The ICO has fined STS Commercial Ltd. £60,000 for sending unsolicited texts. Cashfloat explores the ‘name and shame’ scheme and how STS Commercial Ltd. reacted.

- The problem of unsolicited texts, emails and phone calls
- How the investigation into STS Commercial Ltd came about
- The ICO verdict about the firm’s illegal practices
- How STS Commercial Ltd has reacted to the fine
- Conclusion
We will look at the case of a software development company based in South Wales which has been fined £60,000 for allowing their phone lines to be utilised to unsolicited texts. Before this, we will examine the background to this case. Why are unsolicited electronic communications such a problem? What is the ICO (Information Commissioner’s Office) doing about it? We will explain what the unsolicited text messages sent by the Welsh company were about. We also write about why the firm is facing such a stiff financial penalty from the ICO. Finally, we see how the Bridgend company, STS Commercial Limited, has reacted to the fine. Do they intend to pay?
The Problem of Unsolicited Texts, Emails and Phone Calls
The government and regulators have committed to cut down on the sheer numbers of unsolicited texts, emails and phone calls that Britons receive every day. Regulations make it clear that consumers must give consent before companies share data with third parties. The ICO doesn’t see even the use of affiliated firms as an excuse for leniency. They say that these firms are little more than mail carriers. Ultimately, it’s the companies behind them that must ensure they’re complying with the laws.

The ICO have followed the example of other regulators by carrying out a ‘name and shame’ policy. Since the beginning of 2018, there have been a number of high-profile cases. In January 2018, the ICO fined four companies a total of £600,000. They were fined for automated calls and spam emails/texts. Then a month later, the ICO imposed a fine of £300,000 on Holmes Financial Solutions. They made a total of 8.7 million unsolicited calls over an 18-month period. Since the adoption of the General Data Protection Regulations (GDPR), these fines will get even harsher.
How Did the Investigation into STS Commercial Limited Come About?
STS Commercial Ltd is a company which designs software for firms. They offer financial services such as brokers, direct lenders UK and marketers. During a 3-month period (November 2016-January 2017), SIM cards registered to their company were used to send 27,423 spam text messages which promoted instant payday loans.
The ICO discovered this illegal activity when the network provider, Vodaphone, reported it to the them. They said that it had received 268 complaints through its spam reporting system about unsolicited text messages. The ICO investigates any suspicious activity to ensure that firms abide by the terms of the Data Protection Act and the PECR (Privacy & Electronic Communications Regulations.) This stipulates that consumers have specific rights to privacy about how companies collect and use. They also must give their consent for a third party to use it (also called affiliated marketing.)

The ICO Verdict about the Illegal Practices of STS Commercial Ltd
Upon investigation, the ICO decided to impose a fine of £60,000. (Although this would be reduced by 20% to £48,000 if paid before August 8th.) This heavy fine was partly because neither the firm nor the third party involved could provide supporting evidence that they carried out due diligence checks about how they had compiled data in accordance with regulations. Their case was further aggravated by the fact that they continued to send unlawful messages using unregistered SIM cards even after Vodaphone had cancelled their contract. ICO also felt that there was a lack of transparency about the company and an unwillingness to cooperate with an ongoing investigation.
There was another reason they were penalised. This was because it wasn’t the first incidence of the firm’s lack of respect for the rules. In a previous case, the firm had been let off with a warning. They were reminded of the powers of the ICO and their obligations under PECR. They had been supplied with a link to the ICO Direct Marketing Guidance. Continuing the same marketing practices was seen as a deliberate flouting of the law. This was even after they’d been given the opportunity to clean up their act.
How Has STS Commercial Ltd Reacted to the Fine?
STS Commercial Ltd made a statement on their company website. They said that they plan to appeal against the ICO decision within the 28-day deadline. They claimed that they had been willing to cooperate with the investigation. However, they said, the ICO didn’t give details of the 268 reported complaints. This included the phone numbers of the complainants and the contents of the unsolicited text message. The ICO said that they hadn’t requested this information from Vodaphone because of the time and resources it would have taken. A final decision will be made as soon as their appeal has been concluded.
Conclusion
It is hoped that a combination of the ‘name and shame’ policy and the heavier fines as a result of the GDPR will see the numbers of unsolicited texts, calls and emails fall. Better-informed consumers is a worthwhile goal. But, not when their financial decision-making is the result of spam electronic communications. This isn’t the way that reputable firms offering financial services should be marketing their products.

