Inteligo Media Case Study

Case study: When an “informational” newsletter becomes marketing: C-654/23 Inteligo Media v. ANSPDCP



A newsletter can look like public-interest information and still be treated as direct marketing under EU rules. That is the practical message from Case C-654/23, where the CJEU clarified how the ePrivacy Directive’s email marketing rules interact with the GDPR in a common “free account + newsletter + paid tier” model.


Background

Inteligo Media runs avocatnet.ro, an online publication summarising daily legislative changes in Romania for the general public. 

In 2018 it launched a paid subscription offer (“Premium Service”). At the relevant time:

  • any user could read up to 6 articles/month for free; 

  • to get more content, the user had to create a free account (accepting the Premium Service terms). With that free account, the user got:

    1. two extra free articles/month,
    2. a free daily email newsletter called “Personal Update” (summary + hyperlinks), and
    3. an option to pay for full access + a more extensive newsletter (“Informative Summaries”)

Opt-out mechanics.

  • At sign-up, users could tick: “I do not want to receive “Personal Update”.
  • In each newsletter there was an UNSUBSCRIBE option.

Why the Romanian DPA fined the publisher

In 2019, ANSPDCP fined Inteligo RON 42,714 (~EUR 9,000)for alleged GDPR breaches (Articles 5(1)(a)(b), 6(1)(a), 7), reasoning mainly that Inteligo could not prove express consent from 4,357 users and that it used data for an incompatible purpose (sending the newsletter rather than performing the contract). 

Why the case went to the CJEU. The Romanian court needed clarity on whether this situation should be analysed primarily under ePrivacy Article 13 (rules on unsolicited email marketing) and what that means for the GDPR legal-basis analysis. 


The questions before the CJEU


Question 1 (two parts): Is this within Article 13(2) ePrivacy (“soft opt-in”)?

1(a) Was the user’s email obtained “in the context of the sale of a… service” even though the account was free? 

1(b) Is sending the “Personal Update” newsletter “for direct marketing of its own similar products or services”? 


Question 2: If yes, do we still need to pick a GDPR Article 6(1) legal basis?

If the emailing is done in accordance with Article 13(2) ePrivacy, which GDPR Article 6(1) condition applies? 


The CJEU’s decision


Answer to Question 1: Yes — Article 13(2) ePrivacy can apply


Yes — the “soft opt-in” rule can apply, and the newsletter can be “direct marketing”

The Court held that in a situation like this:

  • the email address can be considered obtained “in the context of the sale of a… service”, and
  • the newsletter can be treated as sent “for the purposes of direct marketing” of the publisher’s similar services.

That conclusion is important because Article 13(2) ePrivacy allows marketing emails without prior consent only if certain conditions are met (more on those below). In other words, the Court signalled that the case may belong in the “soft opt-in” box rather than in a pure “GDPR consent” box. 


Why the newsletter counts as “direct marketing”

Even if the newsletter has informational content, it can still be “direct marketing” when it:

  • pursues a commercial purpose, and
  • is addressed directly to individuals (email in the inbox). 

Here, the Court accepted that the newsletter is designed to entice users towards paid content/subscription (e.g., pushing users to consume their free quota and then subscribe). That commercial function makes it “direct marketing” under Article 13. 


Why a “free account” can still be “sale of a service”

Article 13(2) refers to contact details obtained “in the context of the sale of a product or a service.” At first glance, a free account seems to fall outside “sale.” The Court rejected an overly narrow view.

It pointed to the idea of indirect remuneration: a service may be free for the user but still part of an economic exchange, especially where the free layer functions as a promotional mechanism and the cost is embedded in the paid tier.

Applied to Inteligo’s model:

  • users provided their email when creating the free account under the Premium terms,
  • the newsletter sat within an offer whose main purpose included promoting the paid subscription, and
  • the “payment” element can be satisfied via indirect remuneration reflected in the paid offering.

What “soft opt-in” still requires

The Court also underlines the conditions in Article 13(2): users must have a clear, easy and free way to object at collection and in each message. 

(Those safeguards are what makes the exception acceptable.) 


Answer to Question 2: No — GDPR Article 6(1) is not additionally applicable 

The Court held that where the controller uses the email to send messages in accordance with Article 13(2) ePrivacy, then the GDPR Article 6(1) legal-basis conditions do not apply additionally, because GDPR Article 95 prevents imposing extra obligations where ePrivacy already sets specific obligations with the same objective.

If you comply with the ePrivacy “soft opt-in” rule (and meet its safeguards), the legality of sending those marketing emails is assessed primarily through ePrivacy Article 13(2), rather than re-running a separate GDPR Article 6 legal-basis test for the same activity.

Rich cat

Written By

Anastasiia Klymenko