Privacy Laws -The Not for Profit Debate
19 October 2001 at 1:10 pm
The new Privacy laws due to take effect in December will apply to organisations that collect, handle and use personal information. But did those who formulated the legislation for business really have the Not for Profit sector in mind? How is your partnered Not for Profit preparing?
Many organisations and legal experts who have been trying to assess the implications and impact of the privacy changes believe clarification of some aspects of the legislation could see some charities sink or swim.
This legislation is regarded as the most significant development in Australia in the area of privacy law since the passage of the Privacy Act in 1988. Back then it had only limited application to the private sector.
Because one of the more important functions of a NFP is fundraising (and an important and natural aspect of effective fundraising is collecting personal information, and maintaining data bases containing large and sometimes sensitive information) the impact of the new privacy regime on the sector is considerable.
That’s the opinion of the law firm, Freehills, which has attempted to highlight the impact of the legislation on Not for Profit organisations. Sue Coleman is a solicitor with Freehills and is a member of the firms Privacy Law Group. She believes the issues for NFP are complicated with very few clear-cut ‘yes’ or ‘no’ answers.
Coleman says in particular the issue relating to whether the laws apply to a charity with a turnover of less than $3-million is one example.
She says she also believes the exemption of the application to so called ‘small business’ may not apply to Not for Profits as many first thought.
A document prepared by the firm’s Privacy Law group says it appears that NFP’s may not be able to take advantage of the small business exemption because it is arguable that they are, by the very nature of their activities, not carrying on a ‘business’.
It says even assuming NFP’s are able to take advantage of the exception, it is not yet clear whether annual turnover for the purposes of the new privacy regime will require taking into account gifts or donations.
Coleman says Freehills is seeking to obtain clarification on whether the threshold relates to gifts and donations or separate funding arrangements.
For many organisations the more contentious issues are those of collecting both personal and sensitive information (including health information) about possible donors.
Jeremy Maxwell from the Epilepsy Foundation is on the executive of the Victorian Chapter of the Fundraising Institute of Australia.
Maxwell says the initial response to the privacy guidelines, before they were revised, was that every major charity program would fall down if organisations could not collect or pass on personal information about prospective donors.
He says every major gift and capital campaign relies on everyone from the board members, to the staff and the volunteers, networking information about possible donors and appropriate ways to approach them.
He says how do you get prior approval to approach these people? While the legislation may allow for certain information to be gathered the guidelines are still not clear.
Maxwell says there appears to be a lack of understanding of the sector when it can take 18 months to nurture enough information to approach a donor.
He believes the guidelines will ensure that the $3-million threshold will be based on a gross turnover which would include all donations, gifts and other grants.
Maxwell says that otherwise very large organisations that are funded mainly by government grants with only small amounts of private donations would fall under the $3-million.
For example, he says, a large organisation like the Melbourne City Mission which receives $28-million dollars in government funding but less than one million in private donations would not have to comply with the new privacy laws.
Law firm Corrs Chambers Westgarth has released a briefing statement on the guidelines detailing what the legislation will require organisations to do.
Lawyer Elizabeth McCallum from Corrs says the legislation does not distinguish between charitable and non-charitable organisations. However she points to Principle 10 in the Guidelines which describes a Not for Profit as being an organisation that has only racial, ethnic, political, religious, philosophical, professional, trade, or trade union aims.
The Guidelines says if the information is collected in the course of the activities of a non-profit organisation—the following conditions must be satisfied:
(i) the information relates solely to the members of the organisation or to individuals who have regular contact with it in connection with its activities;
(2) at or before the time of collecting the information, the organisation undertakes to the individual that the organisation will not disclose the information without the individual’s consent.
McCallum says this however does not make it any easier for Not for Profits to comply with the new laws particularly in the area of direct marketing.
Many corporations have already put company resources into preparing for the Privacy Act but do you know what the charities and organisations that your company supports are doing? Do they need some expert assistance? As part of your partnership arrangements could you provide that expert advice?
If you would like a Word copy of both the Revised Privacy Guidelines or the newly released Privacy Guidelines Health Sector send an e-mail to firstname.lastname@example.org.