Email-spamming COVID profiteers deleted database with 'key evidence' when UK watchdog came knocking

Fined £40k after probe. Plus: ICO wants your views on its future powers

Fri 9 Oct 2020 // 08:30 UTC

A company that fired out more than 9,000 spam emails promoting face masks has been fined £40,000 by the UK Information Commissioner's Office and ordered to stop doing it.

"The ICO investigation found that the company was not involved in the business of supplying PPE, but that the director had decided to buy face masks to sell on at a profit," the data regulator said in a statement.

Studios MG Ltd, the offending firm, sent 9,000 emails on 30 April as the country grappled with its first national lockdown, intended to halt the spread of the COVID-19 coronavirus.

The firm is also said to have "deleted a database of key evidence which would have shown the full extent of the volume of emails they had sent" after ICO investigators contacted the company.

The Companies House entry for Studios MG Ltd shows that it has one director, Malcolm Graham of Hamersmith [sic], London. In its most recent accounts for the year to February 2019, the company reported net assets of £458. As a micro-entity, its published financial statements are not required to be audited.

Andy Curry, the ICO's head of investigations, said in a canned quote: "We pursued this case because the company broke the law and invaded people's privacy. We will take action where we find systematic flouting of the law and evidence of companies trying to make money from people via nuisance marketing."

The ICO has previously fined firms that were using the pandemic as an excuse to get rich quick through spam.

Separately, the data watchdog has opened a public consultation into its own future, urging the public to express its views on how it exercises "its data protection regulatory functions of information notices, assessment notices, enforcement notices and penalty notices."

The consultation relates to the statutory guidance [draft PDF here] that regulates what the ICO does and how it does it, particularly in the issuing of fines and taking of regulatory action against companies said to have broken the UK Data Protection Act 2018. ®

Topics

Special Features

Vendor Voice

Resources

Security

Email-spamming COVID profiteers deleted database with 'key evidence' when UK watchdog came knocking

Fined £40k after probe. Plus: ICO wants your views on its future powers

More about

More about

Broader topics

More about

More about

More about

Broader topics

TIP US OFF

Other stories you might like

Spam crusade lands charity in hot water with data watchdog

Cops visit school of 'wrong person's child,' mix up victims and suspects in epic data fail

ICO fines spam slinging financial services biz

Reducing the cloud security overhead

Home improvement marketers dial up trouble from regulator

Data regulator fines HelloFresh £140K for sending 80M+ spams

To BCC or not to BCC – that is the question data watchdog wants answered

Britain's Ministry of Defence fined £350K over Afghan interpreter BCC email blunder

Manchester's finest drowning in paperwork as Freedom of Information requests pile up

Watchdog bites back against blockage of $9M fine on US selfie-scraper Clearview AI

Regulator says stranger entered hospital, treated a patient, took a document ... then vanished

UK's cookie crumble: Data watchdog serves up tougher recipe for consent banners

About Us

Our Websites

Your Privacy