LONDON (Bywire News) - The Conservative Party have been fined £10,000 after a report by the Information Commissioner's Office (ICO) found they had committed "serious" breaches of data law following a mass spam email campaign.
The ICO also slammed the party for refusing to properly comply with their investigation.
In July 2019, following Boris Johnson becoming Conservative Party leader and prime minister, the Tories sent masses of unsolicited emails to people outlining their policies on certain issues, and urging the unsuspecting recipients to join the party.
In a single week between July 24th and July 31st 2019, the Tories sent out more than 1.2m emails - 51 of which were found by the ICO to have been sent in breach of data laws.
In addition, during the 2019 General Election campaign, almost 23m emails were sent by the party in an "industrial-scale marketing email exercise" - to which the ICO recieved a further 95 complaints.
However, in their report, the regulator speculated that the true scale of breaches could span into many thousands "because the party has not been able to provide sufficient or clear evidence as to the extent to which lawful and valid consent was provided for all of those emails", adding:
"The Party is unable to provide consent information in relation to the 549,030 non-member recipients."
The ICO report went on to state that the breached occurred because, following a switch in email provider, the Tories did not properly update their records for people who had unsubscribed from receiving emails.
Following the publication of their findings, the ICO Director of Investigations, Stephen Eckersley, said that the Tories had "failed to comply with the law", adding:
“The public have rights when it comes to how their personal data is used for marketing. Getting messages to potential voters is important in a healthy democracy but political parties must follow the law when doing so. The Conservative Party ought to have known this, but failed to comply with the law.
“All organisations – be they political parties, businesses or others – should give people clear information and choices about what is being done with their personal data. Direct marketing laws are clear and it is the responsibility of all organisations to ensure they comply.
“The sending of nuisance marketing emails is a real concern to the public and the ICO will continue to take action where we find behaviour that puts people’s information rights at risk.”
Moreover, the report found that the Conservative Party repeatedly refused to comply with their investigation, stating:
"The party repeatedly failed to provide responses within time periods set, even when those periods were extended."
"The commissioner does not consider that this was satisfactory compliance with reasonable requests from the statutory regulator."
And the report also exposed the fact that the Conservative Party did not have "any relevant written policies" in place regarding data laws and email marketing campaigns.
A spokesperson for the Conservative Party said that they accepted the fine and had since "reviewed and improved our processes" and were now "fully compliant with all prevailing data protection and electronic marketing legislation".
The Tories have been given until July 2nd 2021 to pay the fine.
(Writing by Tom D. Rogers, editing by Jessica Miller.)