25 Oct ‘Olive Cooke left UK fundraisers too scared to think rationally about GDPR’
By Hugh Radojev for Civil Society Online, 19 October 2017
The media scandal that surrounded the death of Olive Cooke left the fundraising sector in the UK “so scared they are not able to think rationally any more”, a charity audience heard yesterday.
Speaking yesterday in a session about the General Data Protection Regulation at the International Fundraising Congress, Ilja De Coster, fundraising data strategist with Amnesty International in Belgium, said that many umbrella bodies and fundraising charities had become too afraid of criticism since the death of Olive Cooke.
He suggested that as a result, charities had been spooked into using a consent-only approach to fundraising, whereas this might not be necessary.
He said that for charities concerned by GDPR legislation, the best place to get information about the incoming legislation was from the original documents and not from secondary sources.
“Do me a favour,” he said. “Stop reading secondary sources about GDPR because they are crap. With all due all respect for our friends at the Institute of Fundraising in the UK, there’s a guy, Tim Turner, who wrote a nice document guide on data protection and he put a list of ten tips. Tip number ten was ‘do not listen to the Institute of Fundraising’ [about GDPR], and there’s a reason why.
“What I feel is that what happened in the UK, is that because of the Olive Cooke scandal and all of the others is that the sector has become so scared that they are not able to think rationally anymore.”
Charlie Hulme, managing director at DonorVoice, was also critical of elements of the UK fundraising sector for being what he called “opportunistic” about GDPR and some of the confusion around it.
Hulme said that “the more we read about GDPR, the less clear we are” on what it will mean for the sector, and said that organisations had used this to “sell stuff”.
“I think the more we read about it, the less clear we are. There’s a lot of confusion out there. There’s been a lot of opportunism, people using coming GDPR legislation to spread confusion, to spread fear and try to sell stuff off the back of that.”
Legitimate interest ‘open book’ for charities
De Coster also said that legitimate interest was essentially an “open book” for charities, provided they have “a good lawyer and good copywriter”.
“Basically if you have a good lawyer and a good copywriter you can do everything with legitimate interest and have nice stories with it. It’s an open book.
“You have to take time explaining what you do, take a good copywriter and make it beautifully written. Make it describe to your donors what you do with their data. We take care of it, we secure it, we have nice firewalls and it’s important for what we do and your data will be fine with us.”
He also said that, in his opinion, much of the initial confusion around consent and opt-in was because there was a whole chapter in GDPR about consent, and very little written about legitimate interest.
“There’s a whole chapter in the GDPR defining consent, and that is where the confusion starts because there’s so much on consent that everybody thought consent was the only option. The chapter is only valid if you go for consent. What consent is about is opt-in. You can’t do anything with donor data unless you have opt-in consent before.”
De Coster also warned that the increased scope and size of fines being made available to member states’ data protection regulators meant, “from now on, it’s serious. Playtime is over.”