Recent pronouncements by the Information Commission on how data protection laws apply to SMS marketers have ignited fresh controversy over impractical and out of date privacy regulations.
Topic: M-commerce
Who: The Information Commission
When: March 2001
Where: Wilmslow, Cheshire
What happened:
With the explosion of SMS as a communications medium, dictionaries of SMS abbreviations topping the book charts and 25 billion SMS messages predicted to be sent in Europe in 2001, marketers are swiftly seeing the opportunities. As ever, however, the regulators are not far behind. The Information Commissioner ("the regulator formerly known as the Data Protection Commisssioner") has come out and made it plain that in her view automated SMS comes within the definition of "automated calling systems" in the Telecommunications (Data Protection and Privacy) Regulations 1999. If this is right, it means that SMS cannot be sent by means of automated systems unless the recipient has "opted in" (in other words specifically asked to receive such messages) beforehand. Even where automated systems are not used, the statutory Telephone Preference System would apply. The effect of this would be a legal obligation on all those sending SMS to check beforehand with the central database kept by the Direct Marketing Association of all those who have registered to say they do not wish to receive unsolicited calls for direct marketing purposes. Another knock-on effect may be that unless that consumer is told, at the point that he or she is asked to supply their mobile telephone number, that the number may be used for marketing by SMS, the process of data collection may be "unfair" and the number not capable of use without committing an offence under the Data Protection Act 1998.
Is the Commissioner right? It's all down to whether an SMS message classifies as a "call". The Commissioner has already been in a minority of one in stating that unsolicited e-mails classify as "calls" for the purposes of the 1999 Regulations, and the difficulty is that "call" is not identified in the Regulations. The smart money, however, suggests that so far as SMS is concerned the Commissioner may well be right.
Why this matters:
We have already reported on marketinglaw.co.uk that even with prior consent, mobile telecoms services providers are unable to use "location data" for marketing anything other than their own telecom services. They cannot, for instance, pass that data to third parties with the view to their marketing non telecom products to mobile telephone users, even with the users' prior consent. So, if Dame Elizabeth France is right on the SMS point, it is yet another legal trap for digital marketers. Given the limited enforcement resources of the Regulator, however, is the threat theoretical or real?