Institute of Fundraising criticised for confusion over EU data protection rules

Consultant Tim Turner, database manager Matthew Page and academic Stephen Lee say the umbrella body is to blame for the lack of clarity

The Institute of Fundraising is to blame for the sector’s confusion about the new EU data protection rules, critics have said.

Tim Turner, a trainer and consultant on data protection and the Privacy and Electronic Communications Regulations, Matthew Page, CRM database manager at a medium-sized charity, and Stephen Lee, professor of voluntary sector management at Cass Business School, said the IoF had contributed to the lack of clarity on how charities should respond to the new General Data Protection Regulation by failing to issue clear, timely guidance to the sector.

Their comments come after John Mitchison, head of preference services, compliance and legal at the Direct Marketing Association, expressed bemusement at Third Sector’s Fundraising Week that so many charity professionals appeared to believe that opt-in-only systems would be compulsory once the new legislation came into force in 2018. He said charities would in fact still be able to use opt-out-only systems for their mail and telephone fundraising.

In a blog published this week, Turner said the IoF was responsible for much of this confusion because of the body’s "diabolical" Code of Fundraising Practice.

"The problem with the Institute of Fundraising is that its code of practice has created a fog of uncertainty about what is law and what is practice or industry standard," wrote Turner.

In the blog, he criticises an interpretation of unambiguous consent given in a separate article written by Daniel Fluskey, head of policy and research at the IoF, in which Fluskey explained how "to me, ‘unambiguous’ consent seems like a three-stage test".

Responding to this, Turner wrote: "Complying with the regulation isn’t about trying to capture some phantom ethos – it’s clear and unambiguous."

Turner said the IoF had to "stop issuing inaccurate and confusing guidance".

Turner told Third Sector that last year the Information Commissioner’s Office also had concerns about the guidance being issued by the IoF.

A letter sent last August by Christopher Graham, the Information Commissioner, to Peter Lewis, chief executive of the IoF, showed that Graham was worried the code of practice still did not reflect the ICO’s guidance, published in 2013, on calling people who registered with the Telephone Preference Service.

Graham told the IoF to take immediate steps to update the code, which the IoF did two weeks later. Turner said: "This demonstrates that the ICO was privately expressing concerns about what the IoF was publishing long before I did so in public."

Matthew Page, who did not want his charity to be named, told Third Sector he had found the IoF less than forthcoming with information about the new EU GDPR.

"The final wording of the EU GDPR was agreed in December," he said. "It's taken four months for the IoF's head of policy to say anything about its implications and even then I'm not sure it's actually correct."

Page, who is a member of the IoF, said he was aware the body had been in talks with organisations including the ICO, the Fundraising Regulator and the National Council for Voluntary Organisations about the new rules and had spoken about them in a number of forums. But he said the IoF had not made guidance available online, which had left charity professionals who were unable to attend London events floundering.

Stephen Lee, who is an IoF fellow and one of its most vocal critics, said he agreed with Turner’s assessment of the institute’s approach. He said the IoF had simply asked other bodies to clarify how fundraisers should handle the new regulations. "It has completely passed the buck," he said.

A spokesman for the IoF said that the text for the GDPR had been approved by the European Parliament only on 14 April. "These regulations go far beyond charity fundraising and it is the ICO who will issue the statutory guidance on how these should be implemented before they come into effect, which is still two years away in 2018," he said.

He said Fluskey’s recent online article on the new regulations had been praised in a legal update sent by email on 26 April by Lawrie Simanowitz, partner at the law firm Bates Wells Braithwaite, as the most useful piece of commentary he had seen on the subject. Simanowitz’s firm represents the IoF on legal matters.

The IoF spokesman said the body was committed to holding events outside London so that fundraisers from around the country were able to benefit from its work.

He said the IoF had received no communication from the ICO that its TPS guidance was out of date until August 2015.

Fundraising News

Have you registered with us yet?

Register now to enjoy more articles and free email bulletins

Already registered?
Sign in

Latest Fundraising Jobs

RSS Feed

Third Sector Insight

Sponsored webcasts, surveys and expert reports from Third Sector partners


Expert hub

Insurance advice from Markel

How bad can cyber crime really get: cyber fraud #1

Promotion from Markel

In the first of a series, we investigate the risks to charities from having flawed cyber security - and why we need to up our game...