The Fundraising Regulator (FR) has published its guidance "Personal Information and Fundraising; Consent, Purpose and Transparency."
The FR guidance anticipates the European General Data Protection Regulation (GDPR), which will come into effect in 2018. In the meantime, these guidelines set out a best practice guide on direct marketing to help trustees understand their charity's responsibilities in relation to 'donor consent, data protection and legitimate interests'.
The guidance explains that a basic requirement of data protection transparency is to tell individuals if they are processing personal data, what the data is being processed for, and provide any other information needed for it to be fair to process the data.
As well as meeting transparency requirements, charities must also have a legal basis for using personal data. In the case of direct marketing by most electronic methods, this means having the individual's consent:
The guidance provides action checklists and a self-assessment toolkit to help trustees implement the guidance.
The ICO has also published separate draft guidance on data protection and consent.
11 charities have been fined £138,000 in total by the ICO for misusing donors' personal data.
In January the ICO issued notices of intent to fine 11 charities. The organisations involved then had 28 days from receiving the notices to make representations to the independent regulator.
Fines have now been issued which range from £6,000 to £18,000. The issues of concern to the ICO in the different cases included issues of transparency and consent relating to sharing personal data with other charities, using personal data to estimate donors' wealth (wealth screening) and using what personal data they had about individuals to discover missing information (data matching).
The Charity Commission has opened compliance cases into the 11 charities who have been fined.
The ICO has set out its position on wealth screening and data matching in a conference paper.
The FR has opened a consultation on the Code of Fundraising Practice, seeking sector-wide feedback on suggested changes.
These are the first proposed changes the new regulator has put forward. The FR is seeking views on a wide variety of areas, including charity trustees, whistleblowing, people in vulnerable circumstances and disclosure statements.
Proposed changes include a stricter requirement for solicitation statements to be given to potential donors, and for clear reporting procedures for any fundraising concerns that staff or volunteers may have. Another area under review is the 'three asks' rule, the number of times a fundraiser can ask for a contribution in one interaction, which could apply only to financial donations and not requests for support or time.
The consultation closed on 28 April 2017.
Plans for the Fundraising Preference Service (FPS) have been slowly refined over the past few months.
We previously reported on FPS. The Fundraising Regulator has now confirmed that the FPS will apply to direct marketing communications, rather than to 'all communications'. Communications such as confirming direct debit details, acknowledging gifts (if necessary and not promotional), and communications necessary to comply with gift aid rules will not fall under the FPS's remit.
The system is expected to be live by the summer of 2017.