Last week several news sources, including Sky, The Drum, Yahoo and The Register reported that Roddy Mansfield won damages against John Lewis for acting unlawfully in use of email marketing.
So you can understand why this ruling was made and what you should do I’ve summarised here:
- Case background
- The soft opt-in law
- The reason for the judgement
- The key missing fact
- This was a County Court case brought by an individual.
- County Court case decisions are not binding. Other judges may make different decisions.
- There is no law report we can refer to since this was settled in a small claims court. This means the exact details of what and why are not available.
- The settlement amount is not known. However, small claims courts are limited to £10,000. I’d hazard a guess the actual amount was a lot below this.
In the news report from Sky they also note that “it is the third time Mr Mansfield has secured damages for receiving unsolicited emails but the first time an individual has won damages following a ruling on the legislation”.
The soft opt-in law
The practice of soft opt-in is to default someone to opting in, whilst providing a clear statement of this and a means for them to opt-out, typically a pre-ticked box.
Defaulting someone to opt-in is allowed under specific conditions. These are given in the Privacy and Electronic Communications Regulations (PECR) Regulation 22 (3) that states, a person may send or instigate the sending of electronic mail for the purposes of direct marketing where:
- that person has obtained the contact details of the recipient of that electronic mail in the course of the sale or negotiations for the sale of a product or service to that recipient;
- the direct marketing is in respect of that person’s similar products and services only; and
- the recipient has been given a simple means of refusing (free of charge except for the costs of the transmission of the refusal) the use of his contact details for the purposes of such direct marketing, at the time that the details were initially collected, and, where he did not initially refuse the use of the details, at the time of each subsequent communication.
The ICO also published updated guidance on interpretation of PECR in September 2013 and the DMA published clarifications on this and consent last month.
The reason for the judgement
Most of the reports say that Roddy Mansfield browsed the John Lewis website, registered for an account and chose not to opt-out of communication.
The judge ruled that John Lewis had not fulfilled the three conditions necessary in the PECR regulation, in particular that there had been no negotiation for the sale of a product or service.
Right now the John Lewis registration form does not use a pre-checked box. This may have been changed as a result of the case.
The key missing fact
The Register reports more details than other news sources. They report Mr Mansfield was in fact browsing the Waitrose site. Waitrose is part of the John Lewis Partnership and as a result of his actions on the Waitrose website received emails from John Lewis.
The Register goes onto to say that “Mansfield filed his court case after browsing the website of Waitrose – the food retail arm of the John Lewis partnership – to check the price of a home delivery. Waitrose’s website demands all potential customers supply an email address before it allows access to the home delivery finder. Crucially, Mansfield browsed away from Waitrose’s website without buying anything”
This implies the email address was collected by Waitrose account registration form. At time of writing this form continues to use soft opt-in:
The case appears to rest on the fact that browsing a website does not constitution negotiation of a sale.
The missing key fact is what exactly did Mr Mansfield do? Did he simply view products (browse) and register or did he put products into his basket? All reports say it was just browsing.
I believe this is a big difference.
It’s the difference between walking into a high street shop and just looking around versus taking a product from the shelf and putting into a basket and going to the checkout.
Only John Lewis and Mr Mansfield know the exact details of the case and its hard to make any decision without the missing facts.
The John Lewis website account registration doesn’t use soft opt-in whereas on the Waitrose site (part of John Lewis) does. The safe approach is not to use soft opt-in on account registration when no sale is taking place. However, anywhere when there is a clear negotiation, such as checkout processes, quote requests a soft opt-in would still appear to be fine. None of the reports suggest it was soft opt-in during such a process that was deemed unlawful.
In summary, the case hasn’t really changed anything. It remains true that you must ensure you meet the PECR rules and in particular when using soft opt-in that negotiation of a sale is taking place.