Data Protection Commission welcomes outcome of latest round of prosecutions of marketing offences

The Data Protection Commission (DPC) welcomes the outcome of three prosecution proceedings taken in the Dublin Metropolitan District Court before Judge Halpin, earlier this week. The cases were brought by the DPC against three companies and, in each case, the DPC had issued previous warnings following investigations carried out on foot of previous complaints made to the office.

Sky Ireland Limited

Sky Ireland Limited pleaded guilty to one charge of sending unsolicited marketing SMS text messages to a customer after the customer notified the company that he did not wish to receive such communications.

Previous Warning:

The DPC previously issued a warning to Sky Ireland Limited in June 2019. This followed the investigation of a complaint from a member of the public in relation to marketing telephone calls and requests for opt-outs not being respected.

Google Ireland Limited

Google Ireland Limited pleaded guilty to two charges of making unsolicited phone calls to a customer after the customer notified the company that he did not wish to receive such communications.

Previous Warning:

The DPC previously issued a warning to Google Ireland Limited in July 2023. This followed the investigation of a complaint from a member of the public in relation to unsolicited phone calls made to the complainant’s phone number without consent.

Stella Novus Limited

Stella Novus Limited pleaded guilty to two charges of sending unsolicited emails to a customer after the customer notified the company that he did not wish to receive such communications.

Previous Warning:

The DPC issued a warning to Stella Novus Ireland in June 2023. This followed the investigation of a complaint from a member of the public in relation to the sending of unsolicited emails without consent.

In each of the three cases, the Court directed the companies to each make a contribution of €1,500 to the Little Flower Penny Dinners charity and to discharge the DPC’s legal costs, in lieu of a conviction and fine.

DPC Deputy Commissioner Graham Doyle commented:

“The three companies prosecuted this week all employed third-party data processors to conduct the electronic direct marketing in question. It’s important that data controllers who engage processors to process personal data on their behalf remember that they remain responsible for the actions of those processors in respect of that personal data..”

It is critical that before engaging in any electronic marketing activities, companies are satisfied that their third-party providers can ensure that valid and up-to-date consent of the individuals on their marketing lists has been obtained and that their opt-out mechanisms are fully functional.”