The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

The Information Commissioner’s Office (ICO) has fined OSL Financial Consultancy Limited (OSL) £50,000 for illegally sending 174,342 nuisance marketing texts.

The Barnetby based mortgage and loans broker, trading as MortgageKey, came to the attention of the ICO as part of its probe into companies seeking to take advantage of the Covid-19 pandemic with nuisance marketing. Between March and June 2020, the ICO identified a number of complaints about OSL that had been sent to the 7726 spam text reporting service.

The complaints related to nuisance text messages received by the public about a drop in Buy to Let mortgage interest rates. The ICO investigation found 54,205 nuisance texts were sent during the pandemic, with 120,137 nuisance texts sent in the months earlier. Throughout the ICO’s enquiries, OSL relied on the previous consent it said it had obtained from its customers.

The ICO’s investigation found OSL had gathered personal data from people who had contacted them via their website to obtain a quote and then used the data for marketing purposes. People were not offered the option to opt in or out of marketing, and the ICO concluded that valid consent had not been obtained. This is against electronic marketing law.

Natasha Longson, ICO Investigations Group Manager said:

“The rules about electronic marketing are simple and clear. Consent must be freely given and it must not be a condition of receiving a service.

“Nuisance texts, calls and emails are an unwanted and annoying intrusion into people’s lives and we will continue to take action against those that do not comply with the law.”                            

Members of the public who believe they have received nuisance texts, calls or emails, should report them to the ICO, get in touch via live chat or call our helpline on 0303 123 1113.

Full details of the fine are set out in the ICO’s monetary penalty notice.

Notes to Editors

  1. The Information Commissioner’s Office (ICO) upholds information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
  2. The ICO has specific responsibilities set out in the Data Protection Act 2018, the General Data Protection Regulation (GDPR), the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003.
  3. The Privacy and Electronic Communications Regulations (PECR) give people specific privacy rights in relation to electronic communications. There are specific rules on:
    • marketing calls, emails, texts and faxes;
    • cookies (and similar technologies);
    • keeping communications services secure;
    • and customer privacy as regards traffic and location data, itemised billing, line identification, and directory listings.
  4. The ICO has the power under PECR to impose a monetary penalty on a data controller of up to £500,000.
  5. Civil Monetary Penalties (CMPs) are subject to a right of appeal to the (First-tier Tribunal) General Regulatory Chamber against the imposition of the monetary penalty and/or the amount of the penalty specified in the monetary penalty notice.
  6. Any monetary penalty is paid into the Treasury’s Consolidated Fund and is not kept by the Information Commissioner’s Office (ICO).
  7. To report a concern to the ICO telephone our helpline 0303 123 1113 or go to