I suspect that everyone reading this knows more about fundraising than I do. I have never been a fundraiser and I have never worked for a charity or a voluntary organisation. My opinion on the best way to fundraise is worth no more than my view on the best way to perform open-heart surgery.
But here’s a thing. Over the past few months, Third Sector’s distinguished fundraising columnist Stephen Pidgeon has merrily pontificated about data protection, unhindered by even a rudimentary understanding of how it works. Third Sector would have you believe that this is all part of having a debate, but debates need to be based on facts.
In his latest column, Pidgeon argues that a pattern of donations should be interpreted as consent for marketing, despite the legal requirement for "freely given, informed and specific consent", and the need to inform people of how their data will be used. No charity has ever said "we interpret your donation as consent for telephone marketing", and this would not be specific and informed consent if they did. The consent rules are being tightened because of a demand for "unambiguous" and "demonstrable" consent in the upcoming General Data Protection Regulation, but the existing law is clear that people need to be told how their data will be used and consent should be a meaningful transaction between individual and organisation, not a convenient set of assumptions.
Similarly, Pidgeon claims in his column that no regulator could demand more than a "planned supporter journey that includes opportunities to opt out", despite emarketing law demanding consent for some forms of communication. The Information Commissioner has fined organisations for a lack of consent in such circumstances, and there is a danger that confusion sown by prominent fundraisers will prolong the sector’s woes over data protection.
Conversely, Pidgeon claimed in February that the commissioner’s wealth-screening enforcement was based on a lack of consent, but the recent penalties happened because of a lack of transparency. He accused the commissioner vaguely of reinterpreting data-protection law, even though the principle of transparency goes back to data protection’s earliest roots. He even suggested that the enforcement action was evidence of a personal vendetta against charities. In fact, the fines levied on charities by Elizabeth Denham, the Information Commissioner, were the result of investigations launched by her predecessor, and her chief input into the process appears to be to have reduced the fines by 90 per cent. Oxfam’s £6,000 penalty is one of the lowest the ICO has ever levied.
There are real matters of substance to debate in this arena: whether the Fundraising Preference Service is necessary or whether charities should be treated differently from other types of organisation are matters of opinion and legitimate disagreement. But some issues are more concrete. Fundraising appeals are direct marketing. Consent must be clear and unambiguous. Donating is not the same as consenting for marketing. All processing of data must be fair and transparent. The only way out of these certainties is an explicit exemption, granted by law, not by a nod and a wink from the regulator. If you disagree with these statements, you’re plain wrong.
This is a bad time to be bad at data protection. The ICO is keen to move on, the Fundraising Regulator is finding its feet, and the GDPR is on the horizon. Charities and fundraisers who fail to get to grips with the subject will be badly exposed. In this environment, the sector needs fundraisers who know data protection well or recognise when they don’t. Now is the time for every fundraiser to become an expert on data protection, rather than listening to complaints and special pleading. My money is on the ones who adapt, not those who remain stuck in the past.
Tim Turner is a trainer and consultant on data protection and the Privacy and Electronic Communications Regulations