New ICO resource helping firms with direct marketing rules

Often times, direct marketing rules can be confusing and confusing, and companies have to work hard to ensure they are compliant.

A new resource released by the Information Commissioner’s Office (ICO) aims to help companies better understand direct marketing legislation and its legal ramifications.

The guide is intended to help public sector data protection officers get to grips with the application of the rules for advertising messages.

Direct marketing is a broad field and includes any form of advertising or marketing correspondence directed at individuals. This includes text messages, emails, social media messaging, and traditional methods like phone calls and mail.

Additionally, direct marketing can include commercial marketing such as promoting products and services, and goals and ideals such as fundraising and campaigns.

Organizations from any sector can send direct marketing messages, but most messages that government agencies send to the public do not fall under direct marketing rules.

What are the rules

If the messages sent are “necessary for your task or function”, according to the ICO it is not a matter of direct marketing.

In this case, if a message is not direct marketing, there is no need to follow the marketing rules that are part of the Data Protection and Electronic Communications Regulations (PECR). However, you will still need to comply with UK GDPR rules.

According to the ICO, if a sent message falls into the category of direct marketing, authorities must “comply with the marketing rules in the data protection and electronic communications regulations (PECR) when using electronic communications”.

“Messages promoting services that are paid for by the user or collected through donations are generally considered direct marketing,” the ICO said. “This means that if you send such messages electronically, PECR’s marketing rules and the UK GDPR apply.”


Anthony Luhman, ICO director, said the public should have “trust and confidence” in commercial messages: “If you work in the public sector, the law doesn’t prevent you from sending commercial messages if it is necessary for your job or role.

“But there are times when the direct marketing rules apply, and we want to help the public sector get it right.

“Our new guide will help you understand how to send promotional messages in compliance with the law. Done right, the public should have confidence in public sector advertising messages. “

However, whether or not a commercial message is direct marketing, government agencies must comply with the requirements of the UK GDPR, which itself can be confusing and difficult to navigate.

Luhman added, “It’s important to be transparent about what you want to do with people’s personal information, including the types of messages you want to send.”

The UK GDPR gives people a right to object, and this can apply even if your message is not direct marketing. The new guidelines provide more details on when this right can apply.

What are the pitfalls?

According to Martin Sloan, IP, Tech & Data Partner at Brodies LLP, the fact that some messages are classified as direct marketing and others are not can put companies in “some slightly weird places”.

“For example, a message from a local authority about a new household recycling collection service would not be direct marketing, but a message inviting people to sign up for a paid garden waste collection service would be direct marketing.

“In order to determine where the new guidelines apply, a detailed analysis of the law and the public tasks of this authority is required.”

To help companies comply with data protection laws, the ICO published a data sharing code of conduct in December 2020 to provide advice on complying with data sharing laws and to ensure that their data use is fair, lawful and accountable.

It covers several areas including transparency, legal bases for the use of personal data, the new principle of accountability and the obligation to record processing activities.

Sloan continued, “The new guidelines only apply to government agencies. This can frustrate charities and other third sector organizations.

“Retailers and other businesses can rely on the ‘soft opt-in’ exemption under ePrivacy laws for marketing to existing customers. However, this exception only applies to the sale of goods or services, which means that it will not be available to charities if they contact previous supporters for donation purposes or tell them about the charity’s activities.

Sload added: “Although the background to the new guidelines is not clear, those in the third sector may feel disturbed that the ICO failed to take the opportunity to examine the definition of direct marketing in the context of this sector as well.”

Like this:

Like Loading…

Recent articles

Crypto exchanges struggle as El Salvador adopts Bitcoin

Today, Bitcoin is becoming an official currency in El Salvador, and the markets and crypto exchanges seem to be struggling. On...

Schools are back – and time to comply with the ICO’s Age Appropriate Design Code

As of September 2, 2021, the United Kingdom's Information Commissioner's Office ("ICO") expects organizations to use their Age Appropriate Design Code ("AADC"). The...

the ICO wants input on when personal data goes international

You don't have to be a data-focused IT service provider to realize that the UK was lucky enough to receive an adequacy decision from...