As I’ve written on several occasions recently, the sending of direct marketing emails without the consent of the recipient is, as a general principle, unlawful under European and domestic law.
The Information Commissioner’s Office (ICO) guidance makes clear that promotion of a political party, campaign or candidate is “direct marketing” for the purposes of the Privacy and Electronic Communication (EC Directive) Regulations 2003 (PECR):
We take a broad view of what constitutes marketing and are satisfied that it is not only the offer for sale of goods or services but also includes the promotion of the aims and ideals of any organisation including political campaigns.
On 20 July I noted this on the Liberal Democrats’ home page
A campaign to end Female Genital Mutilation is a worthy one (and not a party political issue) and one I’m happy to put my name to. However, I did have my suspicions, so set up a new email address, entered that into the box, and clicked “I agree”. There was no indication of what would happen with my email address once I had done this, although there was, at the very foot of the page, a small unobtrusive link to a “privacy policy” (of which more later).
What did happen was, firstly, and straight away, I received the following email
which was fair enough. At the foot of that email was this message
again, fair enough, and that should be the end of my engagement with the Lib Dems.
But, you will perhaps be unsurprised to hear, it wasn’t. Two days later I received this, from Lynn Featherstone MP
which at least was on the subject of FGM, but I was surprised she considered herself my “friend”. And two days after that I found I’d made another friend:
So, a few days after I’d expressed my support for a non-party-political campaign, I was on first name terms with a political party leader, who was sending me an unsolicited marketing email. Which takes us back to PECR, and consent, and my myriad previous blog posts.
I thought I’d check exactly what the Lib Dems website privacy policy says. Of course there’s the usual guff about taking privacy seriously, but it goes on to say
If you provide your email address…we may use the email address to send you further information in the future. You may at any point request not to receive such information any more.
And there it is, in clear terms – a statement of non-compliance with the law. They cannot, under regulation 22(2) of PECR, infer consent to receive marketing emails merely because someone has provided an email address. I will be complaining to the Lib Dems, and, if necessary, the Information Commissioner’s Office.
informationrightsandwrongs 
I have initiated a court claim against the Lib Dems as, after I contacted my local MP on a constituency issue, he gave my name and email address to his campaign team who promptly openly included my details in a mass email (ie. they weren’t blind-copied)! I’ve also raised a complaint with the ICO and the Parliamentary Complaints Commissioner. So far, the MP’s defence has just been to say that my complaint should be directed at the national party, not him personally, presumably because they have better legal insurance. He has refused to apologise or explain the Data-Protection breach. Unbelievable arrogance!
Pingback: The Lib Dems’ digital rights bill – an empty promise? | informationrightsandwrongs