The ICO still cannot get it through their heads that in the case of my "work email address" the company, Andrews & Arnold Ltd is not the subscriber. They are still saying that the email is for a corporate subscriber because "the company in questions is a Limited company". They think that A&A is like any other company that has a contract with a provider for email. Well, A&A don't. A&A run mail servers and have contracts with subscribers like me. Being a ISP makes us special, it makes us the other side of the contract in the definition of "subscriber". I am trying once again. They declined to answer my simple yes/no questions for some reason.
Anyway, this leads me to ponder a simple service A&A could offer.
When companies buy email from us it is normally for a whole domain, typically a company domain. We contract with the company for the domain, DNS, email and web space, normally.
However, there is no reason, technically, why we could not contract with individual members of staff at a company for their work email address within such domains. As the domain is not "ours", the company would have to give us permission to do that, and the company would no doubt already have clauses covering work email with their staff ensuring they keep it confidential and used for work purposes, so no DPA implications. From a technical point of view the service would be identical where staff access an IMAP mailbox from work computers. The only change would be the contract, which would be between us and individual staff members at a company.
What that would do is make all of those work email addresses come under the definition of "individual subscriber" under the regs. As we would not be their employer, we would not be providing it as part of employment to them, so even the ICOs made up rules on that would not make them corporate subscribers. It would not be the employer contracting with the staff for email, it would be us. This is important as we are providers of public electronic communications services, and our typical business customers are not.
The hassle is the admin of charging people for individual email addresses. Thankfully we do have a very efficient direct debit system in place, so charging even £1 a year or some less would not necessarily mean we lose money.
Do let me know if anyone thinks this is a useful service? Not saying we would definitely offer it yet, and it would really only be sensible if we were to convince the ICO of the validity as well.
Then we just need to push MEPs to make the spam laws cover corporate subscribers anyway.