Data Security

Over Memorial Day weekend, a group called LulzSec hacked into PBS’s website and posted this image, saying it was angry about the network’s broadcast of a documentary on WikiLeaks.

LulzSec said it broke into PBS’s servers by taking advantage of a security hole in an older version of the content-management system Movable Type and out-of-date software on PBS’s servers so it could gain access to the user names and passwords.

The situation highlights the need for organizations to make sure their content-management systems are up-to-date, said Steven Backman, chief executive of Database Designs Associates, a technology consultant.

The Online Trust Alliance announced the release of its Security by Design Framework and a set of security practices for the interactive messaging ecosystem. To help combat security threats, the OTA has joined with other leading industry organizations, service and technology providers and major brands, to accelerate adoption of effective security measures. 

The ‘Security by Design Framework’ and its recommended practices are intended to provide a basis for immediate action.

Someone has hijacked the tax identity of more than 2,300 tiny or defunct nonprofits, apparently taking advantage of a hole in a new electronic Internal Revenue Service filing system to list the same person as a charitable official at the same mail box drop in Las Vegas.

The charities, most of which seem to be religious in nature, all identify a “principal officer” as one William Alexander of Non Profit Accounting Services, with a stated location at a mail-box office address on N. Rainbow Blvd. in Las Vegas.

American Crossroads GPS, an advocacy group that reported spending about $17 million on advertising before the midterm elections, generated controversy by using its nonprofit status to shield donors' identities.

As it turns out, the Internal Revenue Service hasn't even approved the group's nonprofit status. Crossroads filed an application in September but the agency has not acted on it.

Watchdog groups say that Crossroads and other groups active in campaigns are taking advantage of lax IRS enforcement to offer political donors anonymity.

The University of Connecticut is fighting in court to prevent the release of lists naming its supporters, arguing they amount to trade secrets that other institutions could use to lure away Huskies fans' dollars and loyalties.

Open-records experts say it's the first time Connecticut's courts will have to decide whether public entities, not just businesses, can invoke a trade-secret exemption to keep information private — even if it was created at public expense.

The American Future Fund, organized under a tax code provision that lets donors remain anonymous, is one of dozens of groups awash in money from hidden sources and spending it at an unprecedented rate, largely on behalf of Republicans. The breadth and impact of these privately financed groups have made them, and the mystery of their backers, a campaign issue in their own right.

“I think most people are very comfortable giving anonymously,” Mr. Sembler said. “They want to be able to be helpful but not be seen by the public as taking sides.”

In the book "Internet Management for Nonprofits," the authors provide 15 questions to consider regarding donor data security.

One thing you learn in management school is that trust, like respect, is given — not taken. It has to be earned over a long period of time and can be easily eroded by a single mishap. That is equally true of the relationship between fundraiser and donor. The fundraiser communicates the need, and the donor trusts the fundraiser as a representative of the cause to be a responsible steward of the donated money. One slip and the donor’s confidence in the cause’s ability to use the gift wisely may be damaged.

The conservative political group Citizens United has won a ruling from federal election authorities that it does not need to disclose the donors that finance its political documentaries. Citizens United successfully argued to the Federal Elections Commission that because it primarily produces films, it should be considered a media organization and be exempted from disclosure requirements for political activist groups.

No area of fundraising intertwines development staff and donors in more personal relationships than planned giving.

In many cases, all a prospective donor asks is that a development executive supply generic information about how a particular gift plan might function, what the payment rates or tax deduction might be, or whether an organization can serve as a trustee.