Fundraising Regulator identifies charities in breach of FPS
Earlier this month, the Fundraising Regulator released a list of charities it has taken action against for failing to act on suppression requests made through the Fundraising Preference Service (“FPS”). The list contained 59 different charities, who have all been referred to the UK’s Information Commissioner’s Officer (“ICO”) for further investigation.
The FPS allows members of the public to control the nature and frequency of direct marketing communications that they receive from fundraising organisations registered in England, Wales and Northern Ireland. It gives people the opportunity to stop receiving emails, telephone calls, addressed post and/or text messages from a selected charity or charities. Under the provisions of the Code of Fundraising Practice it is a mandatory requirement for all fundraising organisations to view and act upon the suppression requests made against them within 21 days.
The FPS was introduced in July 2017 following an investigation by the Fundraising Standards Board (“FRSB”). The investigation came as a result of many cases such as the death of Olive Cooke, a pensioner who was hounded with hundreds of mailings from different charities each year. Such cases sparked concerns about how charities were contacting the general public. Although the investigation concluded that the marketing content sent to Olive wasn’t the direct cause of her death, the FRSB did recognise that something needed to be changed in regards to direct marketing carried out by such organisations.
A report published by FRSB back in 2016 concluded that there were insufficient opt-out procedures in place. The report revealed that only 14 out of the 99 charities that were contacting Mrs Cooke offered her a specific opportunity to opt-out of receiving more direct marketing, recognising that changes needed to be made to the Code of Fundraising Practice. For this reason, the FPS was introduced.
Since its introduction, around 8,300 people in England, Wales and Northern Ireland have submitted more than 25,000 suppression requests. However, it has now come to light that many of the national organisations receiving such requests have not been acting on or even viewing them. The Fundraising Regulator has stated that some of the requests that have not been acted on date back to July 2017. When a request is made through the FPS the charity in question is automatically notified by email and is asked to login to their account and act on the request within 21 days. On top of the initial notification, the Fundraising Regulator has made repeated attempts to contact the charities in order to find out why the requests are being ignored. Each charity’s executive has also received a warning in regard to their behaviour. However, there has been no evident changes to the charity’s behaviours.
According to the Fundraising Regulator all charities that are not responding to such requests in the time frame given are in breach of the Code and possible in breach of data protection law. Individuals have more rights under the GDPR including the right to withdraw their consent from the processing of their personal data. All organisations should give their data subjects the chance to opt-out of marketing. By not responding to such requests, they could potentially be in breach of GDPR.
Under the GDPR data controllers and data processors, whether they are organisations or individuals, can be fined up to 2 billion Euro or 4% of their global turnover, whichever is the highest. The UK’s ICO does not treat charities any different from other organisations when it comes to fines. What will happen to the 59 charities as a result of their actions is now in the hands of the ICO.