C’mon ICO – advice please!

The recent charity fines situation has sent the entire third sector into a state of confusion, uncertainty and paralysis. But the sector is doing exactly the same as the commercial organisations in ALL other industries, so the shockwaves are actually rippling across the entire UK PLC. Of course, the media love to whip up a scandal about charities so it is headline news, but it actually needs a closer look to get to the facts. A number of issues have been conflated in the press and labelled as “Wealth Screening” being the cause of the fines. This is not true – there are 3 separate issues. The biggest concern from the ICO is around the sharing of Supporter’s data via a co-op database. This in itself is not an issue – the problem is that the ICO say that the charities did not make it clear in their data usage statements that they were doing this and did not give Supporters the option to opt out. There is also a separate issue that some opted-out Supporters were provided to the co-op, by mistake. (The charity itself reported this error to the ICO).

The other 2 issues are with data enhancement and profiling/ranking. Again, the ICO maintains that the issue is with the lack of a clear statement in the charities’ data usage policy, not with the activity itself.

The language used by the ICO is inflammatory – “The millions of people who give their time and money to benefit good causes will be saddened to learn that their generosity wasn’t enough. And they will be upset to discover that charities abused their trust to target them for even more money.”

This is an unfair distortion as the charities were not abusing Supporter’s trust. They maintain that their statements did clearly cover the data usage. The ICO maintains the wording was not clear enough. The dispute is therefore around the subjective difference of the meaning of the phrase “similar or partner organisations”. The dispute is also over what wording is classed as being “clear”, relating to data enhancements and profiling.

The lesson to be learnt? Data statements must be as detailed as possible and provide Supporters with the option of opting out of various processes.

But the ICO must provide advice on what the wording should be. Their statement referred to the use of tele-matching to update Supporter records. And to tracing new addresses (presumably NCOA). Does this has to be specified in all company’s Data Usage Statements?

Then we come to third party data enhancements. Does this have to specified? The reason companies use enhancements is purely to improve their targeting. No one bats an eyelid at a women’s shoe retailer only targeting females. Or Rolls Royce only targeting wealthy individuals. So why are the charities being pilloried for targeting wealthy people for large donations or to leave a legacy?

And where does it end? What level of detail is required? No-one knows because the ICO has not given guidance. Does a company have to specify that it will use RFM (Recency, Frequency, Monetary Value) to target (use another word – “screen”) customers? Well, we just don’t know.

Lastly, the ICO statement referred to Supporters not having the ability to opt out. Does this mean that every usage of data now needs an opt in/out? eg consent is required for tele-matching? And another consent for NCOA address tracing? And another for third party enhancements? And another for RFM screening? You get the point!

The utter irony is that the ICO has fined charities for effectively doing what Supporters want! Every charity I have ever worked with in the past 20 years has the same recurring concern raised by Supporters in their satisfaction surveys. This is “junk mail” and the amount of their donation that is used for administration and running costs, versus the amount that actually goes to the cause.

Charities have improved targeting techniques through data marketing and insight. They have taken practices used in the commercial world and effectively used them to reduce their circulations (thus reducing “junk mail”) and also reducing the amount spent on admin and running costs. Updated addresses and telephone numbers combined with better segmentation and targeting means less wastage, smaller environmental footprints, more relevant communications, less cost. Oh, and more pennies in every pound going directly into the cause.

Isn’t that what data and direct marketing is meant to be about?

Stopping these practices due to uncertainty from the ICO ruling will result in going back to widespread, scattergun, un-targeted communications. This is undoubtedly a regressive step.

There is a need to educate consumers and the press (and possibly trade bodies and regulators!) about why companies undertake the above practices and the benefits it brings. Rather than the manipulative “Big Brother” view being pushed by the media and the ICO’s press statement, the public need to understand the benefits. Want to reduce junk mail, nuisance calls and spam emails? Then clean the data, make it accurate and deliver better targeting. And of course, tell the consumer how you are using their data. Clearly and explicitly. Whatever that may mean.

So c’mon ICO, give us some advice please! This isn’t just a charity sector issue – it affects every company in the UK because they are all trying to do the right thing and improve their data quality, segmentation and targeting.

Kudos provide a range of data solutions, including our GDPR-compliant Preference Centre used to manage, test and roll out preference statements. For more details on how to ensure you stay compliant, view our Marketing Consent page and centrally manage all your consents across multiple platforms. Talk to James Squires on 0330 043 1593 or email for further information.