The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

Pay day loans company fined £175,000 over millions of spam texts

News release: 17 December 2013


The Information Commissioner’s Office (ICO) has served the pay day loans company, First Financial, with a £175,000 penalty after an investigation discovered that the company was responsible for sending millions of unlawful spam texts.

The Privacy and Electronic Communications Regulations (PECR), which govern electronic marketing, require organisations to have an individual’s consent before sending marketing messages by text. The penalty comes after 4,031 complaints were made against messages sent from numbers which the ICO found to belong to First Financial.

The messages included some claiming to be from the recipient’s friends, reading:

  

That prompted separate regulatory action from the Advertising Standards Authority.

ICO Director of Operations, Simon Entwisle, said:

“People are fed up with this menace and they are not willing to be bombarded with nuisance calls and text messages at all times of the day trying to get them to sign up to high interest loans. The fact that this individual tried to distance himself from the unlawful activities of his company shows the kind of individuals we’re dealing with here.”

“We will continue to target these companies that continue to blight the daily lives of people across the UK. We are also currently speaking with the government to get the legal bar lowered, allowing us to take action at a much earlier stage.”

The spam texts were sent using un-registered SIM cards, which is a common method used to avoid detection. However the content of the message was similar on each occasion and referred recipients to a website belonging to firstpaydayloanuk.co.uk, which is a trading name used by First Financial.

The penalty comes after the company’s former sole director, Hamed Shabani, was prosecuted on 8 October 2013 after he failed to notify First Financial’s processing of personal information with the ICO. This is a legal requirement under the Data Protection Act. Mr Shabani was fined £1,180.66, despite trying to claim he had no affiliation with the company.

Anyone who receives an unsolicited text message should avoid replying and report the message using the survey available on the ICO website. Over 200,000 responses have been sent in since the survey was setup early last year and the information provided is being used to help identify those companies responsible. You can also report spam texts to your network operator by sending them to '7726'. The networks are working to block the worst offenders.  

The ICO has also published detailed guidance for direct marketers explaining their legal requirements under the Data Protection Act and Privacy and Electronic Communications Regulations. The guidance covers the circumstances in which organisations are able to carry out marketing over the phone, by text, by email, by post or by fax.

ENDS

If you need more information, please contact the ICO press office on
0303 123 9070 or visit the website at: www.ico.org.uk.

Notes to Editors

1. The Information Commissioner’s Office upholds information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

2. The ICO has specific responsibilities set out in the Data Protection Act 1998, the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations  2003.

3. The ICO is on Twitter, Facebook and LinkedIn. Read more in the ICO blog and e-newsletter. Our Press Office page provides more information for journalists.

4. Anyone who processes personal information must comply with eight principles of the Data Protection Act, which make sure that personal information is:

  • Fairly and lawfully processed
  • Processed for limited purposes
  • Adequate, relevant and not excessive
  • Accurate and up to date
  • Not kept for longer than is necessary
  • Processed in line with your rights
  • Secure
  • Not transferred to other countries without adequate protection

5. Civil Monetary Penalties (CMPs) are subject to a right of appeal to the (First-tier Tribunal) General Regulatory Chamber against the imposition of the monetary penalty and/or the amount of the penalty specified in the monetary penalty notice.

6. Any monetary penalty is paid into the Treasury's Consolidated Fund and is not kept by the Information Commissioner's Office (ICO).