Scandal: 11 UK charities breach data laws

Data protection laws have never been so stringent and this was evident today as it came to light that 11 UK charities had been fined the UK’s data watchdog – the ICO – for misusing information about millions of past donors to seek further funds for future projects.

Those fined include Oxfam, Cancer Research UK, The Royal British Legion and Battersea Dogs’ and Cats’ Home, Macmillan Cancer Support and NSPCC for serious breaches of data protection laws.

>See also: Tech transforming the charity sector

The ICO published the names of the charities and the amounts each have been fined in a statement on its website.

The International Fund for Animal Welfare – £18,000
Cancer Support UK – £16,000
Cancer Research UK – £16,000
The Guide Dogs for the Blind Association – £15,000
Macmillan Cancer Support – £14,000
The Royal British Legion – £12,000
The National Society for the Prevention of Cruelty to Children – £12,000
Great Ormond Street Hospital Children’s Charity – £11,000
WWF-UK – £9,000
Battersea Dogs’ and Cats’ Home – £9,000
Oxfam – £6,000

Collectively the 11 charities have been fined £138,000. The ICO decided to keep the individual fines between £6,000 and £18,000, because donors – the ones who were exploited – would be unhappy at more severe financial punishments.

The ICO said that some of the charities had been fined because they had “screened millions of donors so they could target them for additional funds,” while others had “traced and targeted new or lapsed donors by piecing together personal information obtained from other sources. And some traded personal details with other charities creating a large pool of donor data for sale.”

>See also: UK charities facing digital crisis in an unstable era

Indeed, the ICO said that some of the charities had hired companies to profile the wealth of their donors, which was done by investigating their incomes, lifestyles, property values and friendship circles among other means.

“Supporters of animal charities could have their information shared with homeless, humanitarian or religious charities even though the supporters only expected their information to be shared with other animal charities,” the Information Commissioner’s Office said.

“Some charities don’t know if the information has been shared one or 100 times. This can result in lots of unwanted charity marketing.”

Similar fines were issued by the ICO to the RSPCA and the BHF for breaches of the Data Protection Act in December 2016. These two charities were fined £25,000 and £18,000 respectively. The fines issued to both of these were also “significantly reduced” at Denham’s discretion to mitigate any risk of “adding to any distress caused to donors by the charities’ actions”.

“[People] will be upset to learn the way their personal information has been analysed and shared by charities they trusted with their details and their donations,” said Information Commissioner Elizabeth Denham.

“Millions of people will have been affected by these charities’ contravention of the law. They will be upset to learn the way their personal information has been analysed and shared by charities they trusted with their details and their donations,” said Denham.

>See also: A helping digital hand for the charity sector

 “No charity wants to alienate their donors. And we acknowledge the role charities play in the fabric of British society. But charities must follow the law.”

“The generous British public expect charities to safeguard their data and raise funds responsibly, and in return they donate in their millions,” said the Charity Commission for England and Wales – another regulator’s chief operating officer David Holdsworth.

“Sadly in these cases charities have not kept their side of the bargain. We are working with the charities concerned, the Information Commissioner and the Fundraising Regulator to ensure that any necessary remedial action is taken.”


Nominations are now open for the Tech Leaders Awards 2017, the UK’s flagship celebration of the business, IT and digital leaders driving disruptive innovation and demonstrating value from the application of technology in businesses and organisations. Nominating is free and simply: just click here to enter. Good luck!

Avatar photo

Nick Ismail

Nick Ismail is a former editor for Information Age (from 2018 to 2022) before moving on to become Global Head of Brand Journalism at HCLTech. He has a particular interest in smart technologies, AI and...

Related Topics

Data Breach
Data Protection