Flybe and Honda are fined £83,000 for breaking data rules
The EU's General Data Protection Regulation (GDPR) is coming into effect in May 2018 and businesses have to prepare for this new rigorous regulation. Because of this, companies are beginning to panic and the Information Commissioner's Office (ICO) will not tolerate misuse of people's personal information. These two examples of email reactivation campaigns attracting fines is a warning to all businesses since this is a tactic which is commonly used by marketers to re-engage inactive email subscribers using the techniques in our best practices guide to e-mail engagement.
In August 2016, Flybe sent emails with the subject line, "Are your details correct?" to over 3.3 million people in their database, who had previously opted out of marketing emails. The ICO have now fined the airline £70,000 for breaking the Privacy and Electronic Communication Regulations (PECR) - read enforcement notice and fine details.
In a separate incident, Honda Motor Europe Ltd sent 289,790 emails between May and August 2016 asking individuals, “would you like to hear from Honda?”. They sent the emails in order to clarify the marketing preferences of those individuals they were uncertain of. The emails were sent to those individuals who they had no record of their "opt-in" or "opt-out" information. The ICO fined them £13,000 because of the breach to the PECR - read details.
"Both companies sent emails asking for consent to future marketing. In doing so they broke the law. Sending emails to determine whether people want to receive marketing without the right consent, is still marketing and it is against the law."
- Steve Eckersley, ICO Head of Enforcement
What can we learn from these mistakes?
- Consent has to be given
If you don't have explicit consent to email your clients - DON'T! Even asking for consent is classed as marketing and breaks the PECR.
- No means no
If your client has opted-out of marketing emails - DON'T email them! You are breaking the law by contacting them.
For more information regarding the GDPR or PECR visit our Digital Marketing Laws - GDPR section on the blog or read GDPR guidance from the ICO including new guidance on profiling.