Last week, the U.K. Information Commissioner’s Office (ICO) issued a new guidance that further clarifies direct marketing dos and don’ts under the Data Protection Act 1998 (DPA) and the Privacy and Electronic Communications Regulations 2003 (PECR).
Here’s the gist:
For organizations that use the electronic channels of email, text and/or phone calls to send marketing messages, they must obtain “extremely clear and specific” consent from individuals for each form of electronic messages.
And here’s a slight expansion:
When an individual gives consent allowing an organization to send him/her email communications, the organization cannot automatically extend that consent to cover text and/or phone messages. Rather, the individual must specifically and clearly grant consent for each type of electronic marketing communication he/she receives from any organization, currently inclusive of email, text, and phone messages.
Clarified expectations and common sense
According to the ICO, the new guidance for U.K. marketing consent is the first in a series that will “help organis
ations to fully understand their obligations and to promote good practice.”
At 45 pages I wouldn’t call it a quick read, but it’s designed to help companies quickly find relevant information and links about their particular issues and concerns. In my opinion, it’s pretty easily accessible and most of the recommendations and requirements are best practices for digital marketing.
Here are the key recommendations for direct marketers who are based in the U.K. and/or doing business in the U.K.:
- Demonstrate that consent was knowingly given, clear and specific. Do not use pre-checked boxes;
- Carry out rigorous checks before relying on indirect consent (i.e., consent originally given to a third party). Indirect consent is unlikely to be valid for calls, texts or emails, particularly if it is generic or nonspecific;
- Avoid making any automated prerecorded marketing calls without specific prior consent or to any number registered with the U.K.’s Telephone Preference Service (TPS), where customers can opt out of marketing calls;
- Stop sending marketing messages to any person who objects or opts out of receiving them; and
- Make rigorous checks (screen third party data against the TPS) when either buying or selling marketing lists.
Get the ICO’s direct marketing guidance.
Get the ICO’s direct marketing checklist.
Act-On is a member of DMA UK.
David Fowler, Act-On’s Chief Privacy and Deliverability Officer, makes his home in Oregon but hails from the U.K. David is responsible for all issues pertaining to email deliverability and privacy compliance in regard to Act-On’s customers and corporate objectives alike. Follow David on Twitter: @oregonlimey.
David has over 20 years’ experience providing senior leadership in the marketing industry. In the last ten years he has been strictly focused on issues associated with email marketing, deliverability, digital marketing, and privacy compliance. Prior to joining Act-On, David held U.S. and European-based senior management positions focused on deliverability, digital privacy, sales, marketing, business development, and product management with such companies as Marketfish, Lyris Technologies, Blue Hornet / Digital River, and Yesmail.
Photo courtesy of ell brown, used under a Creative Commons 2.0 license.