21/06/2017

Morrisons has been fined £10,500 for ‘deliberately’ sending 130,671 emails to customers who had explicitly opted out of receiving marketing related to their ‘Morrisons More Card’ – making the national supermarket chain the latest high-profile target of the current campaign by the Information Commissioner’s Office against businesses that flout data protection laws.

The emails were sent in October and November 2016 inviting customers to change their marketing preferences so they could start receiving money-off coupons, the ‘latest news’ from Morrison and extra ‘More’ points.

‘Wm Morrison Supermarkets plc: Monetary Penalty Notice’ explains why sending the emails against their customers’ express wishes placed Morrisons in breach of the The Privacy And Electronic Communication Regulations 2003.

The ICO has recently been urging all UK businesses that process personal data to prepare for the EU General Data Protection Regulation, which will ‘set a high bar for the consent organisations must obtain from customers before using their personal data for marketing’ when it becomes law on 18 May, 2018. The transposition of the regulation into UK law will not be affected by Brexit.