Keir Starmer leadership camp denies ‘data scraping’ allegations

Members of his team argue they were pen-testing the Labour Party membership database

Members of Sir Keir Starmer MP’s team campaigning for the Labour leadership have claimed that they were performing penetration-testing on a database following party complaints that the campaign may have violated data protection laws.

The Labour Party officially reported two members of Starmer’s campaign team to the Information Commissioner’s Office (ICO) over the weekend, alleging they engaged in ‘data scraping’ from a central database. 

The leadership candidate wrote to party members, however, denying any members of his team engaged in wrongdoing, according to BBC News, instead suggesting they were undergoing a process of pen-testing.

The members allegedly combed through the central party database, known as Dialogue, in order to obtain a subset of information about members in order to make calls for campaigning purposes.

Advertisement - Article continues below
Advertisement - Article continues below

Starmer has argued they were investigating the database for possible means of intrusion, however, in a letter addressed to party members.

“We categorically reject these nonsensical allegations and are incredibly disappointed that they have been leaked to the media,” a spokesperson from Starmer’s campaign told IT Pro.

“We are still awaiting the party’s formal response to the serious concerns we and others had about access to Labour Party membership data.”

Jenny Chapman MP, who is organising Starmer’s leadership campaign, branded the allegations as “utter, utter nonsense” and suggested the incident didn’t happen.

“This isn't even a situation where you say 'some over-enthusiastic young volunteers may have done it'. It didn't happen,” Chapman told BBC Radio 5 Live.

"We wrote to the Labour Party, and we thought that was the end of it as far as we were concerned. And the next thing you know, a couple of people on our campaign get letters saying 'actually we think you have done something wrong'.”

Advertisement - Article continues below

"Labour members want a fair contest. Whoever decided to send these threatening letters to people on the Starmer campaign and then leak it to the BBC are not really doing the Labour Party or their preferred candidate any favours."

Related Resource

How targeted simulations differ from penetration tests and vulnerability scanning

Stay one step ahead of cyber attackers

Download now

The ICO confirmed that it had received reports of a data breach from the Labour Party in relation to the membership database, and that it would be investigating the allegations.

Chapman added that the leadership campaign of Starmer’s key rival, Rebecca Long-Bailey MP, had similarly engaged in a concerning breach of data protection rules recently.

She accused the rival campaign of having linked supporters to a database of the central Labour Party’s phone bank through emails last week. The team for Long-Bailey suggested this was done as a mistake.

Advertisement - Article continues below

The fact that serious data protection allegations have been launched against the key front-runners for Labour leadership raises concerns over whether those behind them truly understand the nature of data protection laws.

The Labour Party had previously reported a data breach to the ICO in February last year after a handful of MPs resigned their membership to join the Independent Group (TIG). The party had accused the former MPs of improperly accessing party systems to contact party members after their resignation.

Featured Resources

Digital Risk Report 2020

A global view into the impact of digital transformation on risk and security management

Download now

6 ways your business could suffer if you don’t backup Office 365

Office 365 makes it easy to lose valuable data regularly, unpredictably, unintentionally, and for good

Download now

Get the best out of your workforce

7 steps to unleashing their true potential with robotic process automation

Download now

8 digital best practices for IT professionals

Don't leave anything to chance when going digital

Download now


General Data Protection Regulation (GDPR)

Irish data regulator racks up GDPR cases against Big Tech

24 Feb 2020
data management

EU-US data transfer tools used by Facebook ruled legal

19 Dec 2019

Arcserve UDP 9240DR review: Beef up your backups

4 Apr 2019

Most Popular


How to use Chromecast without Wi-Fi

5 Feb 2020
operating systems

How to fix a stuck Windows 10 update

12 Feb 2020

The top ten password-cracking techniques used by hackers

10 Feb 2020

Microsoft to add Defender antivirus software to Linux, iOS and Android

21 Feb 2020