Businesses have been warned to act if their employees use customers’ contact details to send inappropriate messages.
Almost a third of young people have received unwanted contact after giving personal information to a business, the Information Commissioner’s Office (ICO) says.
It said it would remind companies of their legal responsibilities when it came to “text pests” within their firm.
It has urged those subjected to the practice to share their experiences.
Research commissioned by the ICO found that 17% of the public have had their personal information given for business reasons used for a romantic or sexual proposition
This includes 30% of 18-24 year olds, 29% of 25-34 year olds, and 25% of 35-44 year olds.
The most common geographic region is London, where 33% of respondents reported it happening.
It also found that 66% of the public believed the practice is morally wrong. This included 74% of female respondents and 58% of males.
The survey was based on interviews with 2,289 UK adults, and a break down by gender was not provided for those who received the inappropriate messages.
“People have the right to order a pizza, or give their email for a receipt, or have shopping delivered, without then being asked for sex or a date a while later,” said Emily Keaney, a deputy commissioner at the ICO.
“Our research today shows a disturbingly high number of people, particularly young people, are falling prey to these text pests.
“There may be, among some, an outdated notion that to use someone’s personal details given to you in a business context to ask them out is romantic or charming. Put quite simply, it is not – it is against the law.”
The ICO urged companies to ensure they understood their responsibilities.
“If you are running a customer-facing business, you have a responsibility to protect the data of your customers, including from your employees misusing it,” Ms Keaney said.
“We are writing to major businesses, including in food and parcel delivery, to remind them that there are no excuses, and there can be no looking the other way.”
The ICO is the UK’s independent regulator for data protection and information rights law.
