The Conservative Party has been fined £10,000 by the Information Commissioner’s Office (ICO) after it was found to have sent unwanted marketing emails.
According to the ICO, 51 people received marketing correspondence from the Conservative Party, despite having opted out of communications.
An investigation by the data regulator found that the emails had been sent in the name of Boris Johnson in the days after he became Prime Minister in July 2019.
The emails in question promoted party political priorities and included links directing them to a website for joining the Conservative Party.
Between the 24th and 31st of July 2019, the Conservative Party was found to have sent out more than one million marketing emails.
The ICO noted that the Conservatives had received permission to send marketing emails to some recipients. However, the 51 in question had not given their consent to receive correspondence.
Guidance issued by the regulator sets out the law around direct marketing emails, which are defined as being any communication of advertising or marketing material directed at particular individuals.
“It is against the law to send marketing emails to people unless consent has been freely given. This is contained in Regulation 22 of the Privacy and Electronic Communications Regulations 2003 (PECR),” the regulator said.
The party also failed to ensure that records of those who had unsubscribed from marketing emails were properly transferred when it changed email provider in 2019.
Ahead of the December 2019 General Election, the ICO said the party engaged in an “industrial-scale marketing email exercise” that saw nearly 23 million emails circulated.
This campaign, which took place while the ICO was still investigating, led to a further 95 complaints.
- How the digital skills gap is hampering tech adoption among UK SMEs
- Reform needed to make purpose-driven business the “new normal”
- Five stupid things about enterprise file storage
Stephen Eckersley, ICO Director of Investigations, said that while political messaging is a staple of any healthy democracy, political parties must ensure they adhere to regulations.
“It’s really concerning that such large scale processing occurred during the ICO’s ongoing investigation and before the Conservative Party had taken all the steps necessary to ensure that its processing, and database of people who would receive emails, was fully compliant with the data protection and electronic marketing regulations,” he said.
“The Conservative Party ought to have known this, but failed to comply with the law,” Eckersley added.
This isn’t the first occasion in which the ICO has raised concerns over how political parties manage and process data.
In November last year, an audit of political parties’ data protection compliance highlighted serious issues with transparency and the use of data in campaigning.
Subsequently, the ICO recommended specific actions to improve data protection transparency for a number of parties, including the Conservatives, Labour Party, Liberal Democrats, Scottish National Party (SNP), and Plaid Cymru.