Labour reports departed MP to information commissioner on data breach claim

Written by Kevin Schofield on 25 February 2019 in News

Party alleges that Joan Ryan's actions breached GDPR and the Data Protection Act

Credit: CROFT MALCOLM CROFT/PA Archive/PA Images

Labour has reported one of the rebel MPs who quit last week to the Information Commissioner over claims she tried to access sensitive data held by the party.

Joan Ryan has denied the alleged data breach, which is said to have taken place after she and seven of her colleagues resigned to join The Independent Group. Labour officials cut off access to its canvassing software earlier this week, claiming unauthorised attempts had been made to access membership lists.

In an email to MPs and staff last week, general secretary Jennie Formby said: "The party’s elected representatives, at all levels, have a proud record of conscientiously observing their obligations in relation to personal data. In recent days, however, the party has become aware of a number of attempts to access personal data held on the party’s systems by individuals who are not, or are no longer, authorised to do so."

Labour sources said the alleged breach had been carried out by a member of the Independent Group.

Related content

Ryan, the MP for Enfield North, told The Guardian: "I have no idea what Jennie Formby is talking about. Neither I nor my office have accessed or used any Labour party data since I resigned the Labour whip and my membership of the Labour party.”

Chris Leslie, another former Labour MP who is now in The Independent Group, has accused the party of "throwing mud" in a bid to smear the rebels.

A Labour spokesperson said: "The party became aware of attempts to access personal data held on the party’s systems for unauthorised use. Personal data the party holds about individuals is protected by law, under the GDPR and Data Protection Act 2018. We are aware that the information commissioner is taking an increasingly serious view of misuse of personal data and requires a data controller to take reasonable and proportionate steps to ensure the security of data held on its systems. The Labour party takes our data protection obligations extremely seriously.”

About the author

Kevin Schofield is editor of PublicTechnology sister publication PoliticsHome, where a version of this story first appeared.

Share this page




Please login to post a comment or register for a free account.

Related Articles

Related Sponsored Articles

Interview: CyberArk EMEA chief on how government has become a security leader
29 May 2020

PublicTechnology talks to Rich Turner about why organisations need to adopt a ‘risk-based approach’ to security – but first make sure they get the basics right