The Information Commissioner's Office (ICO) has fined the Vote Leave campaign 40,000 for sending unlawful and unsolicited text messages prior to the 2016 EU referendum.
The ICO's investigation found that the campaign sent 196,154 text messages to people which included campaign propaganda and in most cases, links to the campaign's website where recipients could find out more.
Vote Leave was unable to provide the ICO with evidence to show recipients of the messages had given their consent which is a key component of electronic marketing law, as set out by the Data Protection Act 2018.
ICO fines Leave.EU and Arron Banks' insurance £120,000 over marketing law breaches General Data Protection Regulation (GDPR)
"Spam texts are a real nuisance for millions of people and we will take action against organisations who disregard the law," said Steve Eckersley, ICO director of investigations. "Direct marketing is not just about selling products and services, it's also about promoting an organisation's aims and ideals".
"Political campaigns and parties, like any other organisations, have to comply with the law," he added.
Vote Leave responded to the investigation by saying it had acquired people's details from enquiries originating from its website, from individuals who had responded via text to promotional leaflets and from entrants to its football competition which promised at 50 million cash prize.
The prize could be won if entrants correctly guessed the result of all 51 matches in the 2016 Euro Tournament hosted in France, the chances of which were placed at one in 5,000,000,000,000,000,000,000 (five sextillions). For reference, the odds for winning the UK lottery are placed at one in 14 million.
Vote Leave said that after the referendum ended, the organisation deleted all evidence of the consent it relied upon to lawfully distribute the text messages. Details of the phone numbers from which the messages were sent and the volume of messages sent and received were also deleted.
IT Pro tried to contact Vote Leave for a statement but communication channels to the organisation seemed to have been abandoned.
This is the latest fine in an ICO crackdown on misuse of data in political advertising. In February 2019, Leave.EU was fined on two separate occasions on the same day. Firstly, similarly to Vote Leave, it was fined 45,000 for sending unsolicited direct marketing emails without consent and then a further 15,000 for sending almost 300,000 unsolicited communications in a single day without required consent.
On the same day as the Leave.EU fines, 1 February 2019, Eldon Insurance was fined 60,000 for instigating the sending of unsolicited direct marketing emails without consent - we're sensing a theme here.
The ICO publishes detailed guidance on political campaigning and direct marketing explaining the legal obligations organisations have to comply with the Privacy and Electronic Communications Regulations (PECR).
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
ICO admits it's too slow dealing with complaints – so it's eying up automation to cut staff workloadsNews The UK's data protection authority has apologized for being slow to respond to data protection complaints, saying it's been overwhelmed by increased workloads.
-
Data sovereignty a growing priority for UK enterprisesNews Many firms view data sovereignty as simply a compliance issue
-
Elevating compliance standards for MSPs in 2025Industry Insights The security landscape is set to change significantly in the years to come with new regulations coming into effect next year, here's how the channel needs to adapt
-
How ready is your company for NIS2?Supported Content The EU’s latest cybersecurity legislation raises the stakes for enterprises and IT leaders - and ensuring compliance can be a daunting task
-
Top data security trendsWhitepaper Must-have tools for your data security toolkit
-
“Limited resources” scupper ICO probe into EasyJet breachNews The decision to drop the probe has been described as “deeply concerning” by security practitioners
-
Conquering technology risk in bankingWhitepaper Five ways leaders can transform technology risk into advantage
-
Advancing your risk management maturityWhitepaper A roadmap to effective governance and increase resilience
