UK Charities Fined For Misusing Donors' Private Information

11 UK charities have been fined for breaching data protection laws.

11 of the UK’s top charities have been fined for misusing their donors’ (aka individuals who donate) personal information. The Information Commissioner’s Office (ICO) have issued fines to the charities for alleged misconduct and breaching the Data Protection act.

Charities and their fines

The 11 charities and their fines are as follows:

The international Fund for Animal Welfare – £18,000
Cancer Support UK (formerly Cancer Recovery Foundation UK) – £16,000
Cancer Research UK – £16,000
The Guide Dogs for the Blind Association – £15,000
Macmillan Cancer Support – £14,000
The Royal British Legion – £12,000
The National Society for the Prevention of Cruelty to Children – £12,000
Great Ormond Street Hospital Children’s Charity – £11,000
WWF – UK – £9,000
Battersea Dogs and Cats Home £9,000
Oxfam – £6,000

Misuse of Private Information

The above charities were found guilty of misusing their donors’ personal data by reportedly secretly piecing together data from an array of sources and trading personal details between other charities to target new and previous donors. Essentially, the charities were said to be sharing their donors’ personal information amongst each other to create “a large pool of donor data for sale”.

This kind of behaviour can be a breach of the DPA, and it seems evident that donors didn’t expect their private information to be used in the way the charities sought to use it.

ICO and the Charity Commission

The ICO has been investigating the data breach. Information Commissioner, Elizabeth Denham, noted,

“[people] will be upset to learn the way their personal information has been analysed and shared by charities they trusted with their details and their donations.”

The ICO also found that some charities hired companies to find out the wealth of their donors. This was apparently done by investigating their incomes, lifestyles, property values, and friendship circle among other things. What’s even more disturbing about the “wealth screening” process is the fact that it was reportedly used to pinpoint those who were most likely to be convinced to leave money in their wills.

It also transpires that some of the charities tracked down additional data from past donors by using old telephone numbers to identify current ones. The charities appeared to be ignorant of the fact that, as data owners, they are in control of what information is shared. By sharing their donors’ personal data, this was found to be a breach of the Data Protection Act (DPA).

It is crucial to identify that donors may not have been notified that their information was being used in this way, and therefore could not consent or object.

Extent of sharing remains unknown

Elizabeth also noted that:

“some charities don’t know if the information has been shared once or 100 times. This can result in lots of unwanted charity marketing.”

The breach was first investigated after reports in the media that charity supporters and donors were being pressured into follow-up donations. This led the ICO to wonder where charities were getting the information from. One particularly harrowing case reported in the media was that of Olive Cook – a 95 year old grandmother who reportedly committed suicide as a result of being hounded by charities daily. It is thought that her personal information was shared between charities as she was “very generous”.

The Charity Commission for England and Wales has responded to the ICO’s penalties and are considering whether the trustees of each charity have acted in accordance with their duties under charity law.

Not the first breach of this nature

This is also not the first time charities have been subject to a data breach scandal. In December 2016, the Royal Society for the Prevention of Cruelty to Animals and the British Heart Foundation were fined (£25,000 and £18,000 respectively) for breaching the DPA.

An important message must be conveyed. As David Holdsworth, Chief Operating Officer at the Charity Commission, said “…Charities must learn the lessons from these fines and breaches”.

Sources:

http://www.bbc.co.uk/news/technology-39502258
https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2017/04/ico-fines-eleven-more-charities/
https://www.gov.uk/government/news/charity-commission-responds-to-ico-issuing-penalties-to-11-charities
http://metro.co.uk/2017/04/06/charities-fined-for-ranking-rich-donors-and-trading-information-6558927/
http://www.dailymail.co.uk/news/article-3083859/Shame-charities-drove-Olive-death-Organisations-exploited-pensioner-s-kind-heart-admit-sending-begging-letters.html

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.

Create A Call Back

Information on how we handle your data is available in our Privacy Policy.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.