SMS Marketing: An Essential Guide to PECR
You have probably heard the acronym or full name at some point but do you really know what it means and how it affects you and your business? It is more important than you might realise as it applies to all businesses marketing through SMS text messages (and all other electronic channels). In this article we will explain the basics of the regulations to help you understand the legal responsibilities and best practice to use in your text messaging marketing campaigns.
The PECR is better known as the Privacy and Electronics Communications (EC Directive) Regulations 2003. It exists to safeguard the privacy and use of personal information when used for direct marketing through electronic means. Parts of it crossover with the Data Protection Act 1998 (DPA) and where it does so, both pieces of legislation should be complied with. Unlike the DPA, the PECR is obligatory whether or not you process personal data in the course of your business.
What are the PECR?
The PECR are the UK implementation of an EU Directive or law and enforced by the Information Commissioner’s Office (ICO), same as the Data Protection Act 1998. It sets out rules on how marketing should be conducted through electronic means such as telephone, fax, email, messaging by text, picture or video, automated phone calls as well as other issues such as cookies, telephone directories, traffic and location data and breaches of security. They specifically address how the personal information of individuals should be protected when marketing through these channels. The regulations have been amended four times since it first came in force to keep up with fast paced technological changes.
Who Does the PECR Apply to?
The regulations state that the definition of direct marketing is the same as set out under the DPA: ‘’The communication of any advertising and marketing material which is directed to particular individuals’’. Individuals means consumers, sole traders and some partnerships as well as named individual employees of businesses. Direct marketing to limited companies and other corporations is not covered under the PECR, but best practice is to maintain a ‘do not contact’ list of businesses who have advised they do not wish to be contacted. All businesses involved in direct marketing must follow the rules as well as not-for-profit organisations, like charities or political parties.
PECR rules apply to ‘unsolicited marketing’ when individuals have not requested or specifically agreed to the contact. Where individuals have requested information from an organisation (solicited marketing) this is allowed and the PECR does not apply. However, you need to be aware that if you have had solicited contact with a customer, they have consented to further marketing material (like ticking an opt-in box online agreeing to other offers) and you then send them further marketing at a later date, this could still be considered ‘unsolicited marketing’ under the PECR.
What is Consent?
A central part of the regulations, organisations must get the individual’s consent before sending any direct marketing. Consent is defined by the EU Data Protection Directive as ‘’Any freely given specific and informed indication of his wishes that the data subject signifies his agreement to personal data relating to him being processed’’.
The PECR makes the definition of consent even tighter: “the [recipient] has previously notified the [caller or sender] that he consents for the time being to such communications being sent by, or at the instigation of, the [caller or sender]”. What that means to the average business is that the consent must be given directly to their organisation (reliance on a third party to pass on consent originally given to them might not be acceptable). The time span (or implied time span) of consent is also important – consent for a one-off or short time context will not be considered ongoing consent for further marketing. The individual must also agree to the specific type of communications, if they have agreed to phone calls, that does not cover being able to text or email them.
All organisations are at risk of enforcement action if they cannot demonstrate when required (for example when an individual complains) that they obtained proper consent. Therefore clear records should always be kept of date and method of consent, who obtained it and what information was provided.
SMS Marketing – Obtaining Consent
There should be some form of positive action that the individual needs to take to consent to marketing, such as an opt-in box to tick online, sending an email or an oral agreement (for best practice ensure the results of all methods of consent are recorded on your systems). Invitations to make consent must be accompanied by clear and prominent statements so that the individual understands exactly what they are agreeing to; who you are, content, products and services, method of contact, terms and conditions. Reliance on such statements being included in your privacy policies or terms and conditions is not acceptable as they are not prominent enough.
As far as a time span for consent goes, consent is not valid forever, so you cannot include a clause in your statements that might indicate otherwise. The PECR state that consent is ‘for the time being’. This would basically mean while the marketing content is still relevant and relative to what was originally consented to. The longer time passes, the harder it is to rely on the original consent. The ICO is likely to view that any changes, such as in your marketing direction or relation with the customer will end the original consent.
To ensure the consent is freely given, best practice is for organisations to provide a simple, clear opt-out or refusal option as well. You cannot send emails or texts asking for consent – that in itself is direct marketing defined under the regulations. The ICO advises the use of ‘opt-in’ boxes instead of ‘opt-out’ or pre-ticked boxes (where the user has to untick to consent). Opt-out or pre-ticked boxes are not automatically considered consent as the individual can easily miss or ignore them. If consent is expressly withdrawn by the customer opting out or unsubscribing then you must discontinue sending all forms of marketing immediately. It is advisable not to simply delete all their details from your systems as you should retain proof and have a way of ensuring their details are screened from campaigns.
Marketing Texts and Emails
Marketing texts are included as ‘electronic mail’ for the purposes of the regulations. This is defined in the PECR as: “any text, voice, sound or image message sent over a public electronic communications network which can be stored in the network or in the recipient’s terminal equipment until it is collected by the recipient and includes messages sent using a short message service”.
The first rule is: Always Obtain Consent. All the consent rules laid out above apply, even to viral marketing because if you are ‘instigating’ other people to send a message, the initiator is still responsible for gaining proper consent. Organisations must give their true identity in text messages, not try and hide or disguise it and they must give a clear and simple step to opt-out of receiving further marketing. Best practice with text messages is to allow customers to directly text back to opt-out, a well-known version of this is the phrase ‘STOP’ issued with a number to text.
You must obtain proper consent from all new customers and prospects, but there is a modified rule for existing customers called soft opt-in. This means you can send marketing texts to them if you satisfy three points; that you have obtained their contact details during the course of a sale or sales negotiation with them, you are only marketing your own products and services similar to the initial sale and you have given the person the ability to opt out at the beginning and during every message sent after.
If your business buys in marketing lists or uses third parties to collect contact information and consent then there are further specific and detailed rules under the PECR that should be checked for correct compliance.
At Fastsms, our award winning team of experts are available 24/7 to help your business to make the most of SMS Marketing, one of the most effective and efficient forms of marketing currently available. Call us now on o800 954 5305 to discuss your needs and find out what solutions we can offer, or sign up now for a free trial including 100 messages and give it a go yourself. No payment details or subscription required.
Disclaimer – This article is intended only as general information. It is not intended to be comprehensive or to constitute legal advice. If you need help on a specific issue please seek advice from a qualified legal representative.
Further information and reading:
SMS spam is a problem worldwide. But in the UK, we’re less likely to get it than many other countries. Find out why that is, see some examples, and how you can do your part to keep your SMS messages free of spam.
Yet another company (Quigley and Carter Limited) have been fined by the ICO for not having permission to send SMS messages. In this case, they had outsourced their marketing to a third party who then sent messages on their behalf. So is staying compliant with the regulations regarding SMS messaging so difficult? It doesn’t have to be.
All businesses are subject to the law when it comes to advertising and marketing. Companies cannot make false claims or mislead consumers via advertising materials, for example. Designed to protect consumers and commercial clients, the law regulates most forms of marketing in some way. With companies carrying out various forms of marketing activity, it can be difficult to keep on top of the relevant laws and guidelines. By working with SMS marketing experts, however, you can ensure that your marketing campaigns are fully compliant with the necessary laws and that you’re able to connect with your target audience lawfully and effectively.
You’d think a large, multinational company would have all the resources and planning it needed to run an SMS marketing campaign. But that isn’t always the case apparently. Find out the big mistake this one company made and how you can avoid doing the same thing in this blog.
Late last month reports surfaced that the Trump US presidential campaign had sent unsolicited SMS messages to voters in the Chicago area. One man, Joshua Thorne, and his lawyers have filed a class-action lawsuit alleging the Trump Campaign violated the Telephone Consumer Protection Act (TCPA, the US equivalent of the PECR).
Need to know all about mobile marketing with SMS messaging? We’ve pulled together the top ten blog posts that tell you everything you need to know. The list starts with the basics and goes through analysing the success of your campaign.
Four years ago, reputable commentators in The Guardian were wondering if SMS - short message service or text messaging - had peaked in performance after a two-decade exponential rise. Here we look at the evidence which shows that SMS is not only going strong, but continuing to stand out as an essential marketing channel for many businesses.
Executed properly, SMS direct marketing is a hugely effective and successful means of building customer loyalty and improving sales. But even genuine and honest marketing companies can suffer huge damage to reputation or even break the law through simply lacking knowledge or not double-checking before releasing campaigns. Read this article to learn more about the definitions of spamming and harassment, current UK law and how to avoid simple but costly mistakes.
The first thing to remember is that legally, you must give the customer the chance to both opt-in and opt-out of your SMS campaign - but the good news is people are happy to opt-in - 49% of them according to a 2014 survey. So all you need to do is stay compliant and follow some basic guidelines to grow your list.