allegations in the newspaper were serious and the Commission looked carefully at the conduct of the two businesses which were allegedly sharing sensitive data inappropriately and without adequate consent.

George Kidd, Chief Commissioner said: “These key investigations highlighted the importance of transparency when buying and selling data, in particular, data which is perceived to be sensitive. Businesses need to do their due diligence to assure themselves that the data they are buying is properly sourced and permissioned before they pass it on to other parties. When data is bought and sold across an extended supply chain and it is not clear as to the source or origin of that data, this will result in the public frustrations which we have seen from consumers and which have been highlighted in recent press coverage”.

Please see here for links to our two adjudication summaries – B2C Data and Data Bubble.

click for more information

Information Tribunal gives Reactiv Media increased fine 17th April, 2015


The Information Tribunal has awarded Reactiv Media an fine of £75,000, increased from £50,000 during an appeal hearing held in York last week. Reactiv had consistently called consumers registered with the Telephone Preference Service (TPS).


The story begins last year, when Reactiv Media, then a DMA member, was investigated by the Direct Marketing Commission (DMC) for making nuisance calls about spurious PPI claims to consumers registered with the TPS.


The DMC concluded that Reactiv should be expelled from the DMA in April 2014.


George Kidd, chief commissioner of the DMC said, “Other telemarketing companies have worked with us and turned past problems around. Those who use companies like Reactiv Media to generate leads share a responsibility. They should not be encouraging firms to bend or break rules that are there to make sure the public’s wishes are respected when it comes to telemarketing.”


Reactiv Media then came under the scrutiny of the Information Commissioner.


Between 13 November 2012 and 31 December 2013, the TPS received 481 complaints about Reactiv Media, and referred those complaints to the Information Commissioner. The Information Commissioner received a further 120 complaints.


In July 2014, the Information Commissioner issued a fine of £50,000 to Reactiv Media for ‘bombarding people’ with nuisance calls. The full notice is here.


Reactiv Media then appealed this decision.


In the appeal decision, which reported its findings on 13 April, the tribunal concluded that Reactiv Media displayed, “A culture of denial and minimisation of the breach, weak governance of the company and a tendency to blame others rather than accept responsibility. There is little evidence of robust policies and procedures coupled with a culture which properly respects telephone subscribers and their right to privacy.”


In addition, when the Information Commissioner awarded the initial fine, it had limited access to Reactiv Media’s financial records, and was “Hampered in its consideration by the lack of co-operation from the company.”


The appeal hearing gave greater access to the company’s finances, and concluded that not only should the sanction stand, but the fine should be increased by 50% to £75,000.


Assistant manager of the TPS, Arthur Cummins, was a key witness. “Mr Cummings, Assistant Manager of TPS demonstrated the robustness of the procedures used by the TPS to ensure that only eligible complaints were processed. He confirmed that Reactiv had been in the top 20 most complained list for five months in 2013, most recently in October 2013 but had not figured subsequently. He gave clear and convincing evidence which the tribunal accepted.”

By Ed Hall, DMA PR & Content Manager


click for more information

Consumer complaints – is the industry pouring money down the drain? 25th February, 2015

Congratulations to the Direct Marketing Foundation for commissioning research into complaints about one-to-one marketing.

I am not saying I buy into all the numbers and every conclusion in the report – particularly the millions of complainants implied when the sample data is extrapolated. But I feel the research tells us a lot.

It shows direct marketing is all but universal – 95+% of those surveyed were getting mail, e-mail and calls. Unfortunately, two-thirds or more of those surveyed had an issue with the marketing received. And only one in four to one in ten “complainants” were satisfied with the outcome of their complaint.

That is an awful lot of hacked-off people. What does the report tell us about why?

It tells us we have little feel for the cumulative effect of all the marketing that is going on. Firms may make no more than 2 repeat calls a day or send e mails only every third day ….but any single individual might be getting 10-20 calls a day and 50 -100 e-mails a week when everyone’s messages are tallied.

It tells us different forms of marketing have different impacts on people and that these differences in tolerance are still there when the volume of marketing goes up or down.

It tells us people place huge value on relationship and relevance: that they are far less likely to complain and far more likely to engage if they have a past relationship with the entity that is marketing and the material is relevant. Unsurprisingly, they also respond best when there is a value-exchange: when there is something for them as well as something for you in the engagement.

It tells the industry it should be more honest in its messaging. I see too many cases at the DMC with invented and transitory trading names to conceal lead generation as the real purpose of a call or mailing to understand. I see why the public are sceptical and cynical. Are you really doing yourself a favour with this sort of badging? It makes business sense for customers to get to know you. If you don’t want them to do that perhaps we or others should be looking at the sense in your business?

It tells the sector that it needs to listen more: 91% of those surveyed said it should be easier for people to opt out of receiving marketing, and 82% said they feel badly towards organisations that send irrelevant material.  Are you pouring money down the drain when you needn’t?

There’s a message here saying preference services need to work. If they do not the complaint levels will be higher than if the service had not been there in the first place.

Reading across the report there are a couple of big-picture messages I took. The first is that “one size does not fit all”. It has been painfully obvious through the PPI personal injury debacle that there are firms in this and perhaps every sector who have no long-term ambitions, little or no brand to promote or protect and whose “business model” is anchored in reckless prospecting or marketing designed to confuse or mislead.

It’s all very well Which? saying every firm should have a director charged with data responsibilities and for Future Foundation to laud O2’s complaint handling. Not everyone is O2. Not every business aspires to be O2.  What works for mobile networks does not work for funeral directors and what works with them does not work with affiliate marketers for pension-miss-selling claim management companies! Regulators need a better understanding of the dynamic of markets and the drivers in them.

This goes to my second thought – we need to look generally and then on specific issues at the best way to put the customer first. Future Foundation seem to want more and more of us to complain in the expectation the Government and its agencies will get tougher and tougher and the world will become a better place. I do not think this old-school approach works.

I believe in a Pre-empt, Prevent, Protect agenda – working to build understanding, compliance and coverage as DMA has with its new Code, doing risk assessment work as we have started to do with possible new cold-call activity and heading problems off through prevention where possible and far faster targeted “protection” work when necessary. In that regard the mechanical way state regulators seemed to respond to the PPI issue could be a case study in how not to do things. Doors are being bolted but many of the horses have gone. Let’s learn a little!

click for more information

Industry watchdog: “marketers must look beyond complying with the law to complying with consumers’ wishes to earn trust and avoid complaints” 23rd January, 2015

The head of the one-to-one marketing industry’s watchdog, the DM Commission (DMC), has said that marketers must now look beyond “complying with the law” to following principles that “put their customer first” to win trust, create effective marketing and prevent consumer complaints.

The comments, made by the DMC’s chief commissioner George Kidd, follow the publication of the watchdog’s annual report this month (January 2015). The report recorded 103 investigations into companies alleged to be in breach of the DMA Code, the one-to-one marketing industry’s self-regulatory code of best practice.

The majority of complaints received were from consumers about invasions of privacy and so-called ‘sharp practices’, and were backed by thousands more complaints to bodies including the Telephone Preference Service and the Information Commissioner’s Office. Two companies were expelled from DMA membership following investigations by the DMC.

The DMC is the independent watchdog responsible for enforcing the DMA Code. In August 2014, the DMA launched a new principles-based code of practice. The new DMA Code comprises five principles that make putting the customer first the priority, rather than just complying with the law.

According to Kidd, the majority of complaints logged and investigated would have been avoided if marketers followed these principles and complied with the interests of their customers:

“The overwhelming majority of marketers understand the law and know what they can and can’t do when it comes to using people’s data. However, there are many who play fast and loose with the rules. As the nature of the complaints show, consumers don’t focus on whether or not marketers are or are not breaking a law or regulation. They are angry when they feel deceived or misled when their requests for privacy are ignored and when they think their personal information is being sold on. 

“Marketers therefore must look beyond complying with the law and standards of best practice to complying with their customers’ wishes. Doing so is essential for creating effective marketing, earning consumer trust and preventing complaints. Following the DMA Code is the route to putting their customer first at all times.”

This month (January 2015), the DMC has appointed its new independent commissioner.  Dr Simon Davey will succeed The Very Revd. Professor Martyn Percy, Dean of Christ Church, Oxford, who has now completed his term of office. Dr Davey is a former Chair of the Standards Committee for the London Borough of Bromley and is an associate of Cass Business School’s Centre for Charity Effectiveness. He is the founder of Emerging Scholars, a programme to grow ability, belief and character in disadvantaged girls and co-developed Inspire IT to empower marginalised young people.

The DMC’s annual report can be downloaded from:


click for more information

The DMA’s New Code of Practice – George Kidd, Chief Commissioner reports 26th August, 2014

As Chair of the Direct Marketing Commission (DMC) I am pleased to announce some revolutionary work in self-regulation in direct marketing.

The Commission enforces the DMA Code of Practice, which applies to over 1000 DMA members and helps to protect consumers and create a climate for innovation and investment. Complaints to the DMC are relatively few in number but they are often an indicator of a problem with wider impact that needs to be addressed. In recent cases our intervention based on one or two direct complaints ended practices that had actually generated over 1,000 complaints to the Telephone Preference Service, the ICO and others.

The DMA Code we inherited was over 170 pages long. It contained extracts from legislation, industry-specific rules and packets of best practice. And it was structured based on a series of sub-sectors of marketing like mobile marketing, direct mail, data collection and telephone centre operations. It proved “more is not better”. It was hard to read, let alone follow. It made little sense for consumers and chunks of it were of little relevance to us as the enforcement arm.

You can view the new DMA Code of Practice here. It is wholly outcomes-based and anchored in the principle that businesses must put customers first. It focuses on four core themes:

Respect for privacy
Being honest and fair
Treating data with care
Taking responsibility to deliver what you promise

The Code rules run to only five pages. The whole document including annexes and glossaries is just twelve. It is simple, clear and strategic in nature. It gives enforcers scope to apply good judgement. It is a framework that is inclusive: spurring businesses to commit, not scaring them off. It is also a framework that should have meaning and relevance across the marketing spectrum for member and non- member companies alike, raising standards to the benefit of consumers.

The Code is not a stand-alone. As part of this exercise the DMA has updated the guidance it gives members on laws, compliance and responsible and effective marketing right across the board. The DMA Guides detail how members can achieve the outcomes set out in the DMA Code.

No Code or piece of legislation is a “cure-all”. There are challenges to address the collection and use of data, with the permissions people give to sharing of information and with preference service schemes that allow us to manage what we receive. We want self-regulation to be a valuable and effective part of the mosaic of consumer empowerment and protection alongside the ICO, Trading Standards, Citizen’s Advice and others who work to educate, inform and protect.

I think it is hugely to the credit of the direct marketing industry that they have invested in this Code, in the legal and other compliance advice they give and in the Commission as an investigative and adjudicatory body. I think the importance of industry setting and giving meaning to standards will matter more and more in a digital world in which state agencies may not have the remit or capacity or processes to deal with every risk and challenge.

I hope you find the Code stimulating. Just having the confidence to use those seven words shows how very different it is!

click for more information

New industry code promotes ‘responsibility above and beyond compliance’ 4th August, 2014

Adopting the DMA’s new code of practice will be central to the industry’s efforts to address customer concerns about one-to-one marketing such as data sharing, according to the trade body’s executive director Chris Combemale.

Speaking at the launch of the new DMA Code, which covers all data-driven marketing activity, Combemale said that it will change the industry’s mindset:

“We’ve taken a new approach to self-regulation that recognises the need to focus on principles that go above and beyond compliance with the law. It’s perfectly easy to follow all of the details of regulation and yet fail to meet the expectations of the customer, such as how you use their data.Gonflables Noël

“Our Code centres on five principles to inspire the industry to serve each customer with fairness and respect. Marketing with customers not at them is imperative to fostering trust and achieving commercial success.”

The DMA is now encouraging other businesses to adopt the code, which comes into force in two weeks on Monday 18 August.

According to Combemale failure to do so will come at a cost to UK plc:

“The hero principle of ‘putting your customer first’ demonstrates the evolution of our industry. Each marketer and organisation should see one-to-one marketing as an exchange of value between its business looking to prosper and its customer looking to benefit.

“Data fuels the digital economy, so earning customer trust is a commercial imperative. Brands must make every effort to ensure that they always collect and use consumers’ data in ways that they expect and benefit from.”

The DMA developed the Code after an 18-month consultation process with industry stakeholders, including practitioners as well as government regulators Ofcom and the Information Commissioner’s Office. The Ministry of Justice and Department of Culture, Media and Sport also provided input.

The DMA Code will be enforced by the industry’s independent watchdog, the DM Commission.

The DMA Code is backed by a series of channel-specific ‘guides’, which cover recommended best practice and compliance with regulations.

More than 1,050 corporate members of the DMA, which includes the industry’s top agencies, adhere to the DMA Code as a condition of membership.

The DMA Code and guides are available via the DMA’s website:

click for more information

DMA expels PPI nuisance caller from membership 11th April, 2014

The DMA has expelled Reactiv Media from its membership after the industry’s watchdog upheld complaints made about the company for making PPI nuisance calls.

The Direct Marketing Commission (DMC) received complaints from consumers registered with the Telephone Preference Service (TPS) about West Yorkshire-based Reactiv Media for unsolicited live calls on PPI mis-selling between April and September 2013. The DMC found failures over consumer consent, the requirement for named third-party permissions and identifying themselves when making calls and concluded that DMA rules banning calls to people registered with the TPS had been broken.

Reactiv Media, whose callers presented themselves as representatives of a ‘consumer helpline’, were warned by the DMC of their obligations as a DMA member, but failed to respond to requests to review and change their processes and continued to generate complaints about their activities.

Julia Porter, chair of the DMA board, commented:

“Putting the customer at the heart of your one-to-one communications is essential to building trust in your brand and trust in the channels you use. Reactiv Media refused our help to ensure they adhere to the law and our code of practice, which is there to protect the consumer and the reputation of the industry. It is for this reason we had to strip the company of its DMA membership.”

George Kidd, chief commissioner of the DMC, added:

“This is an unfortunate outcome. Other telemarketing companies have worked with us and turned past problems around. Those who use companies like Reactiv Media to generate leads share a responsibility. They should not be encouraging firms to bend or break rules that are there to make sure the public’s wishes are respected when it comes to telemarketing.”

click for more information

Industry watchdog calls for reforms to marketing data sector 3rd February, 2014

Industry watchdog calls for reforms to marketing data sector

The direct marketing industry’s watchdog, the DM Commission (DMC), has called for “root and branch reforms of the data sector to tackle practices that are playing a role in causing consumer complaints about the direct marketing industry, particularly about nuisance calls and text messages.

Investigations made by the DMC over the past 12 months into consumer complaints about unwanted direct marketing contact have identified common underlying problems regarding the source and use of data as being responsible for the majority of cases.

Some of the worst cases highlighted in the DMC’s annual report published 3rd February 2014 reveal a lack of understanding or, more seriously, a lack of concern, by some about whether they had the necessary arrangements in place to ensure their activities complied with regulations and industry best practice. In particular, the cases reveal common failures in companies to be able to cite the provenance of consumer data, whether the data has been ‘cleansed’, or if it’s been tested for accuracy and the necessary permissions.

According to George Kidd, the DMC’s chief commissioner, the industry must move quickly to address the fundamental problems in the data sector:

“The volume and nature of complaints we investigate show that we need to take a root and branch look at how companies collect, source, sell and test consumer data. Some business make fantastic creative use of data, delivering offers and services that are tuned to our personal needs and preferences. But there are times when other preferences and rights – not to be sent messages and calls which we have not agreed to or have said we do not want – are being ignored as companies pursue short-term gain, most obviously in the personal injury and Payment Protection Insurance fields. It’s not acceptable for businesses in the data business not to be able to explain where their data and the permissions on its use came from or for firms to dupe those they mail and call with mock surveys and research that open the door to sales and marketing calls, texts and emails from total strangers. 

“There is no magic solution to these problems of privacy and the misuse of data, and it will require a concerted effort in the industry to find solutions to the problems. It’s essential that this is guided by the principle of ‘putting the customer first’. Failure to do so will ensure that complaints about our industry will continue to rise and consumer confidence in direct marketing will decline.” 

In September of last year, the DMC’s chief commissioner George Kidd gave evidence at the Culture, Media and Sport Select Committee’s inquiry into nuisance telephone calls and text messages, where he argued for the need for creating a co-regulatory body to tackle the issue of unwanted contact. Currently, responsibility for telemarketing and mobile marketing is spread between Ofcom and the Information Commissioner’s Office. The DMC supports these regulators but worries that neither body arguably has the resources, singular focus or the organisational build for dealing with thousands of complaints and engaging with industry to make sure these problems do not recur.

 Rosaleen Hubbard, an independent commissioner of the DMC, commented in the annual report that:

“Unacceptable practices, such as nuisance calls, should not be allowed simply because the plethora of regulators and complaints bodies across the sectors results in consumer confusion. Given the multitude of regulatory frameworks within which direct marketing companies work, formal cooperation with statutory and regulatory bodies from other bodies should be further developed to enable the DMC to most effectively handle consumer complaints.”

The DMC’s annual report can be downloaded from:



click for more information

« Older Entries