Fundraising news, ideas and inspiration for professional charity fundraisers

Why the ICO’s rulings are a job half-done

Why the ICO’s rulings are a job half-done

Yesterday the ICO confirmed that it is fining two charities for breaches of law. Well, that wasn’t quite the headline or tone of the language used. Instead it was ‘exploiting supporters’, ‘secretly screening’ and ‘disregard for people’s privacy.’

Pretty strong stuff. Compare that with the previous announcement on 29 November where a firm had been fined £100,000 for sending texts without permission. The language is quite different – “they must make rigorous checks to ensure the rules have been followed”, or “responsibility under law to check the people being sent them had specifically consented to receiving marketing texts.” No “exploitation” or “disregard” used in that case, but a clear explanation of the law and enforcement action. It is disappointing that an independent and serious regulator seemed to be trying to write the tabloid headlines for them.

Aside from the way that the ICO have chosen to talk about their adjudication, there are important issues to understand about how the decision was come to. Well, there would be if the ICO had actually released their full report detailing the investigation, identifying the legal problems and making absolutely clear what they believe the transgressions have been, and what others should do to avoid them. At the moment all we have are general principle-based statements around donors not being informed and so not having the opportunity to agree or object.

Limited details available

So, reading between the headlines, it seems that it isn’t that wealth screening or sharing are deemed in themselves to be unlawful, but that the ICO are saying that donors have not been adequately informed that their would be used for this purpose. Does this mean that all of this is essentially about adding a sentence or two in the right place in communication materials? Or charities needing to have updated their privacy policies?

That isn’t to belittle the importance of those steps. Of course donors need to know and be informed about how their information will be used and have the right opportunities to agree or not to this.

Fundraisers ‘left feeling their way in the dark’

But it makes a big difference as to how we can make sure that all charities get this right in the future.  Again this is where we need better, clearer, and more consistent guidance from the ICO to our sector. As a regulator they need to be providing straightforward and unambiguous guidelines so that donors and charities alike are completely aware of the legal requirements and that all charities can be sure that they are going about their work lawfully. It is not enough for the ICO to just issue statements that donors need to be informed and be given the right choices. Charities need more detail on the ICO’s view of what lawful practice looks like: what form of words would have passed the test? When would someone have needed to give consent? Without this reassurance and clarity fundraisers are left feeling their way in the dark.

Daniel Fluskey quote on ICO ruling against BHF and RSPCA

We will be working as best we can to get these answers as soon as we can – it is frustrating for all that we don’t have them now, and especially so when there are people who have legitimate concerns about how they do their jobs and future work. Clarity from the ICO, working with the Fundraising Regulator to ensure consistency across the regulatory bodies, is essential around this.

We know what this is not about. It is not about whether charities are special, trying to get around the rules, while looking for ways to ‘exploit’ donors. Every charity knows that it has to follow the law, and not only that, but the Code of Fundraising Practice requires that in many areas charity fundraising reaches a higher benchmark than the law sets. Charities have been banned from selling donors’ data; other sectors do it. We can only share supporters’ data with explicit consent; other organisations can do it on an opt-out basis. This isn’t about whether charities should have high standards and be working ethically. They should, and they do. And that means that if charities get it wrong, they should be held to account – but that also has to be accompanied by enough information to make sure they don’t get it wrong in the first place.

For some more information on Data Protection and a checklist on how to make sure your organisation is compliant have a look at our introductory information.


Daniel Fluskey

Daniel Fluskey at IoF

Daniel Fluskey is Head of Policy and Research at the Institute of Fundraising.



16,690 total views, 0 views today

Get free email updates

let us keep you up to date with fundraising news, ideas and inspiration with a weekly or daily email.

* We do not share your email or personal details.
  • Tim Turner

    The Information Commissioner wrote to the Chief Executive of the Institute of Fundraising in the Summer of 2015 to point out that the IoF’s Code of Practice was years out of date. The Information Commissioner previously issued detailed guidance for charities, and now there are clear codes of practice on privacy notices and very robust guidance about direct marketing that apply to all sectors. The guidance was there, and for some reason (perhaps because of confusion caused by the Institute for Fundraising) charities did not see it. As recently as April, Daniel Fluskey was writing inaccurate articles on this website about the new General Data Protection Regulation which could lead to charities breaching the new law.

    It is not the job of a regulator to write the exact form of words that a data controller should use. Charities – like everyone else – should look at what they are doing and explain it clearly. So how about this: “we will use a private company to work out how much you’re worth when you die”, or “we will share your data with other charities whose identities we cannot know”. If you’re not willing to explain it clearly and simply, you can’t do it. This kind of blame shifting will only make it harder for charities to see and deal with the real problem – a business model that has left donors behind.

  • Pingback: OPINION: Does the ICO have ‘unreasonable’ expectations about wealth screening? | Critical Fundraising()

  • Pingback: KNOWLEDGE/OPINION: ICO and enforcement action against charities | Critical Fundraising()

  • Pingback: A Passion Play, or How To Fix Your Lousy Wealth Screening Results - Helen Brown Group()

Sign up for free fundraising news by email

Before you go…

let us keep you up to date with fundraising news, ideas and inspiration with a weekly or daily email.
" />