This week, the Information Commissioner’s Office – the UK’s independent authority for data protection – used its teeth and issued penalties to 11 charities, including Cancer Research UK, Oxfam and Guide Dogs for the Blind. They identified three pretty alarming practices, with most of the cohort guilty of having hired companies to find information about donors that they hadn’t provided directly to the charity, such as phone numbers or postal addresses.
In rapping the knuckles of the charities, the ICO emphasised that individuals have the right to choose what personal information they provide. Of course, this is right. But how do we marry this right with the narrative in the charity world that the more data, the better? A recent 1984-esq example of the narrative comes in a recent blog by Microsoft, which gushed about the power of data to provide “valuable insight about who and where your donors are and when they are likely to donate”. Eek.
When we think about data collection, we shouldn’t just be thinking about compliance with the law. We should be considering whether or not people want us to collect this data about them (they don’t).
Yoti Guardian Doc Searls has challenged Customer Relationship Management (which is synonymous with the practices that got the 11 charities into trouble), and proposed a new paradigm of Vendor Relationship Management, which sees the ‘customer’ in the driving seat in their transactions with ‘vendors’.
Yoti has been built with this thinking in mind. We want to encourage personal data ownership, so our app is built so that users always know exactly what information they are sharing, and have a log of this activity.
We also believe that individuals should only share as much information as is actually required to get the job done. This is called data minimisation and is a core pillar to the architecture of the entire Yoti platform. It is not only respectful to the individual’s rights, but also respects what user actually wants. An added bonus is that it removes the burden of organisations keeping personal data – which they often don’t really need – secure. So, an individual can get into a nightclub using Yoti to share the verified fact they’re over 18 – without giving a scan of their passport (with details the nightclub needs doesn’t need). In the charity world, a voluntary group supporting refugees could use Yoti to collect anonymous data on the use of their services.
If you’re a charity interested in a new approach to data collection, please get in touch!