The Evil Opportunists: Please Donate Your Personal Details

The Evil Opportunists: Please Donate Your Personal Details The ABC recently revealed that a number of popular Australian not-for-profit charity organisations (NPCO’s) were inadvertently involved in a data leak when a Brisbane based telemarketing company that contacted potential donors was hacked by cyber criminals. The data leak led to the personal information of the charitable benefactors being uploaded to the dark web.[1] Well known charities such as the Cancer Council, Canteen and The Fred Hollows Foundation were confirmed as having donors’ personal data compromised. However, it is understood that more than 70 other Australian charities use the company responsible for the breach to contact potential donors. In light of such data breaches, should Australian NPCO’s place greater priority on measures that safeguard donor data and maintain public trust? Australian Charities Snapshot Australians have a long history of supporting charitable causes with the first Australian private charity dating back to 8 May 1813, when what is now known as the Benevolent Society was formed, which was the first charitable organisation dedicated to meeting the needs of vulnerable groups.[2] Today, the list of NPCO’s in Australia has expanded to include: approximately 60,000 charities, which equates roughly to one charity for every 433 Australians; the employment of 1.42 million Australians, which account for 10.5% of all Australian employees; the collection of $13.4 billion in donations in 2021 alone; holding approximately $31 billion in assets; and the distribution of $9.7 billion annually through grants and donations.[3] These statistics highlight the willingness of Australians to donate, and how prevalent charities are in Australian society. Therefore, given the recent data breach (and how many more have there been that we aren’t aware of), should Australian’s be concerned with the governance, structure and security of NPCO’s? What defines an NPCO? There a very strict compliance rules and obligations for an organisation to be recognised, and operate, as an NPCO in Australia. NPCO’s are governed by the Charities Act 2013 (Cth) (Act), which is administered by the Australian Charities and Not-for-profit Commission (ACNC). The Act states that to be recognised as a charity, an organisation must: be not-for-profit; have only charitable purposes that are for the public benefit; not have a disqualifying purpose (which are engaging in, or promoting activities that are unlawful or contrary to public policy; and promoting or opposing a political party or candidate for political office); and not be an individual, a political party or a government entity. How to create an NPCO Firstly, anyone who wishes to create an NPCO must have the correct legal structure for their specific organisation, as different legal structures create different legal obligations and provide different benefits and drawbacks. When deciding on a legal structure, any potential NPCO must consider (among other things): the charity’s size and how complex its activities will be; whether it will have employees or volunteers; the potential personal liability of members or office holders; and any eligibility for tax concessions. The most common legal structures for an NPCO in Queensland are an [...]