Consent

Facebook and ‘CA’ – not Cambridge Analytica, but Custom Audiences

Unless you have been living under a rock for the past few weeks, you will have noticed that Facebook’s business practices have been coming under the microscope of public scrutiny. It’s been well-known for a long time among the data protection and marketing communities that Facebook operates by harvesting, generating and acquiring large amounts of …

Facebook and ‘CA’ – not Cambridge Analytica, but Custom AudiencesRead More »

Taking the ‘Con’ out of ‘Consent’

Taking the ‘Con’ out of ‘Consent’ In many ways, the GDPR is not very different to the Data Protection Act. This is true for the requirement to justify which of the six lawful “basis for processing” you are relying on to legitimise the processing (activity) in question. Some have been, and remain clear: in life …

Taking the ‘Con’ out of ‘Consent’Read More »

Better the devil you know – personal data breach reporting and GDPR

The ICO Annual Report for 2016-17 has been published. Among the findings reported is the number of self-reported data protection incidents, broken down by sector. The headline figures show a 31.5% increase in self-reported incidents – from 1,950 to 2,565 incidents. The key word here: self. Reporting of actual or suspected incidents to the ICO …

Better the devil you know – personal data breach reporting and GDPRRead More »

Fundraising Factsheet: Consent, confusion and clarity

Those attending Fundraising Week recently could be forgiven for scratching their heads and leaving none the wiser about the future of fundraising. Rob Wilson MP, the Minister for Civil Society, called on charities to prepare for ‘opt-in’ for fundraising – noting that the focus should be less on the Fundraising Preference Service (FPS) and more …

Fundraising Factsheet: Consent, confusion and clarityRead More »

Updating consent – implications of the Flybe and Honda fines

On 27th March 2017, the ICO issued Monetary Penalty Notices to Honda and Flybe, having determined that their approaches to confirming customers’ contact details and marketing preferences were not compliant with PECR (The Privacy & Electronic Communications Regulations 2003). Since these fines were issued, there has been some concern about whether this means that verification …

Updating consent – implications of the Flybe and Honda finesRead More »

Do you agree? Getting consent projects right

With new guidance from the Fundraising Regulator and ICO, and the GDPR now almost visible on the horizon, many organisations are feeling the need to take action about consent. This is understandable; if you send campaigning, fundraising or awareness raising materials (i.e. send Direct Marketing) to donors, supporters or volunteers via electronic channels you need …

Do you agree? Getting consent projects rightRead More »

“We’ve always done it this way” – What the future of fundraising is not

At the unprecedented gathering in Manchester, the Fundraising Regulator launched their long-awaited guidance – and the ICO made clear that charities are at a crossroads when it comes to using personal information for their fundraising, promotional and campaigning activities. There were a number of key messages worth noting from the ICO’s keynote speech: “We’ve always …

“We’ve always done it this way” – What the future of fundraising is notRead More »

Fifty Shades of Screening – Fundraising and Regulatory Compliance

The ICO’s new guidance addresses key questions that remained unanswered following the RSPCA and BHF fines: Do you need consent to undertake wealth screening? Is it compliant to use publicly available personal information for fundraising purposes? First, this is a complicated area of law…so don’t believe everything you read: the Data Protection Act (DPA) is …

Fifty Shades of Screening – Fundraising and Regulatory ComplianceRead More »

What the RSPCA and BHF fines mean for you

We now have the full details of the RSPCA and British Heart Foundation fines. They have promoted the Charity Commission and the Fundraising Regulator to issue a joint alert about compliance with data protection law. The actions you should take now: “Immediately cease any activity without explicit consent described and set out by the ICO …

What the RSPCA and BHF fines mean for youRead More »

First fundraising data protection fines – secrecy and sharing at the heart of poor practice

The ICO has published initial details of the fines handed to the Royal Society for the Prevention of Cruelty to Animals (RSPCA) and British Heart Foundation (BHF). The charities’ approach to wealth screening; data / tele-matching and data sharing triggered the fines. The ICO exercised considerable discretion to significantly reducing the fines – in recognition …

First fundraising data protection fines – secrecy and sharing at the heart of poor practiceRead More »

Scroll to Top