ICO warns politicians against misusing data in 2019 election
Parties are reminded to follow the law in light of threats of data abuse and voter targeting
Political parties must be clear about how they have obtained, and how they use, personal data for campaigning purposes, the Information Commissioner's Office (ICO) has warned.
Ahead of the next general election, the ICO has urged politicians to ensure they can demonstrate they have complied with the law, as well as any third-party platforms or data analytics providers they use.
The UK's data regulator has written to all prominent political parties, from Labour and the Conservatives to the Independent Group for Change and UKIP, in light of findings that data was abused for political campaigning purposes.
Vote Leave, for instance, was fined 40,000 for sending unlawful and unsolicited text messages prior to the EU referendum in 2016. Aaron Banks' insurance firm and Leave.EU, similarly, was issued with a 120,000 fine following a probe into these organisations' marketing practices.
"Following the announcement of a General Election on 12 December, I am writing to remind you of the continuing need to comply with data protection and electronic marketing laws," Elizabeth Denham has said in an open letter.
"People's awareness of their data protection rights has never been greater, and their expectations that those rights are respected never higher. Compliance with these laws is vital to the trust and confidence in the democratic system."
Denham aimed to emphasise several key requirements, especially a reminder that data protection laws, such as the Data Protection Act 2018, and electronic marketing rules, apply both before and during the election period.
Beyond ensuring there are records of compliance, political parties must have appropriate records of consent from individuals in order to send political messages through various channels such as text or email.
Trends in modern data protection
A comprehensive view of the data protection landscapeDownload now
Parties must also identify the lawful bases for processing special category data, such as ethnicity or political opinions, if applicable.
"People expect their personal information to be used in line with law, and where that doesn't happen in digital campaigning, there's a danger that public trust and confidence in the broader democracy process is damaged," Denham continued.
"It's crucial that candidates and campaigners get this right, and the ICO will be monitoring the situation throughout."
The Electoral Reform Society (ERS) previously warned about the 'wild west' of online political campaigning, arguing that tech companies cannot be trusted to deal with such issues alone.
Its findings echoed with the ICO's suggestions that political parties must work with the government to establish a legally-binding framework for digital campaigning, in the rise of such threats as "foreign interference and dodgy dealings".
Four cyber security essentials that your board of directors wants to know
The insights to help you deliver what they needDownload now
Data: A resource much too valuable to leave unprotected
Protect your data to protect your companyDownload now
Improving cyber security for remote working
13 recommendations for security from any locationDownload now
Why CEOS should care about the move to SAP S/4HANA
And how they can accelerate business valueDownload now