Canadian watchdog says Brexit data firm broke privacy laws

AggregateIQ didn't do enough to ensure it had the right to share voter information with Facebook, report says

A Canadian data company that worked with a leading pro-Brexit group broke privacy laws, according to a report by Canada's federal privacy commissioner.

AggregateIQ (AIQ), which also worked with a number of US political campaigns, did not take adequate measures to ensure it had the authority to disclose voter information, the report said. 

The firm was hired by Vote Leave in 2016 to create Facebook advertisements aimed at potential voters. The British Columbia-based business used online data gathered by Vote Leave and disclosed it to Facebook. 

However, the pro-Brexit group hadn't explained to respondents that their information might be shared with the social network, according to the commissioner's report, and AIQ didn't do enough to make sure it had the right to use the information. 

Advertisement
Advertisement - Article continues below

The report also cited concerns about AIQ's work with US election campaigns, particularly with the Strategic Communications laboratories – the former name of the SCL Group, the parent company of Cambridge Analytica

"When the company used and disclosed the personal information of Vote Leave supporters to Facebook... it went beyond the purposes for which Vote Leave had consent to use that information," the report said, according to The Guardian.

"When AIQ failed to ensure it had meaningful consent from the individuals whose personal information it collected, used, or disclosed, it contravened British Columbia and Canadian privacy laws."

AggregateIQ was the first firm to be hit with a GDPR enforcement notice back in September 2018. This was handed to it by the UK's own data regulator, the ICO. The notice was sent in July and said the firm must stop processing the personal data of UK or EU citizens obtained from political groups, or face a heavy financial penalty. 

Related Resource

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

The ICO also fined the Vote Leave campaign £40,000 in March 2019 for sending unlawful and unsolicited text messages prior to the EU referendum. 

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Most Popular

Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019
Visit/business/business-strategy/354195/where-modernisation-and-sustainability-meet-a-tale-of-two
Sponsored

Where modernisation and sustainability meet: A tale of two benefits

25 Nov 2019