chapter  12
14 Pages

Advertising and the Impact of the First and Second Principles

This chapter considers the data protection issues that arise when non-targeted

promotions are undertaken. ‘Non-targeted’ in this context, is taken to mean a

promotion that does not involve the use of personal information. Nevertheless, any

promotion offers an opportunity to start to communicate the organisation’s policy on

data protection. Initially the appropriate message may simply be an indication that the

organisation takes seriously issues of confidentiality and security. In addition, data

protection statements can include important information required by data protection

law, such as the name of the party that controls the use of personal data. In most cases

this will be the advertiser, but not necessarily. The status of the organisation can affect

whether or not it is the ‘controller’ of personal information. Three roles have been

identified as relevant: product provider, intermediary and affinity advertiser. The data

protection implications for each when inviting prospective customers to contact them

for further product information are considered below.