The online environment has led to an increased level of sophistication in marketing activities carried out by businesses. The technology exists for businesses to develop very accurate profiles of the interests and preferences of their users. This information can be exploited to identify potential customers of their products and services. Businesses can then target large numbers of consumers efficiently and cost-effectively in their marketing campaigns.
The ease with which business can approach individuals and collect data about them has led to concerns about privacy. Individuals’ rights to privacy are laid down in the European Convention for the Protection of Human Rights and Fundamental Freedoms. A raft of legislation has been introduced by Brussels to harmonise privacy rules across the EU, to protect the interests of the consumer and so ultimately build up confidence regarding electronic commerce.
This paper focuses on the two strands of the privacy debate: firstly, the practice of soliciting business through unsolicited commercial communications (that is communications which have not been requested by the recipient) and, secondly, the extent to which personal data may be collected by invisible tracking devices and processed and used for commercial purposes. This paper does not specifically consider the nature of the notifications that organisations engaged in direct marketing are required to provide to individuals from whom they collect personal information.