I am not a lawyer, but I’m pretty certain that most commercial litigation strategies will be along the lines of “don’t waste lots of money fighting a low-value case which sets no precedent”. And I know it is a feature of such litigation that some companies will not even bother defending such cases, calculating that doing so will cost the company much more, with no other gain.
With this in mind, one notes the recent case of Sky News producer Roddy Mansfield. His employer itself reported (in a piece with a sub-heading “John Lewis is prosecuted…”, which is manifestly not the case – this was a civil matter) that
John Lewis has been ordered to pay damages for sending “spam” emails in a privacy ruling that could open the floodgates for harassed consumers.
Roddy Mansfield, who is a producer for Sky News, brought the case under EU legislation that prohibits businesses from sending marketing emails without consent
The case appears to have been brought under regulation 30 of The Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR). Those regulations, as the title suggests, give effect to the UK’s obligations under the snappily titled Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector. Regulation 30(1) of PECR provides that
A person who suffers damage by reason of any contravention of any of the requirements of these Regulations by any other person shall be entitled to bring proceedings for compensation from that other person for that damage
It appears that Mr Mansfield created an account on the John Lewis website, and omitted to “untick” a box which purported to convey his consent to John Lewis sending him marketing emails. It further appears that in the County Court Mr Mansfield successfully argued that the subsequent sending of such emails was in breach of regulation 22(2), which provides in relevant part that
a person shall neither transmit, nor instigate the transmission of, unsolicited communications for the purposes of direct marketing by means of electronic mail unless the recipient of the electronic mail has previously notified the sender that he consents for the time being to such communications being sent…
Assuming that this accurately reflects what happened, I think Mr Mansfield was probably correct to argue that John Lewis had breached the regulations: the Information Commissioner’s Office (ICO) guidance states that
Some organisations provide pre-ticked opt-in boxes, and rely on the user to untick it if they don’t want to consent. In effect, this is more like an opt-out box, as it assumes consent unless the user clicks the box. A pre-ticked box will not automatically be enough to demonstrate consent, as it will be harder to show that the presence of the tick represents a positive, informed choice by the user
For a detailed exposition of the PECR provisions in play, see Tim Turner’s excellent recent blog post on this same story.
I’ve used the word “appears” quite a bit in this post, because there are various unknowns in this story. One of the main missing pieces of information is the actual amount of damages awarded to Mr Mansfield. Unless (and it is not the case here) exemplary or aggravated damages are available, an award will only act as compensation. It has been said that
The central purpose of a civil law award of damages is to compensate the claimant for the damage, loss or injury he or she has suffered as a result of another’s acts or omissions, and to put the claimant in the same position as he or she would have been but for the injury, loss or damage, so far as this is possible
So I doubt very much whether the award to Mr Mansfield was anything other than a small sum (so the albeit tongue-in-cheek Register reference to a PILE OF CASH is very probably way off the mark) . I have asked him via his twitter account for details, but have had no reply as yet.
Perhaps the most important aspect of this story, though, is the extent to which it indicates the way the courts might interpret the relevant consent provisions of PECR. As this was a case in the County Court it sets no precedent, and, unless someone decides to pay for a transcript of the hearing we’re very unlikely to get any written judgment or law report, but the principles at stake are profound ones, concerning how electronic marketing communications can be lawfully sent, and about what “consent” means in this context.
The issue will not go away, and, although I suspect (referring back to my opening paragraph) that John Lewis chose not to appeal because the costs of doing so would have vastly outweighed the costs of settling the matter by paying the required damages, it would greatly benefit from some proper consideration by a higher court.
And another important aspect of the story is whether behaviours might change as a result. Maybe they have: I see that John Lewis, no doubt aware that others might take up the baton passed on by Mr Mansfield, have quietly amended their “create an account” page, so that the opt-in box is no longer pre-ticked.
UPDATE: 7 June
In a comment below a pseudonymed person suggests that the damages award was indeed tiny – £10 plus £25 costs. It also suggests that John Lewis tried to argue that they were permitted to send the emails by virtue of the “soft opt-in” provisions of regulation 22(3) PECR, perhaps spuriously arguing that Mr Mansfield and they were in negotiations for a sale.
informationrightsandwrongs 
I don’t think compensation is really a solution to this problem. Apart from anything else, the parasite end of the market would probably start texting people asking them in they want to claim compensation for spam emails. The rules should work to protect us all, rather than allowing opening doors to the few who can be bothered to sue – which is why I think we should encourage / push those who make and enforce those rules to tackle the mischief overall.
Mansfield claimed £150 per email. The District Judge awarded him just £10 plus £25 costs. Small beer, he’d probably have have earned more busking outside the court. He states on Twitter that he’s done this before, so can hardly claim to be ignorant; but ‘previous’ is not taken into consideration. The DJ ruled on PECR 22(3)(a), John Lewis claimed that Mansfield had entered into negotiations by creating an account online. I mean, why would anyone create an account if they weren’t going to make a purchase? I wonder if Mansfield is engineering these situations for publicity.
That’s really interesting, and would rather confirm my suspicions – thanks.
Pingback: Ticking off Neelie Kroes | inforightsandwrongs
Pingback: Law and Media Round Up – 23 June 2014 | Inforrm's Blog
Depending on the cost I might be interested in purchasing the court transcripts. My company is currently “under attack” by someone doing something similar. They are intentionally entering into a sales dialogue with us by requesting pricing information via our website – which we of course provide, and then attempt to contact them…and then they claimed a PECR breach and sent us an invoice for £500 and shortly followed by a debt collector letter! Some people need to “get a life”…
To be clear – please tell me where/how I would purchase the transcript…
If you can find out which county court this was heard in, you can submit form EX107 http://hmctsformfinder.justice.gov.uk/HMCTS/GetForm.do?court_forms_id=161. I’ve asked Mr Mansfield for some further info but not heard much yet. I’ll ask him if he can say which court it was.
If you respond to a specific enquiry (i.e. person asks you to tell them something), then the contact is solicited: no breach. If as part of a sale or negotiations for a sale, you tell them explicitly that you will send them marketing about similar products or services and offer them an opt-out, equally, you’re fine.
But if you have sent them marketing outside these specific conditions, whether or not the £500 claim is valid (probably not), PECR may well have been breached.