By Sofia Carroll, Senior Information Governance Manager

Charities face a unique challenge when it comes to reaching out to their supporters. Unlike businesses, which can use a soft opt-in mechanism to send direct marketing messages, charities have been bound by stricter rules. This disparity has created hurdles for fundraising efforts and communication with potential donors. However, the UK Government's recent amendment to the Data Use and Access Bill promises to level the playing field, offering charities the same opportunities as commercial entities. This marks a pivotal moment for the charitable sector, allowing them to engage with their supporters on a different basis.

The Data Use and Access Bill (the Bill) now contains an amendment which would make it easier for charities to contact supporters with unsolicited direct marketing messages after a supporter makes a financial donation. This is known as soft opt-in, an exemption to the rule that you need consent to send such messages.

Currently, Regulation 22 of the Privacy and Electronic Communications Regulations (PECR) allow this kind of contact only in commercial contexts and under certain conditions, thus applying only to businesses. Charities have long been excluded and organisation like the Data and Marketing Association (DMA) has been lobbying the Government for a change.

Consent and soft opt-in

Generally, an organisation can only send unsolicited direct marketing messages to a person who has explicitly said they would like to receive them. They usually express this wish by ticking a box or signing up to a corporate newsletter.

The current exception to this rule is that an organisation does not have to ask for consent if a person has:

• Bought something from the business (made an actual purchase);
• Asked about services or products (completed an enquiry form);
• Almost went through a sale (asked for a price but didn’t proceed).

By doing any of the above, it is accepted that the user has softly opted-in to hearing about products and services. However, in addition to this, for a business to contact them lawfully afterwards, they need to be sure that:

• They collected the contact details directly from the person;
• There is a way to refuse this communication at the beginning and every other subsequent time;
• Only that specific business’s products and services are advertised, not of any other business.

Because of the requirement of a ‘sale’, charities haven’t been able to rely on the soft opt-in for fundraising purposes. The amendment to the Bill makes a huge change this, mirroring the existing rule:

Regulation 22 of the PEC Regulations (use of electronic mail for direct marketing purposes) is amended as follows.

A charity may send or instigate the sending of electronic mail for the purposes of direct marketing where—

(a) the sole purpose of the direct marketing is to further one or more of the charity’s charitable purposes;

(b) the charity obtained the contact details of the recipient of the electronic mail in the course of the recipient—

(i) expressing an interest in one or more of the purposes that were the charity’s charitable purposes at that time; or

(ii) offering or providing support to further one or more of those purposes;

(iii) the recipient has been given a simple means of refusing (free of charge except for the costs of the transmission of the refusal) the use of their contact details for the purposes of direct marketing by the charity, at the time that the details were initially collected, and, where the recipient did not initially refuse the use of the details, at the time of each subsequent communication.”

This means that if the Bill becomes law in its current form, a charity could contact a supporter who has donated with further messages, without asking for their consent, but the additional requirements still apply (in (iii)).

Practical considerations for charities

This is a big development for charities. If the Bill becomes law in its current form including this amendment, they will have to consider:

Implementation

While it can be tempting to start sending bulk messages to supporters, teams should consider how consent or indeed any exemptions to it will be recorded. For example, will senior management decide on a complete overhaul of the consent framework, or just focus on new supporters and new rules from 2025? What about people who donated years ago but have had no other contact with the charity?

Supporter perception

People won’t necessarily know of this legal change and may be surprised to see an increase in marketing messages from charities they support. It’s important to decide how a possible change will be communicated (a mass email, news post, website banner?) so that charities don’t lose supporters in their ambition to tell them more about their goals.

Transparency

As a result of both implementation and supporter perception, charities should decide not only how they go forward with the soft opt-in rule but also how they will communicate this to stakeholders, the Board of Trustees, and the very teams who will be contacting supporters.

Information governance teams should consider updating related policies and being open about the future, to avoid complaints and ensure everyone understands the new rules.

Consequences

The Data (Use and Access) Bill also proposes significant changes to the enforcement of the Privacy and Electronic Communications Regulations (PECR). Specifically, it aims to align PECR fines with those under the UK General Data Protection Regulation (GDPR). This means that businesses breaching PECR could face fines of up to 4% of their global turnover or £17.5 million, whichever is higher. This means that although the opportunities for greater marketing are greater so are the consequences for getting it wrong.

Naomi Korn Associates has produced a CPD-accredited topic on lawful digital marketing and consent you can book today to prepare: Lawful Digital Marketing and Consent 25 March 2025 - 9:30am-1pm Tickets, Tue 25 Mar 2025 at 09:30 | Eventbrite.