back to article Data regulator fines HelloFresh £140K for sending 80M+ spams

Food delivery company HelloFresh is nursing a £140,000 ($178k) fine by Britain’s data privacy watchdog after a probe found it had dispatched upwards of a staggering 79 million spam email and one million texts in just seven months. The meal-kit company provides weekly packages of premeasured ingredients with recipes so …

  1. wolfetone Silver badge

    £140,000?

    That's £0.00175 per message.

    Where is the deterrent?

    1. Anonymous Coward
      Anonymous Coward

      Re: £140,000?

      Roughly half a day's operating costs for the entire company, be assured they'll notice.

      1. wolfetone Silver badge

        Re: £140,000?

        Based on their own website, on the minimum amount of 2 people having 3 "recipes" a week - it's 4,002 orders. And that's just based on the "first box" offer which is less than the norm I think.

        So again, that's feck all.

        1. Ochib

          Re: £140,000?

          Profit afer tax for 2021 was 256.30m euros.

    2. Anonymous Coward
      Anonymous Coward

      Re: £140,000?

      Where is the deterrent?

      Deterrent? 8^D !!!!!!!!!!

      Hmm ....

      Me thinks that you - just - don't - get - it.

      Unless you are fresh out of secondary school, you surely know that this has been going on, in the same manner with the same results, for eons.

      There is no deterrent, there has never been such a thing.

      Not with spammers, not with clearly avoidable data leaks, security breaches and other such accidents.

      It is nothing but a very light slap on the wrist albeit soundly applied exclusively for the benefit of the gullible public sitting in the peanut gallery.

      This so that the usual culprits take due notice and strive to be more careful next time.

      And don't get caught out.

      More than anything, because it is very bad for business.

      For both the culprits, the regulators and those controlling the regulators

      .

  2. Ochib

    Should be at least £0.01 per spam

  3. Flak
    Devil

    It is companies like these that make me ashamed to admit I studied Marketing

    However... I have never worked in B2C marketing because it never sat right with me.

    Can we see some proper fines please? £140k for 80M messages is a business expense, not a fine.

    1. My-Handle

      Re: It is companies like these that make me ashamed to admit I studied Marketing

      There's a saying that I'm not quite remembering properly - it's something like

      "When the punishment for breaking the law is a fine, it's no longer a law but a transaction"

      or

      "When the punishment for breaking the law is a fine, it becomes two laws - one for the rich and another for the poor"

      Can anyone remember the actual saying?

      1. Lord Elpuss Silver badge

        Re: It is companies like these that make me ashamed to admit I studied Marketing

        ""When the punishment for breaking the law is a fine, it becomes two laws - one for the rich and another for the poor""

        Caveat to this is when the fine is means-tested. See also: speeding fines in the UK and some other countries, calculated as a percentage of the weekly wage. Ergo: it doesn't matter how rich you are, in theory the fine is intended to hurt everyone equally.

        Unless you're doing a tax dodge whereby your 'declared' income is close to zero, while in the meantime you're living in a 16-bedroom mansion with 8 cars, 12 servants and a separate lodge for the mistress.

  4. devin3782

    The fines should be at least a percentage of global turnover and it should be a tangible integer and not less than 5%

    1. Lurko

      If you fine* people on the basis of turnover, then it harms low margin businesses far more than high margin. So the Apples and Googles of this world would suffer proportionately less than retailers or manufacturers. In this case, on most recent 2022 accounts, HelloFresh were making a significant operating loss of £15m, after interest and tax that rose to £21.9m net loss. I'd hazard a guess that 2023 hasn't been a lot better, if you're losing £15-20m a year you're already pretty short of cash, and even turning the fine into £1m doesn't make the slap more painful. As HF had turnover around £500m, your minimum 5% turnover fine would be just short of £25m. Since HF total assets exceed total liabilities (there's a shareholder's deficit of £62m to balance the books), there's no cash to pay that sort of money, bankruptcy would be the likely outcome, along with redundancy for 2,000 staff. That would be a poor outcome for the regulator and employees.

      I'd guess that (even with the 20% prompt payment discount), writing a cheque for £112k is going to sting, and the company will be mindful that if there's a repeat it'll be a much bigger penalty. The role of a regulator is to inform businesses of their obligations, guide and help them into compliance, and to use penalties and prosecutions as a last resort. In this case, if the ICO are happy that HF have learned their lesson and won't repeat the behaviour, then that's the outcome they want.

      * Technically it's not a fine, it's a Civil Monetary Penalty, and if the company feel the regulator's being heavy handed they can challenge it through the courts. That persuades regulators to use CMPs prudently.

      1. Alan Brown Silver badge

        "bankruptcy would be the likely outcome"

        This is a bad thing?

        "Along with redundancy for 2,000 staff. That would be a poor outcome for the regulator and employees."

        I believe that was the arguement for propping up BL, shipyards and a bunch of other lossmaking businesses for decades - As we saw, it doesn't work

        "Technically it's not a fine, it's a Civil Monetary Penalty"

        That's easily fixed by defining statutory damages - the company then has no leg to stand on (It's why the the American TCPA was so effective - stat damages of $500/call for individual claimants and $15,000/call if the FTC got involved (tripled for wilful violations) - Judges who threw out cases on the basis of "company damage" were given a _severe_ arse-kicking by higher courts, told to apply the penalties prescribed by the law and deal with cases as directed or be removed form the bench

  5. xyz Silver badge

    HelloFresh + spam

    There's a joke in there someplace surely.

    1. Peter Gathercole Silver badge

      Re: HelloFresh + spam

      Hmm.

      Fresh Spam. Surely an oxymoron.

  6. elsergiovolador Silver badge

    Data regulator

    Looks like Data regulator has become as spammer.

    Instead of preventing spam, they are looking for their cut.

    Surely they should be investigated.

    1. Lurko

      Re: Data regulator

      Civil monetary penalties go the the Exchequer, not the regulator.

      Whilst it's tempting to say the the costs of regulation should be recovered from the non-compliant, that would create an incentive for regulators to go round fining people rather than working to try and help businesses into compliance.

      1. elsergiovolador Silver badge

        Re: Data regulator

        Even better, then the state is simply acting like a mafia. You can spam people to your hearts content, just don't forget to pay the regulator "fines" ;-)

  7. heyrick Silver badge

    79,779,279 emails and 1,113,734 texts

    And a £140,000 fine taken as "look, we're standing up to them".

    No, you're not.

    Try £1 per infraction (double for those who asked for it to stop), then we'll talk about having done something.

    1. Anonymous Coward
      Anonymous Coward

      Re: 79,779,279 emails and 1,113,734 texts

      The maximum the ICO can issue by way of CMP is £500k, under the Data Protection (Monetary Penalties) (Maximum Penalty and Notices) Regulations 2010. So they could have set a higher penalty, but not by much in the grand scheme of things, and since this wasn't the worst of possible offences by a long chalk, it might be seen as reasonable given their scope for action. If you want the ICO to fine people more, then you'd need the politicians to increase the maximum penalties, and offer instruction to the ICO that penalties in general need to be higher. Arguably the low limit on penalties is intentional by government to avoid imposing high costs on the sort of big businesses that can do them favours.

      Just because HF sent 80m emails, doesn't mean that all the recipients had a problem with that, many people are happy to receive emails from companies they do business with. In terms of the number of complaints, there were 8,729 valid complaints about HF marketing, so the penalty is about £13.50 per complaint.

      And just for reference, the investigation started because HelloFresh cropped up many thousands of times on the 7726 spam text reporting service. I'm surprised the article didn't mention that.

      1. Doctor Syntax Silver badge

        Re: 79,779,279 emails and 1,113,734 texts

        "many people are happy to receive emails from companies they do business with"

        To some extent a delusion of narcissistic marketroids, otherwise the statistical result of those customers who aren't ceasing to be customers.

      2. tiggity Silver badge

        Re: 79,779,279 emails and 1,113,734 texts

        Most people hate spam mails, companies rely on people just being too busy to complain / not knowing how to do it

        .. as complaint to company will get (usually) ignored or some weasel words reply

        .. I doubt many people * know about the ICO and how to report spam stuff

        Bot those options take time and effort for people with busy lives compared to just deleting a junk mail

        , so end result is offending company can happily trumpet "we only had n complaints".

        * El Reg commentards not representative of general population on IT related knowledge

  8. Martin Gregorie

    Hmmm - is it just a coincidence...

    That this article seems to have a tie-in with this week's BOFH scheme?

  9. This post has been deleted by its author

  10. TheVogon

    Shitty company. Ordered boxes, paid an agreed price with a total and they tried to charge me extra after! Apparently some options were extra - but I paid a stated total after choosing them!

    Being an online subscription I already used a Revolut one time card number so that I didn't have to make any effort to cancel anything so they didn't get their money. but I got my food.

    1. Lord Elpuss Silver badge

      Agree they're shitty. My ex uses (used) them, told me how she'd tried to cancel a number of times, yet they continued to deliver parcels; claiming they hadn't received the cancellation or it was received too late and therefore had to be extended, or was just plain ignored. Then when she stopped paying they tried to take her to court.

      Nasty, scummy practices. Mitigated somewhat by the fact they were doing it to my ex, but that's neither here nor there.

      1. Anonymous Coward
        Anonymous Coward

        They just wrote to me and emailed me for ages. Must have cost them more in postage than the ~£5 I supposedly owed them.

        For small claims court it costs them at least a few hundred quid to submit a case and have a solicitor turn up. Have had that before though for something else. If you say you contacted them to cancel it, very hard for them to prove that you didn't...

    2. anonymous boring coward Silver badge

      For me it's mind boggling that anyone would ever use these companies.

      I guess I don't understand the power of marketing.

  11. The commentard formerly known as Mister_C Silver badge

    What about Harrassment?

    Those peeps who were still getting pestered after cancelling / opting out. And especially after sending "cease and desist" requests.

    That's not spamming, that's got to be harassment. Low level, I admit - nothing like some people have to endure - but still unwanted. Do them for that too. With porridge for the directors, served in a handy mail-order box.

  12. Derezed

    I heard about their abuse years ago. When I stopped using them I phoned them and threatened them with the data protection act as was…that ensured I didn’t get any of their horseshit marketing since. Sad because the product is good, the marketing is toxic so I won’t use them on that basis.

  13. anonymous boring coward Silver badge

    HelloRotten

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like