ARVAC broadcasts subscribers' names and e-mail addresses

Howard Lake | 21 May 2003 | News

Today’s data protection faux pas is brought to you by ARVAC, who have just sent their e-mail newsletter complete with the names and e-mail addresses of all their subscribers.

The Association for Research in the Voluntary & Community Sector has just published its latest e-mail newsletter. Unfortunately three quarters of the message we received consisted of the names and e-mail addresses of all the recipients. As one of those recipients, UK Fundraising’s Howard Lake most certainly has not given his permission to share those details with everyone else on the list, so we assume that ARVAC is publishing such personal data without permission.

ARVAC is of course not alone. UK Fundraising reported on 28 April that a regional group of the Institute of Fundraising and the Institute of Philanthropy had both committed the same mistake in their e-mail newsletters.


Such errors almost certainly break data protection law. They enable any recipient of those newsletters to misuse the data. Even if every recipient scrupulously ignores the e-mail addresses, they could still cause problems if they were to forward the full newsletter to another contact. Then there is the issue of viruses that scan PCs for e-mail addresses contained within their e-mail package and start sending virus-laden messages to all those e-mail addresses.

Such a basic ignorance of the difference between the Cc. and Bc. fields in an e-mail package is unacceptable in 2003. E-mail is not that new.

UK Fundraising’s Howard Lake has advised charities on using e-mail ever since he wrote Amnesty International UK’s e-mail guide in 1994, alarmed that the organisation had introduced e-mail to staff without explaining some of the serious problems that the new tool could create.

One of Howard’s upcoming training courses is on how to use e-mail to fundraise, and he’ll be running over the basics of e-mail during the day.