This site would like to set some non-essential temporary cookies. Some cookies we use are essential to make our site work.
Others such as Google Analytics help us to improve the site or provide additional but non-essential features to you.
No behavioural or tracking cookies are used.
To change your consent settings, read about the cookies we set and your privacy, please see our Privacy Policy

Data Protection Leader

Current Issue (August 2017)

Volume: 14 Issue: 8



About Data Protection Leader:

The monthly law publication which covers all aspects of data protection and data privacy. Topics covered include data transfers and outsourcing, data localisation and retention, the EU General Data Protection Regulation (GDPR), the e-Privacy Directive, data security, marketing and behavioural advertising, consent, employee monitoring, privacy compliance, risk management, DPO responsibilities, accountability, Privacy by Design, acquisition and mergers, the Internet of Things, cloud computing and Big Data / read more

DPL August 2017

Email marketing at your peril


You may not have noticed it, but despite all of the distractions caused by Brexit and the General Data Protection Regulation (Regulation (EU) 2016/679), the UK Information Commissioner’s Office (‘ICO’) has been extremely active on the enforcement front in recent times. One of the features of this activity has been the variety of infringements targeted and, in particular, the focus on e-mail marketing. More specifically, the ICO has taken enforcement action by way of monetary penalties against well-known consumer brands such as Flybe, Honda, Morrisons and Moneysupermarket, for practices that might not have been seen as so out of order in the past. However, given the current tough stance taken by the ICO in connection with direct marketing practices, it would not be surprising to see future enforcement actions in this area.

First of all, let’s get the law right. In the UK, email marketing is subject to the legal framework set out in both the Data Protection Act 1998 (‘DPA’) and the Privacy and Electronic Communications Regulations 2003 (as amended) (‘PECR’). Nearly 20 years ago, the DPA established a right that is well known to marketers and consumers: the simple and absolute right to opt-out of all forms of direct marketing. The PECR are more detailed and set out different rules for direct marketing depending on the channel of communication. For email marketing to consumers, the general rule is prior opt-in consent, but the law provides for an exception to this rule: email marketing is allowed on an opt-out basis for existing customers, if the content of the communication relates to the types of products or services bought. It is a little fiddly but hugely helpful to businesses, of course.

Read more

Search Publication Archives

Our publication archives contain all of our articles, dating back to 2004.
Can’t find what you are looking for?
Try an Advanced Search

Log in to data protection leader
Subscribe to data protection leader
Register for a Free Trial to data protection leader
E-Law Alerts
data protection leader Pricing

Social Media

Follow data protection leader on TwitterView data protection leader LinkedIn Profiledata protection leader RSS Feed