Amex’s £90k marketing fine: Risk-based approach or bold interpretation of PECR?
Only three complaints to the ICO were enough to trigger an investigation. Marta Dunphy-Moriel and Alexander Dittel of Deloitte Legal analyse the case.
American Express was fined £90,000 by the Information Commissioner’s Office (ICO) for sending 4,098,841 direct marketing communications between 1 June 2018 and 31 May 2019 to customers who had either decided not to opt-in or who opted out. The company tried to justify the communications on the basis that benefits and rewards are an integral part of its credit card service as are “service emails” sent for service “benefits reinforcement”.
Undeniably, customer benefits and rewards are an essential part of the company’s credit card service and the main customer attraction. But can it be argued that for the company’s proper performance of contract it is necessary to send communications about benefits and rewards to customers? And given that the service is requested by customers, does that mean that such messages are not “unsolicited” and the rules about unsolicited marketing set out in the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR) are not triggered?
UK Report subscribers please login to access the full article.
If you wish to subscribe please see our subscription information.