This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
| less than a minute read

We're not marketing to you, we're just promoting our services...oh wait...

The ICO has fined American Express £90,000 for breach of the direct marketing rules. Amex had sent emails to its credit card customers, promoting the rewards of shopping online with their Amex credit cards, despite some of these customers opting out of receiving marketing communications. 

Amex's defence was that these communications were actually "service messages", which fall outside the direct marketing rules. They claimed the messages just explained to customers how to access the benefits associated with owning a card, which they might otherwise be unaware of. However, the ICO found differently, as the messages encouraged customers to take actions which resulted in a financial gain for Amex.

This decision reminds data controllers of the fine line between marketing and service messages and sends a clear message that the ICO is taking a tough stance on breaches of the direct marketing rules. It may be time for data controllers to review their communications and make sure their comms teams are as up to date on the rules as their legal teams. 

I would encourage all companies to revisit their procedures and familiarise themselves with the differences between a service email and a marketing email, and ensure their email communications with customers are compliant with the law


data protection and privacy, data breaches cyber security, advertising and marketing