ICO report finds ‘disturbing disregard for voters’ privacy’ in political campaigns

Written by Jenni Davidson on 8 November 2018 in News
News

After an 18-month investigation into use of personal data, information commissioner presents report to parliament

Credit: PA

The Information Commissioner’s Office investigation into the use of personal data in political campaigns uncovered a “disturbing disregard for voters’ personal privacy” and “significant issues, negligence and contraventions of the law”.

Commissioner Elizabeth Denham said her office had “little idea of what was to come” when it began its investigation into the use of data analytics for political purposes in May 2017. The ICO this week presented to MPs a report of its findings.

The report flagged up concerns about political parties purchasing marketing lists and using profiling information and third-party analytics companies without checking that proper consents are in place.

It notes that warning letters requiring action have been sent to the 11 main political parties in the UK ahead of planned audits later this year.

Parties will be required to show they have carried out data protection impact assessments for all projects involving the use of personal data.


Related content


Earlier this year, the ICO issued Facebook with the maximum penalty of £500,000 fine for breaking data protection law, and it is pursuing a criminal prosecution against Cambridge Analytica, which has gone into administration, for failing to respond to an enforcement notice.

Canadian company AggregateIQ, which was linked to the Facebook and Cambridge Analytica scandal, was issued with an enforcement notice in July requiring it to stop using UK personal data or risk a significant fine under EU GDPR rules.

This week, it was announced that Leave.EU and controversial Brexiteer Arron Banks’ insurance company are to be fined a total of £135,000 ICO for misusing customer data during the EU referendum.

Leave.EU and Eldon Insurance will each be fined £60,000 for “serious breaches” of the 2003 Privacy and Electronic Communications Regulations.

It comes just a week after it was announced that Arron Banks is being investigated by the police over the source of a £8m loan to the Leave.EU campaign.

The ICO found that more than a million emails with marketing for Bank’s firm, Eldon Insurance, which trades GoSkippy, were sent to Leave.EU subscribers without their permission.

Leave.EU will also be fined a further £15,000 for sending 300,000 emails to Eldon Insurance customers containing a Leave.EU newsletter.

In the report, the ICO said it was also looking at how the Remain campaign handled personal data and considering whether there had been any breaches that would require further action.

About the author

Jenni Davidson is a journalist at PublicTechnology sister publication Holyrood, where a version of this story first appeared. She tweets as @HolyroodJenni.

Share this page

Tags

Categories

CONTRIBUTIONS FROM READERS

Please login to post a comment or register for a free account.

Related Articles

What does the tech industry make of the withdrawal agreement?
16 November 2018

Trade association techUK has backed the proposed deal – but campaign group Tech For UK is fervently calling for a public vote

Brexit withdrawal agreement sets 2021 deadline for UK access to 25 European IT systems
15 November 2018

The UK will be shut out of many European networks and databases over the next few years – and will have to pay the EU for access in the meantime, under terms of Brexit deal

Canadian PM: People are anxious about tech – we need to empower them
12 November 2018

At GovTech Summit in Paris, Justin Trudeau speaks of need for government to ensure technology provides a ‘positive alternative’

Related Sponsored Articles

Balancing security and digital transformation
26 October 2018

With the annual worldwide cost of cybercrime set to double from $3tn in 2015 to $6tn by 2021, BT offers advice on how chief information security officers can better protect their...