Friday, Oct 16 2015
Generous donors keen to make a difference to causes close to their hearts do so in a world of daily headlines about data breaches by the notorious ‘bad guys.’ More recently, charities themselves are under scrutiny for unethical fundraising practices including the exploitation of elderly and other vulnerable people. With the public at large increasingly concerned about misuse of private data, protecting donors and building trust with them is our priority at JustGiving, one of the world’s largest charitable platforms.
Social Giving is Personal
Charities and not-for-profit organizations, like many companies collect and store data to perform and improve their services and enhance user experience. But, unlike many companies, private information shared with charitable organizations can be extremely meaningful and sensitive for less obvious reasons – personal details relating to medical conditions or sexual orientation could be inferred and held against the donor, oppressive state factors could threaten lives, and more commonly, financial and identity data compromised. Charitable sympathies reveal as much or more about a person than medical records or online purchase history. What we care about is at the heart of our identities.
While awareness and protection of sensitive data is a societal movement, privacy is an ethical concern for upstanding charitable organizations. Raising money for good causes with as much as possible of the funding going to serve the underlying mission requires a delicate balance between spending wisely and using strong technology to protect the data. Consequently, JustGiving and other “tech for good” companies must be open and transparent about spending to improve security and expand charitable giving because the better the technology and platform, the more people can be reached to raise money for the causes they care about.
Donor Data Security
To establish a healthy, trusting relationship between givers and charities, organizations must consider going beyond regulations by protecting the data with the most robust technology available. Strong, clear controls over the use and sharing of their information will not only reduce risk but also provide a sense of empowerment for users over their information. Due to fiscal constraints, some charitable organizations may fall back on protections that are already available to them, such as payment tokens from their payment processors but it can lead to a false sense of security.
Taking internal control of data security should be paramount for charitable organizations as they adapt to upcoming changes in the space, including updates to PCI DSS, privacy and data residency laws, new platforms and payment methods. In JustGiving’s case, we investigated many protection methods, and landed on Protegrity’s tokenization solution as the technology of choice.
Tokenization substitutes sensitive data with random, unique fake data that retains the aspects (data type, length, etc.) and even parts of the original data when necessary. Unlike encryption, tokenization is flexible, performance-scalable and enables protected data to be completely transparent to systems and applications and because they are unique can even be used seamlessly in business processes and analytics. Using Protegrity tokenization ensures we limit the amount of sensitive data within our systems and realises our ambitions to protect our donors’ data without compromising the margins of their investment.
A Look Ahead
The inherent sensitivity of the information charitable organizations like JustGiving are responsible for means we are challenged to find creative and innovative ways to increase transparency and donor privacy, while also providing top-notch services to an ever increasing number and users.
Modern data security technologies like tokenization help create a charitable marketplace with better services today that will improve and become more efficient in the future.
While we all move forward to responsibly protect supporters, we can continue to protect and improve giving internationally to ensure that no good cause goes unfunded.
About Richard Atkinson
Richard is responsible for building the award winning JustGiving service 14 years ago. After a foray into healthcare concluded with an AIM-listing, and the turnaround and sale of a hospitality business, he returned to JustGiving 3 years ago to transform its technology capability and drive the next era of global growth. Since then JustGiving has established itself as the world’s largest fundraising platform, raising over half a billion dollars in 2014 alone, and since its inception helping 22 million people in 164 countries raise over three billion dollars for 12,500 good causes.
Last modified on Friday, 16 October 2015