Tech

UK political parties accused of misusing data privacy rules

LONDON — British political parties are pushing the legal limits on how they collect peoples data as part of their digital campaigns, according to a new report published Tuesday.

The research, from the Open Rights Group, which campaigns on digital rights issues, claims the United Kingdoms three largest political parties — the Conservatives, Labour and Liberal Democrats — are using loopholes in the countrys privacy rules to aggressively harvest peoples data without their consent and target potential voters.

The political parties said they had complied with the countrys data protection rules. But Open Rights Group urged the U.K.s privacy regulator to take action looking into how local political parties collect, store and use peoples personal information in ways that often mimic the data collection tactics of large social media companies.

The use of peoples personal information — everything from data collected from the countrys electoral register to information bought from third-party data brokers — has now become the lifeblood of digital electioneering. The government has yet to pass new rules to police such online activity despite regulators calling for a revamp of existing rules.

“Political parties have spent the last three years accusing social media giants over collecting too much of peoples data, but they are doing it themselves,” said Pascal Crowe, a data and democracy project officer at the campaign group. “Labour, the Lib Dems and the Conservatives should practice what they preach when it comes to voters personal data.”

According to Open Rights Group, Labour was the most aggressive in how they collected and used peoples personal information.

To assess how U.K. political parties collected peoples data, Open Rights Group asked almost 500 U.K. citizens to submit so-called subject access requests, or petitions to political parties for them to turn over all information they held on individuals, to the countrys main political groups. In total, the campaigners received responses for just 26 people, due to technical and legal hurdles, a small sample size compared to the U.K.s 45 million estimated voters.

Despite the low number of responses, the data offered insight into how political parties targeted would-be supporters.

The Conservatives and Liberal Democrats provided people with access to their data within the legally-mandated one month window. Labour did not, even months after the initial requests were submitted, though Open Rights Group had previously received similar voter information from Labour to compare with the data provided by the other two political parties.

Using information from the electoral register, third-party data brokers and their own data collection techniques, all three political parties were able to piece together complex profiles of would-be voters.

According to Open Rights Group, Labour was the most aggressive in how they collected and used peoples personal information, gaining insight into voters intentions based on the make-up of individual households, peoples incomes and if the party believed the would-be supporter had voted for Brexit. Labour had at least 80 different categories that it relied on to segment British voters, based on the subject access requests.

The Conservatives also used data from the electoral register and third-party companies to ascertain peoples religious affiliations, nationality and even if they regularly read the Daily Mail, according to the groups research. The Liberal Democrats similarly used online data sources to guess voters ages, political affiliations and if they voted for the Brexit Party in the countrys general election last December.

How the political parties collected this data, often linked to sensitive subjects like voting intentions and religion, remains in a gray legal area, according to privacy experts. Open Rights Groups claimed all three groups had broken the countrys data protection rules to improve their electoral chances.

In particular, the campaigners said they had misused data protection provisions that allow political parties to collect and use peoples personal information, without their consent, for so-called “democratic engagement” — a term used to describe governments interaction with citizens to promote involvement in a countrys political process.

The parties have said previously that their use of this rule is legal under U.K. law. They did not respond specifically to Open Rights Groups complaints.

“Targeting people to receive political messaging is a normal part of democratic engagement,” Alan Mabbutt, the Conservative Partys legal officer, wrote to U.K. lawmakers last month.

But Ravi Naik, a digital rights lawyer working on behalf of Open Rights Group, said that groups could only rely on this provision to collect peoples information when it was strictly necessary for democratic engagement like informing voters about an upcomingRead More – Source