This is an interesting case which must strike a chord with anyone that is plagued by spam texts. We mostly ignore this menace, although this should inspire you to take action when you see how this regulated lender was fined by the ICO for a data protection breach.
REGULATED LENDER DATA PROTECTION BREACH
Provident Personal Credit were fined £80,000 by the Information Commissioner’s Office (ICO) for employing third party companies to send up to 1m unsolicited text messages to promote its Satsuma loan products. It is likely that more texts were sent by other affiliates that the ICO were not aware of.
The ICO imposed the fine as recipients had not agreed to receive the messages.
The ICO’s head of enforcement, Steve Eckersley, said that the law was very clear. “You can’t send marketing texts to people who have not signed up to receive them” he said. “Being bombarded with texts you didn’t ask for and don’t want is an intrusion into people’s privacy, an irritation and, in the worst cases, can be upsetting. Companies have no excuse whatsoever for sending nuisance texts, whether they do it themselves or employ someone else to do it for them”.
The ICO has the power to impose a financial penalty of up to £500,000 for breaches of data protection law. In reality, it rarely touches that threshold. This watchdog has teeth and it is not afraid to use them.
All it took was 285 complaints out of over 1m recipients for the ICO to take action for this data protection breach.
GDPR AND CONSUMERS
Consumers are becoming increasingly savvy about GDPR. A former work colleague got a textbook result by referring to GDPR about misdirected post. Morrisons paid a heavy price when a malicious employee breached GDPR and leaked staff salaries into the public domain.
You can report spam texts free of charge by forwarding them to 7726. The network provider will act on it. Data protection breaches can be reported by contacting the ICO.
Have you been affected by spam texts and nuisance phone calls? Do you think this regulated lender was fairly treated by a data protection breach?