The ICO has fined American Express £90,000 for breach of the direct marketing rules. Amex had sent emails to its credit card customers, promoting the rewards of shopping online with their Amex credit cards, despite some of these customers opting out of receiving marketing communications.
Amex's defence was that these communications were actually "service messages", which fall outside the direct marketing rules. They claimed the messages just explained to customers how to access the benefits associated with owning a card, which they might otherwise be unaware of. However, the ICO found differently, as the messages encouraged customers to take actions which resulted in a financial gain for Amex.
This decision reminds data controllers of the fine line between marketing and service messages and sends a clear message that the ICO is taking a tough stance on breaches of the direct marketing rules. It may be time for data controllers to review their communications and make sure their comms teams are as up to date on the rules as their legal teams.