ICO report finds ‘disturbing disregard for voters’ privacy’ in political campaigns

Written by Jenni Davidson on 8 November 2018 in News
News

After an 18-month investigation into use of personal data, information commissioner presents report to parliament

Credit: PA

The Information Commissioner’s Office investigation into the use of personal data in political campaigns uncovered a “disturbing disregard for voters’ personal privacy” and “significant issues, negligence and contraventions of the law”.

Commissioner Elizabeth Denham said her office had “little idea of what was to come” when it began its investigation into the use of data analytics for political purposes in May 2017. The ICO this week presented to MPs a report of its findings.

The report flagged up concerns about political parties purchasing marketing lists and using profiling information and third-party analytics companies without checking that proper consents are in place.

It notes that warning letters requiring action have been sent to the 11 main political parties in the UK ahead of planned audits later this year.

Parties will be required to show they have carried out data protection impact assessments for all projects involving the use of personal data.


Related content


Earlier this year, the ICO issued Facebook with the maximum penalty of £500,000 fine for breaking data protection law, and it is pursuing a criminal prosecution against Cambridge Analytica, which has gone into administration, for failing to respond to an enforcement notice.

Canadian company AggregateIQ, which was linked to the Facebook and Cambridge Analytica scandal, was issued with an enforcement notice in July requiring it to stop using UK personal data or risk a significant fine under EU GDPR rules.

This week, it was announced that Leave.EU and controversial Brexiteer Arron Banks’ insurance company are to be fined a total of £135,000 ICO for misusing customer data during the EU referendum.

Leave.EU and Eldon Insurance will each be fined £60,000 for “serious breaches” of the 2003 Privacy and Electronic Communications Regulations.

It comes just a week after it was announced that Arron Banks is being investigated by the police over the source of a £8m loan to the Leave.EU campaign.

The ICO found that more than a million emails with marketing for Bank’s firm, Eldon Insurance, which trades GoSkippy, were sent to Leave.EU subscribers without their permission.

Leave.EU will also be fined a further £15,000 for sending 300,000 emails to Eldon Insurance customers containing a Leave.EU newsletter.

In the report, the ICO said it was also looking at how the Remain campaign handled personal data and considering whether there had been any breaches that would require further action.

About the author

Jenni Davidson is a journalist at PublicTechnology sister publication Holyrood, where a version of this story first appeared. She tweets as @HolyroodJenni.

Share this page

Tags

Categories

CONTRIBUTIONS FROM READERS

Please login to post a comment or register for a free account.

Related Articles

Government urged to commit to devolution to drive innovation and levelling-up
29 June 2022

Think tank report identifies benefits of city mayors, but finds many local officials are frustrated with current interactions with Whitehall

10 Downing St offers over £100k for data science whizz
23 June 2022

Prime minister’s in-house data science unit seeks senior manager to deliver ‘high-impact’ initiatives 

GDS spent £5m on ‘data and user insights’ last year
23 June 2022

Minister reveals organisation undertook a range of work to gain insights into performance of services

Parliament to delete data on MPs’ attendance after ministers decry FOI release
22 June 2022

Senior parliamentarians are understood to have complained about the storage and release of information collected from use of security passes