Very: Sitting in the grey area between spam and legitimate email

Back in January, I wrote about an issue I had with Very, a Shop Direct Ltd trading arm. Specifically, they had started sending me marketing emails to an address I supplied when I made a purchase from LX Direct (which no longer exists, and also belonged to Shop Direct Ltd) – my policy when purchasing online is to use unique addresses (so I can monitor when companies abuse those addresses) and to opt not to receive marketing emails either from the companies concerned or any third parties. That clearly means those emails from Very were indefensible. They were spam – it’s as simple as that.

What made the whole situation worse was the unsubscribe link, which took me to an account log-in page. Although I had once been an LX Direct customer, I have never been a Very customer, so I didn’t actually have an account with Very – as far as I knew. It seemed to me, therefore, that in order to stop them sending me emails, I had to create an account – giving them a few more details about myself than I would have liked. Worst still, the end result of the sign up process turned out to be a credit check which, not surprisingly, having given them falsified details – specifically, those for the Information Commissioner’s Office – I failed. I couldn’t create the account, and therefore I couldn’t unsubscribe from those marketing emails.

As it happens, the emails stopped anyway – which makes me a little suspicious now; see my conclusion below – so I didn’t bother to follow up this matter with a complaint to the ICO, which is what I had planned to do at the time.

They stopped, that is, until 8th July, when I received another. I commented about it on Twitter, and left it at that.

Yesterday, I received another. With the subject line “Handy tips to help you stay extra-safe when shopping online” this email was actually a warning about phishing emails, containing some basic advice on the subject – which, given that phishing emails are spam by their very nature, I think is an ironic subject matter for an email that is itself arguably spam.

Today, I decided to send a complaint to the Information Commissioner and, as I started typing the complaint up, I thought I’d better check that what I said back in January was still the case – that in order to stop the emails I’d have to go through a sign-up process and undergo a credit check. However, this time I wondered about something: If they brought my email address across from the old LX Direct website, did they bring the account itself forward (despite that it was merely a one off purchase)? To that end, I clicked the “Forgotten password?” link.

Perhaps I shouldn’t be surprised, but that did actually work – after following the prompts and entering a couple of key things, the system sent out an email containing a link to change the password on an account that, it seems, does exist. So, it appears that this was indeed brought across to Very from LX Direct.

The first thing I did once I was in was look at my “contact preferences” – which looked like this:

My Very account contact preferences
My Very account contact preferences

Apart from one item, those options are very obviously not how I would have set them at the time I made that purchase from LX Direct. I’m inclined to say that these are what I wouldn’t be surprised to see as the default settings, when an account is first set up – which is significant to my conclusion, below.

The first four options concern how the company themselves will contact me with promotional material – post, email, telephone and SMS (text message) – and all are unticked. My preference would be to have them all ticked.

The next option concerns passing my details on to “carefully selected” third parties, and whether I want to receive marketing communications from them – which is ticked to say I don’t want this (which is a good practice default setting).

The final option concerns their behemoth sales brochures – their catalogues. According to that wording they will send them out if the option isn’t ticked. Which it isn’t – which is, again, significant.

(Of course, all of these options are now ticked on my account.)

What I conclude from this, initially, is that at some point someone at Shop Direct Ltd/Very decided it would be a good idea to create accounts for all their old LX Direct customers, importing their basic details (email addresses, postal addresses) – but rather than import their previous marketing options, because they’re creating the accounts, they’ve gained the default marketing settings.

However, it’s interesting to note that I’ve never received any postal marketing from Very – including never having received a mail order catalogue – despite that those default contact settings would allow it.

I strongly suspect that’s because they knew exactly what they were doing when they created those accounts/imported those details – I believe this was done with the deliberate intention of sending marketing emails that they probably shouldn’t be sending, hiding behind the fact that there is an existing business relationship, because they’re sending them to people who purchased from LX Direct. Sending things through the post – especially their catalogues – might prove expensive; many of those customers might have moved on. Sending emails, though, is much cheaper and if any email addresses are no longer valid, it’s no big deal – but for those that remain valid, there’s a chance they could gain more sales, and very little chance of there being any serious repercussions.

In other words, what I think Shop Direct Ltd has done with Very and LX Direct might, in some respects, keep them on the right side of The Privacy and Electronic Communications (EC Directive) Regulations 2003 in that they’re exploiting an existing customer relationship (albeitĀ  questionably) and are providing a method of unsubscribing (albeit hidden behind a log-in for which recipients may need to re-establish access) – but they appear to have disregarded this ex-LX Direct customer’s original marketing options, and are hardly behaving in the spirit of the regulations.

Regardless of whether they believe they can justify their actions or not, the bottom line is this: As far as I’m concerned they’re spammers, and they won’t be receiving any custom from me.

Related posts