James Watt, the founder of BrewDog, is facing complaints to the UK's data privacy watchdog over emails he sent to thousands of former shareholders as part of a bid to buy back the company. The Information Commissioner's Office (ICO) has been asked to investigate after recipients questioned how Watt obtained their contact details.
Background of the BrewDog Sale and Buy-Back Bid
In March, BrewDog's brand, intellectual property, UK breweries, and 11 bars were sold to US cannabis and drinks firm Tilray for £33 million. The deal rendered shares of more than 200,000 crowdfunding investors worthless. On Wednesday, Watt unexpectedly announced a plan to regain control of the beer company through a new venture called Second Best, with support from 43,000 of those investors, whom he dubbed 'equity punks'.
The proposal involved Watt contacting thousands of shareholders via email, offering them the 'exact same stake in Second Best that you once held in BrewDog, for free'. Several recipients expressed confusion about how Watt obtained their email addresses, raising concerns about potential breaches of the General Data Protection Regulation (GDPR).
GDPR Concerns and Complaints to the ICO
Marc Knox, a former equity punk, said he received the email last Sunday and initially laughed, but after seeing others online questioning how Watt got their details, he considered taking a complaint to the ICO. 'How's this joker got my details?' he asked. The ICO confirmed it is aware of the incident and is assessing the information provided.
Ravi Naik, legal director at data protection specialist AWO, noted that while it is not clear a breach has occurred, the case raises significant questions. 'Key questions are how the people who received the email were selected and whether the email campaign was compliant with the law,' he said.
Watt's Defence and Denial of Wrongdoing
Watt denied any wrongdoing, stating: 'A communication was sent to my fellow shareholders in BrewDog following legal advice, using lawfully obtained data, and in connection with their legitimate interests as shareholders.' He did not explain how the contact details were obtained.
Statements from Tilray and AlixPartners
Neither Tilray nor AlixPartners, the administrator of the remainder of BrewDog, provided any such information to Watt. A Tilray spokesperson said the company 'did not acquire Equity for Punks shareholder data as part of its acquisition of the BrewDog brand and assets; that records system remains under the control of BrewDog plc (in administration).' They added that Tilray 'did not authorise, facilitate, or participate in the communications reportedly sent to former Equity for Punks investors' and that all communications with their customer base are conducted in strict compliance with GDPR.
The ICO has the power to impose fines or compel organisations to change their practices if a GDPR breach is found. The Guardian has approached AlixPartners for comment.



