Brexit Campaigners Broke Privacy Laws With Spam Texts by David Meyer @FortuneMagazine May 11, 2016, 12:36 PM EDT E-mail Tweet Facebook Linkedin Share icons One of the main campaign groups in favor of Britain leaving the European Union—an outcome everyone’s referring to as Brexit—has been fined £50,000 ($72,345) for spamming people. The U.K. Information Commissioners’ Office (ICO), which is the country’s privacy watchdog, said Wednesday that it was fining “Better for the Country Ltd,” better known as the “Leave.eu” campaign, because it did not get people’s permission to bombard them with text messages. This broke the Data Protection Act (specifically, a part of the law derived from the EU’s ePrivacy Directive). Leave.eu says it will appeal the ruling. Get Data Sheet, Fortune’s technology newsletter. The campaign group bought a list of phone numbers from a third-party supplier and, according to the ICO, should have then properly checked whether those on the list were okay with receiving messages about EU politics. As it happened, those on the list had consented to being contacted about things like “leisure, home improvements and insurance,” but not what Leave.eu exists to talk about. Between May and October last year, Leave.eu sent out unsolicited text messages to more than 500,000 people, prompting 134 complaints to the GSM Association (the big mobile industry body) about receiving spam texts from the campaign. Six people also complained directly to the ICO. “Political parties and campaign groups must follow the same rules as anyone else. That means they must have people’s permission before sending them text messages,” said Stephen Eckersley, the ICO’s head of enforcement. “After considering all the options we decided that enforcement action was necessary.” For more on spam, watch: If Leave.eu did not appeal, and paid up promptly, the campaign would get a 20% discount off the fine. That’s not going to happen, though. “We will be appealing this ICO judgement,” Leave.eu said in a statement. “We hired a reputable data company to act on our behalf who for some reason were not fined by the ICO, even though they gave us written assurances that the data was opt-in data in line with ICO rules. We think the ICO have got this wrong.” The U.K. will hold a referendum on June 23 to decide whether it should leave the EU.