View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
February 4, 2019

Audit of Data Practices to Follow as ICO Fines Leave.EU and GoSkippy

“It is deeply concerning that sensitive personal data gathered for political purposes was later used for insurance purposes; and vice versa. It should never have happened.”

By CBR Staff Writer

The Information Commissioner’s Office (ICO) will review the data protection practices at Leave.EU and Eldon Insurance after both companies accumulated combined fines of £120,000 for serious breaches of electronic marketing laws.

Eldon Insurance (trading as Go Skippy Insurance) and Leave.EU were investigated last November as part of the ICO’s review of data analytics use in political campaigns.

The investigation revealed that both organisations were ‘closely linked’ and that: “Systems for segregating the personal data of insurance customers’ from that of political subscribers’ were ineffective.”

The ICO discovered that Leave.EU had unlawfully send out nearly 300,000 political marketing messages to customers of Eldon Insurance. While the insurance company was found to have committed two unlawful direct marketing campaigns by sending more than one million emails to Leave.EU subscribers without first getting the proper consent.

For its part in the breach Leave.EU has been fined £15,000 for using the insurance company’s customer data unlawfully to send marketing messages to 300,000 people.

However, both companies were also fined as part of a second incident where 1,020,661 emails were sent to Leave.EU subscribers offering them 10 percent off GoSkippy insurance. No users had given consent to be target by this marketing. The ICO fined Leave.EU £45,000, while Eldon Insurance received a fine of £60,000.

Audit of Data Practices to Follow

Elizabeth Denham Information Commissioner commented in a released statement that: “It is deeply concerning that sensitive personal data gathered for political purposes was later used for insurance purposes; and vice versa. It should never have happened.”

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

“We have been told both organisations have made improvements and learned from these events. But the ICO will now audit the organisations to determine how they are using customers’ personal information.”

As part of their ongoing audit of both organisations the ICO has notified them that they will be conducting further investigation into how personal data is processed within each organisation and their data protection practices will be observed.

The ICO assessment notice gives them access to the joint office shared by Eldon insurance and Leave.EU, with the ICO warning in their report that: “It is a criminal offence to obstruct an ICO audit or destroy information covered by it.”

See Also: .EU Domain No Longer Applies Post-Brexit Warn UK, Europe

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.