Data Protection Watchdog Fines Eleven More UK Charities

A number of high profile charities have been slapped with stiff financial penalties for misusing the personal data of donors.

The fines varied between £6,000 and £18,000 and comes after the charities concerned breached the data protection act.

The investigation by the Information Commissioner’s Office also called into question the ethical behaviour of the some of the charities involved.

Wealth Screening

It found for example that “many of the charities secretly screened millions of donors so they could target them for additional funds”, so called ‘wealth screening’.

The ICO also found that some charities traced and targeted new or lapsed donors by “piecing together personal information” which they obtained from other sources. And some traded personal details with other charities creating a “large pool of donor data for sale”.

In December last year the ICO fined Royal Society for the Prevention of Cruelty to Animals (RSPCA) and British Heart Foundation (BHF) £25,000 and £18,000 respectively.

And now the ICO has fined eleven more charities this week.

These included the International Fund for Animal Welfare (fined £18,000); Cancer Support UK (fined £16,000); Cancer Research UK (fined £16,000); Guide Dogs for the Blind Association (fined £15,000); Macmillan Cancer Support (fined £14,000); The Royal British Legion (fined £12,000); National Society for the Prevention of Cruelty to Children (fined £12,000); Great Ormond Street Hospital Children’s Charity (fined £11,000); WWF-UK (fined £9,000); Battersea Dogs’ and Cats’ Home (fined £9,000) and Oxfam (fined £6,000).

The Information Commissioner apparently exercised her discretion in significantly reducing the level of the fines, as the ICO has the power to hit offenders with fines as high as £500,000.

Obey The Law

“Millions of people will have been affected by these charities’ contravention of the law,” explained Information Commissioner Elizabeth Denham. “They will be upset to learn the way their personal information has been analysed and shared by charities they trusted with their details and their donations.

“No charity wants to alienate their donors,” Denham added. “And we acknowledge the role charities play in the fabric of British society. But charities must follow the law.”

“These fines draw a line under what has been a complex investigation into the way some charities have handled personal information.

“While we will continue to educate and support charities, we have been clear that what we now want, and expect, is for charities to follow the law.”

It is worth noting that it is not charities by and large, but rather the NHS that is frequently responsible for the misuse of personal data.

Last year for example the ICO fined a London NHS trust £180,000 after it exposed the email addresses of more than 700 users of an HIV service.

Quiz: What do you know about privacy?