The California Consumer Privacy Act will effectively be the US national data privacy standard for consumer business and brands when it takes effect on January 1, 2020. (Although enforcement by the California attorney general has been delayed until June 2020, individual and class-action law suits may begin immediately.) As of this writing, that’s precisely 12 … Continue reading Attention marketers: in 12 weeks, the CCPA will be the national data privacy standard. Here’s why.
The California Consumer Privacy Act could have more repercussions on U.S. companies than the European Union’s General Data Protection Regulation (GDPR) that went into effect in 2018. The California law doesn't have some of GDPR's most onerous requirements, such as the narrow 72-hour window in which a company must report a breach. In other respects, … Continue reading California Consumer Privacy Act (CCPA): What you need to know to be compliant
On January 1 2020, a landmark new data law comes into effect, subjecting U.S. businesses to a sea change of privacy regulations. After that date, Americans will be able to demand that charities disclose what personal data they have collected about them, and also ask them to delete that data. The California Consumer Protection Act … Continue reading Here Comes America’s First Privacy Law: What the CCPA Means for Business and Consumers
Fundraising charities rely on information about their supporters to survive; such as names and addresses, financial information and other private data. Information such as this will always be integral to the fundraising process, and the storage and safety of this information will be too. GDPR’s rules around proving consent necessitate new processes at the back … Continue reading Data compliance officer: the next big role in fundraising?
At the end of 2016, when the ICO fined several charities for breaching the Data Protection Act 1998, Ian MacQuillin, wrote a fascinating philosophical piece on how charities are perceived by different types of people. Even though this feels like a long time ago, it's still as relevant today as it was back then. Whenever … Continue reading Long Read: The philosophical dispute between fundraising and data protection
The Guidance prepared by the Data Protection Network is a practical tool aimed at helping commercial and not-for-profit organisations to assess whether or not they can rely on Legitimate Interests as a lawful basis for processing personal data under the GDPR. The Guidance covers: Understanding what Legitimate Interests are Identifying areas of processing where Legitimate … Continue reading Long Read: DPN Legitimate Interests Guidance – GDPR
Adrian Beney is back with an update on CASE's work on providing guidance for charities for adopting GDPR best practise. This document lays out in detail and with great clarity the circumstances under which these activities, regarded in recent years by some at the Information Commissioner’s Office as very controversial, can be carried out lawfully. … Continue reading At last, clarity and sense about wealth screening, prospect research and updating addresses
Prospect research and wealth screening do not sit easily with GDPR: Can individuals reasonably expect to be researched for wealth? Would they expect to charities to find public information about them and use it? How about if the charity uses a third-party supplier? Nicola Williams, MA in Philanthropic Studies, has written several helpful guides at … Continue reading Prospect Research and GDPR-compliant wealth screening
Although there is still no confirmed date when the new e-privacy regulation will be released, here is some excellent guidance on how the Privacy and Electronic Communications Regulations (PECR) combines with GDPR to give more power to consumers. https://www.dpnetwork.org.uk/opinion/gdpr-marketers-dont-forget-pecr/