Both Littlewoods Ireland and The Irish Times were given the opportunity to donate to charity in order to avoid criminal sanctions after both were found guilty in separate cases of breaching data protection laws.
Littlewoods Ireland and The Irish Times pleaded guilty to one charge each of sending an unsolicited marketing email to individuals who had previously attempted to opt out of receiving such emails. Readers will be aware that the Irish Office of the Data Protection Commissioner ("ODPC") has previously targeted unsolicited marketing campaigns including similar cases against Eir and Imagine, reported in our December Alerter here.
Littlewoods Ireland and The Irish Times both stated that human error had been behind the sending of the unsolicited emails. In The Irish Times' case, they stated that the human error had occurred in the setting up of the automated service that issued marketing emails to customers.
The Assistant Data Protection Commissioner, Tony Delaney told Mr. Justice O'Neill that companies using electronic marketing must be cognisant of data protection/e-privacy laws and must have in place robust testing procedures for the technology behind their databases.
Mr. Justice John O'Neill stated in Dublin's District Court that the cases against The Irish Times and Littlewoods Ireland would be struck out if both made donations to suicide prevention charity, Pieta House.
Following Mr. Justice O'Neill's judgment, the ODPC stated that its "three-prong approach" of guiding, supervising and prosecuting organisations to foster compliance with marketing regulations had been successful and had resulted in a reduction in the number of complaints from individuals in relation to the marketing regulations.
The ruling is a salutary lesson to all companies engaging in electronic marketing, including companies that issue "newsletters" or "updates" to customers to be aware of the provisions of the E-Privacy Regulations.
We recommend that organisations ensure that any databases or computer systems used for electronic marketing are secure, robust and fit-for-purpose, bearing in mind the provisions of the E-Privacy Regulations and the Data Protection Acts.
Workers involved in the set up or operation of computer systems used for electronic marketing should be fully briefed on the significance of complying with the Data Protection Acts and the consequences should a breach or error occur.
A press release about the cases is available here.