Vote Leave fined £40,000 for unlawful text messages
It's the latest fine in a string of penalties for unlawful political advertising
The Information Commissioner's Office (ICO) has fined the Vote Leave campaign 40,000 for sending unlawful and unsolicited text messages prior to the 2016 EU referendum.
The ICO's investigation found that the campaign sent 196,154 text messages to people which included campaign propaganda and in most cases, links to the campaign's website where recipients could find out more.
Vote Leave was unable to provide the ICO with evidence to show recipients of the messages had given their consent which is a key component of electronic marketing law, as set out by the Data Protection Act 2018.
ICO fines Leave.EU and Arron Banks' insurance £120,000 over marketing law breaches General Data Protection Regulation (GDPR)
"Spam texts are a real nuisance for millions of people and we will take action against organisations who disregard the law," said Steve Eckersley, ICO director of investigations. "Direct marketing is not just about selling products and services, it's also about promoting an organisation's aims and ideals".
"Political campaigns and parties, like any other organisations, have to comply with the law," he added.
Vote Leave responded to the investigation by saying it had acquired people's details from enquiries originating from its website, from individuals who had responded via text to promotional leaflets and from entrants to its football competition which promised at 50 million cash prize.
The prize could be won if entrants correctly guessed the result of all 51 matches in the 2016 Euro Tournament hosted in France, the chances of which were placed at one in 5,000,000,000,000,000,000,000 (five sextillions). For reference, the odds for winning the UK lottery are placed at one in 14 million.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Vote Leave said that after the referendum ended, the organisation deleted all evidence of the consent it relied upon to lawfully distribute the text messages. Details of the phone numbers from which the messages were sent and the volume of messages sent and received were also deleted.
IT Pro tried to contact Vote Leave for a statement but communication channels to the organisation seemed to have been abandoned.
This is the latest fine in an ICO crackdown on misuse of data in political advertising. In February 2019, Leave.EU was fined on two separate occasions on the same day. Firstly, similarly to Vote Leave, it was fined 45,000 for sending unsolicited direct marketing emails without consent and then a further 15,000 for sending almost 300,000 unsolicited communications in a single day without required consent.
On the same day as the Leave.EU fines, 1 February 2019, Eldon Insurance was fined 60,000 for instigating the sending of unsolicited direct marketing emails without consent - we're sensing a theme here.
The ICO publishes detailed guidance on political campaigning and direct marketing explaining the legal obligations organisations have to comply with the Privacy and Electronic Communications Regulations (PECR).
Connor Jones has been at the forefront of global cyber security news coverage for the past few years, breaking developments on major stories such as LockBit’s ransomware attack on Royal Mail International, and many others. He has also made sporadic appearances on the ITPro Podcast discussing topics from home desk setups all the way to hacking systems using prosthetic limbs. He has a master’s degree in Magazine Journalism from the University of Sheffield, and has previously written for the likes of Red Bull Esports and UNILAD tech during his career that started in 2015.