ORG claims voter profiles are inaccurate and illegal

Open Rights Group demands leading parties stop using claimants data for microtargeting election campaigns

Campaigners are considering suing the three leading political parties for misuse of data, saying they may have breached data protection laws by using information to profile voters.

The Open Rights Group (ORG) has sent pre-action letters to the Conservatives, Labour and the Liberal Democrats just days ahead of the election demanding they stop using the data on three specific claimants and delete any existing profile, adding that they would like clarity about how the data was used and from where it was sourced.

The potential legal action centres on the use of personal data to create profiles on voters to focus campaigning efforts. According to ORG, political parties are buying data from sources such as data broker Experian, which creates and maintains profiles for credit checks, in order to score voters on their likeliness of voting one way or another, labelling individuals as "metropolitan elite" or "soft Tory".

Pascal Crowe, data and democracy project officer at ORG, said such activity may not be legal, could be damaging to democracy, and likely aren't even accurate.

"Faith in democratic outcomes rests on a shared democratic process and profiling voters to create micro-targeted audiences undermines that," he says. "It’s use is even more baffling given that we often don’t recognise our profiles. They are not even profiling accurately. But political parties are seemingly unquestioning of the authority of numbers. These techniques should not be used to determine political activity and engagement. They are dishonest, inaccurate, and anti-democratic."

Beyond Experian, it's unclear where the data is coming from, though ORG says two of the parties appear to be sourcing email addresses from local election registers and online voter registration tools which the claimants argue is not legal. It's also unclear, the activist group says, who else the parties are sharing the data with, such as campaign consultancies.

The legal letters are non-partisan, the ORG stressed, noting that each party's behaviour raised different questions. The Conservative Party used names and addresses to guess one claimant's age, without consent or explanation as to why. The Labour Party scored individuals via personal data using a system that was "unintelligible", and failed to respond to a subject access request within the legal time limit. And the Liberal Democrats failed to explain where they sourced third-party data to profile individual voters.

Related Resource

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

"Our clients requested their information from the Parties and were presented with unclear and incomplete responses," said Ravi Naik, a partner at ITN Solicitors, who is representing the ORG's claimants and previously represented an American academic who sued Cambridge Analytica over data abuse.

"We have therefore written to the parties, outlining our clients' concerns about the use of their data. This includes a challenge to the legality of the wider processing activities." 

In response to the pre-action letters, each of the parties told The Guardian that they fully comply with the law; Naik told the newspaper that the ORG was considering "all options" for a next step, including a high court injunction to halt data processing.

To help Brits find out what data the political parties hold about them, ORG has built an automated subject-access request tool, which is available here. Parties have 30 days to comply under law.

Featured Resources

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Simplify cluster security at scale

Centralised secrets management across hybrid, multi-cloud environments

Download now

The endpoint as a key element of your security infrastructure

Threats to endpoints in a world of remote working

Download now

2021 state of IT asset management report

The role of IT asset management for maximising technology investments

Download now

Recommended

Webhose and Signal Corp boost data breach detection
Security

Webhose and Signal Corp boost data breach detection

7 Oct 2020
ICO to relax GDPR enforcement during coronavirus economic downturn
General Data Protection Regulation (GDPR)

ICO to relax GDPR enforcement during coronavirus economic downturn

16 Apr 2020
The NHS teams up with Apple and Google on coronavirus tracking app
privacy

The NHS teams up with Apple and Google on coronavirus tracking app

14 Apr 2020
Health sites are 'unlawfully' sharing medical data with Facebook and Google
data protection

Health sites are 'unlawfully' sharing medical data with Facebook and Google

7 Apr 2020

Most Popular

Do smart devices make us less intelligent?
artificial intelligence (AI)

Do smart devices make us less intelligent?

19 Oct 2020
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

21 Oct 2020
What is Neuralink?
Technology

What is Neuralink?

24 Oct 2020