British telco Virgin Media fined £50k penalty for sending spam emails to more than 400,000 clients who opted-out of marketing emails

Virgin Media could be fined up to £50,000 after British authorities detected the company spammed nearly 500,000 customers, some of whom filed complaints with the Information Commissioner’s Office (ICO) about thousands of unsolicited advertising messages.

This marketing campaign was hidden as a communication message part of Virgin’s newsletter, and would have reached some 451,000 customers of the company. The problem is that these users chose not to receive marketing emails, so the company breached its terms of use.

“You’ve currently said no to receive our marketing messages, which means we can’t keep you updated with our latest TV, broadband, phone and mobile news… You can change your preferences by simply registering or logging into virginmedia.com/optin“, says the message received via email.

A disgruntled customer wrote to the ICO requesting that action be taken against this practice, describing this spam email campaign as “a marketing operation disguised as an attempt to lure customers back into your newsletter.” In response to ICO requests for information, Virgin mentioned that users who received this message had opted out of receiving spam from the company more than a year ago, so they were just trying to see if anyone had changed their minds.

Around 6,500 users decided to enable the reception of emails again, however, the ICO argues that this practice breached the EC Directive, in force in the United Kingdom since 2003 for the regulation of electronic advertising, privacy and communications.

The ICO offered Virgin a £10,000 discount on the fine if it pays before January 9, 2022, although by doing so the telecoms company would waive its right to challenge the British government’s decision. This is an incentive implemented for a couple of years and is offered as a possibility in practically all the cases addressed by the ICO, although apparently most of the accused companies decide to continue with the process and not pay these fines at a discount.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.