A few thoughts, but a little abstract as its not possible to know what
exactly they did, and what they marketed.
1. One of the most "difficult" (if not ridiculous) aspects of PECR is
the focus on who the "subscriber" is rather than the recipient of the
email address. Technically, the opt-in is only needed if you send to an
account subscribed to by an individual. They thought roberts.co.uk was
a UK company. It is I infer your and your wife's private domain and so
you are "individual subscribers" (unless you run a company who acquired
it!). They should have got an opt-in. The problem is - as they say -
how does anyone know that a domain name is an individual's or an
employer's?
A common technique to overcome this is use an opt-in mechanism when
dealing with consumers and an opt-out mechanisms when dealing with
businesses. The implication of their response is that they are
targeting businesses and short of saying (as some no doubt would) always
use opt-in, what can they really do to check whether roberts.co.uk is
not Roberts Industries Inc or whatever?
2. If PECR rules applied, then opt-in should be used unless it is of
similar goods and services of the SAME data controller. This will have
been breached if they "bought" the database in (as the response
suggests), unless your wife opted-in of course.
3. In any case, they would to me have breached DPA by keeping the
information so long and not using it. A rule of thumb is that you
should "touch" the people on your marketing dbase once a year; if not,
it becomes stale.
Renzo Marchini
Counsel
Dechert LLP
+44 (0) 20 7184 7563 direct
+44 (0) 20 7184 7001 fax
[log in to unmask]
www.dechert.com
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Griffiths, Ian
Sent: 18 January 2008 12:53
To: [log in to unmask]
Subject: Re: [data-protection] Response to a complaint about unsolicited
email .. (All co.uk addresses must be businesses!)
Sounds reasonable. Perhaps next time they will add a field in the new
table that details where that row came from.
Is she happy with the outcome?
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Nigel Roberts
Sent: 18 January 2008 12:51
To: [log in to unmask]
Subject: [data-protection] Response to a complaint about unsolicited
email .. (All co.uk addresses must be businesses!)
The following was a reply sent to my other half when she complained
about unsolicited mail by telephone ..
Any comments? (I have a few!)
----------------------------------------------------------------------
Dear Mrs Roberts,
Following our telephone conversation, I have investigated our database
and the recent email sending. We had indeed got your email address on
our database; I have now suppressed the domain so that you and anyone
else at that domain will not receive mail again. The source of the email
has been returned on my search as 'unverified'. This is a database we
have not mailed to for some while. This unfortunately means that the
data was collected before December 2003 and as such we cannot be sure
exactly of where the email address was acquired from as we merged a
number of databases before that time. It will have probably come from
one of the following:-
F................
P................
These were purported to be and sold to us as uk companies at this time.
Obviously the .co.uk domains are supposed to be for UK registered
companies and whilst it is no excuse, it is understandable as to how
roberts.co.uk could be mistaken as a UK company.
Please accept our apologies for this mistake in sending you email. As
you are probably aware the ICO is usually the first port of call for
such complaints. We do make every effort to comply with ICO guidelines
and take such matters very seriously. We only have the email address
[log in to unmask] on our database and hold no other details. As I
said, we have placed the domain roberts.co.uk on our domain suppression
list.
I am sorry for any inconvenience caused
----------------------------------------------------------------------
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list
owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your
needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
------------------------------------------------------------
Please consider the environment before printing this email
------------------------------------------------------------
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list
owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your
needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This e-mail is from Dechert LLP, a law firm, and may contain information that is confidential or privileged. If you are not the intended recipient, please delete the e-mail and any attachments, and notify the sender. Dechert LLP is a limited liability partnership registered in England & Wales (Registered No. OC306029) and is regulated by the Solicitors Regulation Authority. A list of names of the members of Dechert LLP (who are solicitors or registered foreign lawyers) is available for inspection at its registered office, 160 Queen Victoria Street, London EC4V 4QQ.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|