ICO issues a huge fine for massive illegal SMS campaign
About a month ago the Information Commissioner’s Office (ICO) issued a £200,000 fine against Help Direct UK for sending spam SMS messages. It’s the ICO’s job to investigate and file enforcement notices against companies who allegedly perform direct marketing without permission via any electronic means.
This isn’t the first time the ICO dealt with Help Direct UK either. Last year they issued an enforcement order after determining the company sent out spam messages regarding pensions. The latest round of messages, which resulted in the fine, were sent in April 2015 and received over 6,700 complaints in less than 30 days.
The messages were all enticing people to visit websites and file claims to recover money from PPI payments, banks, and loans. For example…
“The Banks are refunding customers if they paid a monthly fee on packaged accounts up to 2000, visit www.mybankrefund.com for your refund today or optout.cc”.
Why such a high monetary fine?
The first time the ICO found Help Direct UK in violation of the Privacy and Electronic Communications (EC Directive) Regulations 2003 (which governs all electronic marketing regulations), they were just issued a warning to stop their activities. The most recent round of complaints made it clear, however, they hadn’t stopped their direct marketing activities and in fact may have increased them.
This led to the following statement on the ICO website regarding the fine of Help Direct UK:
“The company has also shown a blatant disregard for the rules by ignoring enforcement action we issued earlier this year. They are now facing the consequences of that decision.”
And there may be more consequences as the statement also alluded to further legal action as disregarding an enforcement notice is a criminal offence.
How companies try to spam
As a law abiding citizen, it’s hard for me to imagine anyone deliberately trying to avoid the law on such a large scale. But obviously it happens. Some companies may be sending spam unintentionally (they aren’t aware of the law), but for most it seems to be a deliberate effort.
That’s the case with Help Direct UK. The ICO investigation revealed they were using unregistered SIM cards to send the messages. They were sending so many messages they must have had what is called a SIM farm (also SIM Hosting or VSIM). This is when someone takes loads of SIM cards and connects them to computers that then send out the SMS messages over the Internet, then into mobile networks via alternate routes (ie. not network authorised).
A SIM card is what makes a mobile phone work with a network. It keeps track of the details of the phone, the owner, the number, and network authorisation information. Unregistered SIMs aren’t “activated” with any network and therefore aren’t usually listed in the spam filters networks use to try and keep out unwanted messages.
Why they spam
Knowing there are serious consequences for violating the PECR, why would companies try to do it anyway? Money.
Companies that send SMS spam usually are trying to generate leads. They are then paid in turn for each lead. Using the example message above, the company probably got paid a fair sum for everyone that visited the mybankrefund URL in the text message and filled out the form to get their bank refund (which was in turn a way to get their info for further marketing, not to give a bank refund).
If it all sounds a little shady, it is. But for some the lure of that money is too strong so they resort to unscrupulous methods to trick people into taking action like visiting a website and giving personal information.
Stay far, far away
Companies that want to use SMS messaging for legitimate direct marketing need to stay away from SIM farms and companies that use them. The ICO investigates complaints and will raid locations where they think SIM farms are based on those complaints. If you run a business and use that SIM farm you can be implicated in the illegal sending of messages even if you aren’t. At the very least you will likely be the subject of an investigation. If you prove you’re following the law then it’s only your reputation that’s damaged. But that can be everything to a business and the hardest thing to repair.
So don’t fall victim, or rather don’t settle for questionable services just because of a low price tag. Per message pricing can be reasonable enough using proper SMS providers (like fastsms). Just do your homework and check out the company you choose before you start. Don’t focus on just the price per message, but on the balance of everything they have to offer.
Starting an SMS marketing campaign can be a daunting task. Gathering explicit opt ins can take time, as you need to make an investment in advertising. So why not just get a jumpstart and buy a list of mobile numbers from an organisation that already has the opt ins? You could do that, but it’s probably harder than just getting people to opt in on their own. Here’s why.
The first thing to remember is that legally, you must give the customer the chance to both opt-in and opt-out of your SMS campaign - but the good news is people are happy to opt-in - 49% of them according to a 2014 survey. So all you need to do is stay compliant and follow some basic guidelines to grow your list.
SMS marketing is very different to most other more traditional marketing tools, specifically because of its short-form, text only nature. This certainly shouldn't put you off though. We have put together our guide to both the best things about SMS marketing and some of the potential problems, and how to work around them.
One of the most interesting use cases for SMS messaging is the financial industry. Just a couple weeks ago I wrote a blog on 7 ways the financial industry can use SMS messaging to communicate with customers. In this blog I'll expand on the topic from a different perspective: personalisation.
Can you send SMS messages to whoever you like whenever you like? If that's what you believe read this article which explains what restrictions apply to broadcast messaging, what is the best way to build a permission based SMS marketing list. Understand that and you can safely make a start.
The UK may be leaving the EU, but the GDPR is still coming. Find out what it means for your business, and your SMS messaging, in our post that looks ahead and reviews the ICO guidance to prepare for the new rules.
How hard is it to use SMS marketing? If you’ve been told it’s complicated, you heard wrong. Using SMS is simple, though there are a few things you should know. This blog shows you how simple it can be, and provides links to useful resources.