One of the irritating things about the introduction of the EU Data Protection Regulation, the timing and final shape of which is still up in the air, is the way in which marketing companies are buzzing around, fearful of what the changes might mean. Most of them fret about the perceived emphasis on unambiguous consent, and what irritates me is that none of these idiots seem to be aware that active consent has been needed for email and text marketing since 2003 (under the Privacy and Electronic Communications Regulations, or PECR). The big change they are worried about happened more than ten years ago.
A slightly different take on the problem is doing the rounds in the charity fundraising sector. An article on the Civil Society News website encapsulates it with a suitably hysterical headline: “EU data protection proposals would kill fundraisers’ mailing lists, says report“. If the regulation contained provisions to ban marketing in general or marketing by charities in particular, this would be true and terrible. Stephen Pidgeon, a “fundraising consultant” and trustee of the Institute for Fundraising is quoted:
“if the EU introduce compulsory ‘opt-ins’ for direct mail then the cold mailing lists that still drive minor donor fundraising will disappear and, with them, millions of pounds”
Full marks for the euphemism ‘cold mailing list’ there, when what Mr Pidgeon means is ‘junk mail’. The author of a report into this nefarious proposal, Andy Taylor, a consultant at a charity marketing agency called ‘The Desired Effect’, is equally scathing:
“There is a balance to be struck between the donor’s right to privacy and our ability to fundraise, and the current draft of the proposals doesn’t get this right.”
The factual content of the article is awful – it asserts that charities can make marketing calls unless told not to, ignoring the existence of the Telephone Preference Service which applies to charities as it does to everyone else. It also claims that charities can use the ‘soft opt-in’ for email marketing, which allows an organisation to operate a tight opt-out system when marketing similar products to existing customers. PECR clearly refers to the soft opt-in being engaged during a ‘sale’, and the Information Commissioner’s guidance is unambiguous about what that means:
“the ‘soft opt-in’ exception can only apply to commercial marketing of products and services… [not for profit organisations] will not be able to send campaigning texts or emails without specific consent, even to existing supporters” (page 12)
The Civil Society article also complains about the possibility that the Regulation may interfere with a charity’s ability to profile potential donors. What this means is made more explicit in a recent piece published by Fundraising UK, which complained:
“charities would no longer be able to target direct marketing campaigns at specific donor profiles and would severely hamper the ability to build up prospect donor information”
I think some charities’ good works can be diluted by a sense of entitlement (I’ve blogged about the human embodiment of this in the past), and their fund-raising methods can be awful. Few commercial organisations would expect to get away with the antics of chuggers, but charities expect a free pass when hassling unwilling citizens in the street and paying a cut of donations to the companies they employ to do so. The attitude on display by Fundraising UK is even worse – would you be happy if a charity assembled information about you without your consent and then sent unsolicited marketing to you? I’d be fascinated to know if charities that profile ‘prospect donors’ comply with the first Data Protection principle by informing the ‘prospect’ that they were doing so – regardless of consent, there is no exemption from fair processing available.
I hope that those fundraisers agitating against explicit consent for marketing fail. Expecting an organisation to have permission before sending marketing isn’t just a legitimate way of setting up privacy law, it’s basic courtesy. There are already a lot of circumstances where our data is used without consent – many justified, some not. But where there is not some legal or security requirement that makes consent inappropriate, it should be the default for everyone, regardless of the effect on profit, innovation or donation. One vital aspect of privacy is having a right to be left alone, to be able to close your door and not be bothered by anyone else. The position of these fundraisers and consultants is that charities should be able to override that to get their cash. The headline of the Civil Society article is nonsense because explicit consent doesn’t kill charity mailing lists, it just makes them fair. It ensures that those people who are on the lists want to be on the lists. If fundraisers are concerned about the effect of Data Protection on their income, perhaps they should approach their targets with more respect.