Hey, nice, you got a text message from your mate.
Looks like he’s doing well, too – at any rate, he’s apparently getting his account stuffed with cash even when he’s out of town:
Hi Mate hows u? I'm still out in town, just got £850 in my account from these guys http://www.firstpaydayloanuk.co.uk.
But hang on, it’s not actually from your mate.
That messages and others like them were actually sent by a UK-based payday loan company that just got fined £175,000 ($283,500) for sending millions of spam text messages, in the process needling thousands of consumers who then complained to officials.
The Advertising Standards Authority (ASA), which is the UK’s independent regulator of advertising across all media, had already taken the loan company – First Financial Ltd – to task back in June.
At that time, the ASA said that the SMS spam was unsolicited, was being sent to people who’d registered with Telephone Preference Service so they wouldn’t get this kind of marketing, was irresponsible in encouraging people to take out loans to fund partying, and were misleading in that they pretended to come from people’s friends.
The ASA’s solution: tell First Financial, and the ISP they rode in on, to knock it off.
The ads should not appear again in their current form. We told First Financial and Akklaim Telecoms to ensure text message ads were clearly identifiable as marketing communications and were only sent to those who had given explicit consent to receive them. We also told them to ensure ads did not imply that payday loans were suitable for spending on a social life.
First Financial, apparently, wasn’t convinced.
The Information Commission’s Office (ICO) announced on Tuesday that First Financial was fined after having been found to have sent millions of spam text messages that provoked thousands of complaints.
First Financial was found to have violated The Privacy and Electronic Communications Regulations governing electronic marketing by sending SMS messages without consent.
Thousands of complaints flooded data privacy watchdogs at the ICO, above and beyond the 13 complaints that spurred the ASA’s regulatory action in June.
The ICO investigated, tracing 4,031 of the spammy messages back to First Financial.
In order to avoid detection, the spam texts were sent using unregistered subscriber identity module (SIM) cards.
Despite the use of unregistered SIMs, however, identifying the sender must have been pretty straightforward, given that the messages’ content referred recipients to a website belonging to firstpaydayloanuk.co.uk, which is a trading name used by First Financial.
The company’s former sole director, Hamed Shabani, had been prosecuted on 8 October 2013 after he failed to notify First Financial’s processing of personal information with the ICO, which is a legal requirement under the Data Protection Act.
The ICO reports that Shabani was fined £1,180.66 ($1,912.67), despite trying to claim he had no affiliation with the company.
The Register’s John Leyden reports that, in an effort to avoid prosecution, prior to a hearing in front of City of London Magistrates Court, Shabani had attempted to remove his name from the company’s registration at Companies House.
In its news release, ICO Director of Operations Simon Entwisle said that the office is working with the government to make it easier for them to slap spammers down earlier than in this case:
People are fed up with this menace and they are not willing to be bombarded with nuisance calls and text messages at all times of the day trying to get them to sign up to high interest loans. The fact that this individual tried to distance himself from the unlawful activities of his company shows the kind of individuals we’re dealing with here.
We will continue to target these companies that continue to blight the daily lives of people across the UK. We are also currently speaking with the government to get the legal bar lowered, allowing us to take action at a much earlier stage.
The ICO advises people to avoid replying to unsolicited text messages and to instead report the message using the survey on the ICO website or by forwarding the texts to their network operator at ‘7726’, given that the networks are working to block the worst offenders.
The ICO has also provided guidance for direct marketers that explains their legal requirements under the Data Protection Act and Privacy and Electronic Communications Regulations.
The materials detail how organisations are allowed to market via phone, text, email, post or fax.Follow @NakedSecurity