Keir Starmer leadership camp denies ‘data scraping’ allegations

Members of his team argue they were pen-testing the Labour Party membership database

Members of Sir Keir Starmer MP’s team campaigning for the Labour leadership have claimed that they were performing penetration-testing on a database following party complaints that the campaign may have violated data protection laws.

The Labour Party officially reported two members of Starmer’s campaign team to the Information Commissioner’s Office (ICO) over the weekend, alleging they engaged in ‘data scraping’ from a central database. 

The leadership candidate wrote to party members, however, denying any members of his team engaged in wrongdoing, according to BBC News, instead suggesting they were undergoing a process of pen-testing.

The members allegedly combed through the central party database, known as Dialogue, in order to obtain a subset of information about members in order to make calls for campaigning purposes.

Starmer has argued they were investigating the database for possible means of intrusion, however, in a letter addressed to party members.

“We categorically reject these nonsensical allegations and are incredibly disappointed that they have been leaked to the media,” a spokesperson from Starmer’s campaign told IT Pro.

“We are still awaiting the party’s formal response to the serious concerns we and others had about access to Labour Party membership data.”

Jenny Chapman MP, who is organising Starmer’s leadership campaign, branded the allegations as “utter, utter nonsense” and suggested the incident didn’t happen.

“This isn't even a situation where you say 'some over-enthusiastic young volunteers may have done it'. It didn't happen,” Chapman told BBC Radio 5 Live.

"We wrote to the Labour Party, and we thought that was the end of it as far as we were concerned. And the next thing you know, a couple of people on our campaign get letters saying 'actually we think you have done something wrong'.”

"Labour members want a fair contest. Whoever decided to send these threatening letters to people on the Starmer campaign and then leak it to the BBC are not really doing the Labour Party or their preferred candidate any favours."

Related Resource

How targeted simulations differ from penetration tests and vulnerability scanning

Stay one step ahead of cyber attackers

Download now

The ICO confirmed that it had received reports of a data breach from the Labour Party in relation to the membership database, and that it would be investigating the allegations.

Chapman added that the leadership campaign of Starmer’s key rival, Rebecca Long-Bailey MP, had similarly engaged in a concerning breach of data protection rules recently.

She accused the rival campaign of having linked supporters to a database of the central Labour Party’s phone bank through emails last week. The team for Long-Bailey suggested this was done as a mistake.

The fact that serious data protection allegations have been launched against the key front-runners for Labour leadership raises concerns over whether those behind them truly understand the nature of data protection laws.

The Labour Party had previously reported a data breach to the ICO in February last year after a handful of MPs resigned their membership to join the Independent Group (TIG). The party had accused the former MPs of improperly accessing party systems to contact party members after their resignation.

Featured Resources

Preparing for AI-enabled cyber attacks

MIT technology review insights

Download now

Cloud storage performance analysis

Storage performance and value of the IONOS cloud Compute Engine

Download now

The Forrester Wave: Top security analytics platforms

The 11 providers that matter most and how they stack up

Download now

Harness data to reinvent your organisation

Build a data strategy for the next wave of cloud innovation

Download now

Most Popular

RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021
Square to acquire Afterpay for $29 billion
mergers and acquisitions

Square to acquire Afterpay for $29 billion

2 Aug 2021
Zyxel USG Flex 200 review: A timely and effective solution
Security

Zyxel USG Flex 200 review: A timely and effective solution

28 Jul 2021