Skip to main content
Skip to navigation

Regulatory Enforcement

Easylife fined $1.5M under GDPR for profiling customers

By Kyle Brasseur2022-10-07T13:42:00

The U.K. Information Commissioner’s Office (ICO) fined catalog retailer Easylife 1.35 million pounds (U.S. $1.5 million) for marketing health-related products to individuals without their consent.

Easylife used the personal information of 145,400 customers in an attempt to predict their medical conditions for targeted marketing campaigns in violation of Article 5 of the U.K. General Data Protection Regulation (GDPR), the ICO stated in a press release Thursday. The alleged misconduct occurred from August 2019 through August 2020 and included the processing of special category data, which is largely prohibited under the GDPR.

Easylife was further fined £130,000 (U.S. $145,000) resulting from a separate ICO investigation into more than 1.3 million predatory marketing calls made in violation of the Privacy and Electronic Communications Regulations (PECR).

THIS IS MEMBERS-ONLY CONTENT

You are not logged in and do not have access to members-only content.

If you are already a registered user or a member, SIGN IN now.

Related articles

Premium
Ruling in Experian GDPR case thrusts ‘legitimate interest’ into spotlight

2023-02-28T13:00:00Z By Neil Hodge

Experian won a legal battle against the U.K. Information Commissioner’s Office after the data regulator ordered the credit reference agency to make “fundamental changes” over the way it handled personal data for direct marketing purposes or stop altogether.
Article
TikTok facing $29M fine over U.K. children’s privacy violations

2022-09-26T15:55:00Z By Neil Hodge

The Information Commissioner’s Office warned social media platform TikTok it could be fined £27 million (U.S. $29 million) for failing to protect children’s data in line with the U.K.’s version of the General Data Protection Regulation.
Article
Clearview AI fined third time for GDPR violations

2022-07-14T18:05:00Z By Kyle Brasseur

The Hellenic Data Protection Authority in Greece fined controversial facial image aggregator Clearview AI a record €20 million (U.S. $19.9 million) for unlawfully processing the biometric data of Greek citizens.

More from Regulatory Enforcement

Article
Former startup CEO gets 7 years in prison for $175M fraud against JPMorgan Chase

2025-10-08T18:28:00Z By Adrianne Appel

Charlie Javice, a former CEO who duped JPMorgan Chase into purchasing her start up company for $175 million, has been ordered to forfeit more than $22 million by the Department of Justice (DOJ) and to spend 7 years in jail.
Article
Georgia Tech to pay $875,000 for allegations brought by compliance officers

2025-10-07T16:08:00Z By Adrianne Appel

Georgia Tech Research Corp. (GTRC) has agreed to pay $875,000 to settle allegations first raised by two compliance officers that its cybersecurity protocols violated acceptable standards for defense contractors, the Department of Justice (DOJ) said.
Article
Tractor Supply Company hit with $1.35M fine for alleged California privacy violations

2025-10-06T17:12:00Z By Adrianne Appel

Tractor Supply Company has agreed to get into compliance with California’s consumer privacy law and to pay a $1.35 million fine—the largest yet by California—to settle allegations it violated the privacy rights of customers and job applicants.