Easylife fined £1.48m over illegal customer profiling
Easylife sells problem-solving products in the household, garden and wellbeing categories “to help make life easier”.
However, the catalogue retailer has been fined £1.35m by the Information Commissioner’s Office (ICO) for using personal information of 145,500 customers without their consent.
The ICO revealed it used purchase data to predict their medical condition and target them with health-related products.
As an example, if a customer bought a jar opener, Easylife would use this data to assume they had arthritis where they would then be called and offered glucosamine joint patches.
The ICO said out of the 122 products in its catalogue, 80 were ‘trigger products’ where Easylife would profile the customer and target them with health-related items.
This profiling and ‘invisible’ processing of health data is against data protection law.
‘Predatory’ direct marketing
Easylife was also fined £130,000 for making 1.3 million “predatory” direct marketing calls between 1 August 2019 and 19 August 2020 to people registered with the Telephone Preference Service (TPS).
Under the Privacy and Electronic Communications Regulations (PECR), live marketing calls shouldn’t be made to anyone who has registered with the TPS, unless they have told the caller that they wish to receive calls from them.
The ICO received 16 complaints about Easylife, with people saying they felt angry, anxious, threatened, and distressed in response to their calls. One of the complainants was an elderly hearing-impaired person registered with the TPS who had been unable to hear most of the call, where another individual was mis-sold two subscriptions and required a family member’s help to arrange a refund.
‘Serious breach of people’s information rights’
John Edwards, UK information commissioner, said: “Easylife was making assumptions about people’s medical condition based on their purchase history without their knowledge, and then pedalled them a health product – that is not allowed.
“The invisible use of people’s data meant that people could not understand how their data was being used and, ultimately, were not able to exercise their privacy and data protection rights. The lack of transparency, combined with the intrusive nature of the profiling, has resulted in a serious breach of people’s information rights.”
Edwards added that thousands of predatory marketing calls were made to people “who clearly did not want to receive them”.
An Easylife spokesperson said the firm is appealing the ICO’s fines and expect a decision from the court sometime next year.
They added: “A few years ago we started doing telesales to our customer base. For reasons which have been explained to the Information Commissioner in some detail we failed to screen our customer data against the Telephone Preference Service database, during the period from 1 August 2019 to 19 August 2020. Once we were notified by the ICO about this error we corrected it. Since January 2021 we have screened all our customer data against the Telephone Preference Service database in full compliance with the law and we will continue to do so.
“Easylife fundamentally disagrees with the ICO both that it has broken the law and also in relation to the level of fine imposed, which is out of all proportion to the alleged wrong. On the ICO’s analysis, any business selling both products for use in relation to a given health condition and also other products not related to that health condition, could not select which of its customers to market the health condition products to, based on their previous purchase histories. On the ICO’s view, the business would have to market to all its customers, even those who would be totally disinterested in such products. Many people will surely regard that as an absurd outcome.”