An investigation by the Information Commissioner’s Office (ICO) found Exeter-based airline Flybe deliberately sent more than 3.3 million emails to people who had told them they didn’t want to receive marketing emails from the firm.
The emails, sent in August 2016 by Flybe, with the title ‘Are your details correct?’ advised recipients to amend any out of date information and update any marketing preferences. The email also said that by updating their preferences, people may be entered into a prize draw.
The carrier has been fined £70,000 for breaking the Privacy and Electronic Communication Regulations (PECR).
Steve Eckersley, ICO Head of Enforcement, said: “Sending emails to determine whether people want to receive marketing without the right consent, is still marketing and it is against the law.”
“In Flybe’s case, the company deliberately contacted people who had already opted out of emails from them.”
The ICO recognises that companies will be reviewing how they obtain customer consent for marketing to comply with stronger data protection legislation coming into force in May 2018.
Mr Eckersley warned: “Businesses must understand they can’t break one law to get ready for another.”
Any company unsure of the best way to prepare for the change in consent under GDPR should contact the ICO for advice.
The ICO has published detailed guidance for firms carrying out direct marketing by phone, text, email, post or fax. Advice and guidance on data protection law reforms are available on the ICO’s website.