How NOT to break the law when marketing

How NOT to break the law when marketing

Posted on Sep 11, 2015

How not to break the law when marketing



  • 3 key areas where mistakes can happen: content, data, consent.
  • This isn’t just about emails or phone calls – as technology moves on so do the specific legal requirements for electronic marketing – whether by text or WhatsApp messages.
  • The financial penalty for breaking the rules can be quite severe: fines can go up to £500,000.


The story in numbers

1,000,000,000 (aka one billion) – the estimated number of solicited calls made in 2014

205,000,000,000 (aka 205 billion) – the number of emails sent and received each day

£500,000 – the maximum fine you could receive if you’re caught breaking the rules

88 – the average number of emails you’ll receive at work each day

12 – the average number of those 88 emails that’ll be spam

£70,000 – the fine the Parklife Weekender festival received for sending unsolicited marketing text messages to festival-goers

801 – the number of concerns registered with the ICO and TPS against Direct Assist Ltd for making unsolicited calls

£80,000 – the fine Direct Assist Ltd received in response

175,000 – the number of complaints made over unsolicited calls in 2014 (UK only)


Which UK laws are relevant to marketing and the aspects they cover

Before we start looking at how not to break the law, it’s probably best to be clear on what we exactly mean by 'law' as there is some specific legislation that is relevant to the topic. Here’s the detail of which laws and a quick summary of the relevant details. For anyone interested in the detail, we’ve also linked to the full legislation for the comprehensive read.


Copyright, Designs and Patents Act 1988

People (ie individuals or companies) can claim copyright on any of their own original content. So, while the rise of the internet and Google’s ability to index data offers you a whole range of content, a large chunk of that information will belong to someone else. Using it within your marketing could result in you ending up in court defending a copyright claim.

Data Protection Act 1998 (DPA)

This focusses on collection, storage and use of personal data, which, if you’re marketing to individuals, is obviously a crucial element of your marketing. The specific legislation coming up next only seeks to enhance those rules specifically in relation to electronic communications.

Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR)

The PECR covers telephone calls, emails, text, picture and video messages, pre-recorded automated calls, voicemails, answerphone messages and fax. It makes the distinction between solicited communication (ie you’ve specifically requested the contact) versus unsolicited content (ie contact that you haven’t specifically requested, eg a text message about a personal injury claim). It puts in places several safeguards around this principle to ensure that people only receive messages they’ve consented to, or you have a ‘soft opt-in’ for. A soft opt-in is where you’ve received someone’s details during a transaction or sale, you’re intending to communicate with them on something relevant to that transaction, and you present them with an easy and free way to opt out.

The legislation also prohibits you passing on someone’s details without their consent. You may have seen this issue crop up in the news lately albeit in a slightly different guise. The data of Samuel Rae (who suffered from dementia) is reported to have been sold on over 200 times after he missed the tick box for not sharing his details. The result of this was Samuel being asked to donate money to charity over 700 times and also losing £35,000 to fraudsters as his data wasn’t only passed on to other charities. It raises the debate about how long someone who has given their consent for data to be shared can reasonably expect the sharing of that data to continue?  Can it be considered infinite consent? In the instance of Samuel Rae, it led to the exploitation of a vulnerable person, and consequently, new fundraising standards for charities are being considered.


The differences between electronic marketing to individuals and organisations

The differences between marketing to individuals and organisations 

Top tips for electronic marketing

  1. Ask yourself – if I received this would I find it annoying? If the answer is yes, maybe think again?!
  2. Is there anything I’m not sure about whether I can do? Check it out – see the list of useful sources of information below or download our free checklist.
  3. Even if you’ve bought in data that is sold as screened against the TPS, you still have an obligation to screen it yourself
  4. Automated dialling technology – does your company have a legitimate need for automated dialling?
  5. Err on the side of asking people to opt-in rather than opt-out so avoid the classic “Tick here if you DON’T want want to receive emails”
  6. Have a clear privacy policy detailing what people can expect from you – great template from the ICO here
  7. Offer a clear, and free, way for people to unsubscribe…
  8. ...and if someone does unsubscribe, stop contacting them. Don’t delete their record, though, as you won’t have a record of their opting out – mark it instead as ‘opted out’ or suppress it in some way.
  9. Identify yourself  along with your company name – however creative an idea it might be to send messages from ‘Mum’, it’ll run the risk of upsetting people and securing yourself a significant fine in the process.

As a handy guide, we’ve created a free marketing checklist for you to download and use alongside your marketing to keep you safe and secure.


Helpful places for further information

Telephone Preference Service -
Information Commissioner’s Office -
Wiki How -


Follow flick learning ltd's board Data Protection on Pinterest.



Related article

Cookies What is data protection and how does it relate to cookie law?

Related courses

Data protection front cover data protection

Data protection in marketing  data protection in marketing 




16 hours, 49 minutes ago

If you and your staff handle, process, or store data as part of your work, you need to complete GDPR training. Why…

2 days, 17 hours ago

Britain to ban 'gagging' clauses used to silence harassment victims. #Bullying #Harassment #Workplace #NDA #MeToo

3 days, 15 hours ago

We know people like to try before they buy... and that's why you can demo all flick courses to make sure they're a…

Flick Learning Ltd

Fargo Studios, 54 Grafton Street, Coventry, West Midlands, CV1 2HW. Copyright 2019 All Rights Reserved. Company No. 09270577