Keir Starmer leadership camp denies ‘data scraping’ allegations

Members of his team argue they were pen-testing the Labour Party membership database

Members of Sir Keir Starmer MP’s team campaigning for the Labour leadership have claimed that they were performing penetration-testing on a database following party complaints that the campaign may have violated data protection laws.

The Labour Party officially reported two members of Starmer’s campaign team to the Information Commissioner’s Office (ICO) over the weekend, alleging they engaged in ‘data scraping’ from a central database. 

The leadership candidate wrote to party members, however, denying any members of his team engaged in wrongdoing, according to BBC News, instead suggesting they were undergoing a process of pen-testing.

The members allegedly combed through the central party database, known as Dialogue, in order to obtain a subset of information about members in order to make calls for campaigning purposes.

Starmer has argued they were investigating the database for possible means of intrusion, however, in a letter addressed to party members.

“We categorically reject these nonsensical allegations and are incredibly disappointed that they have been leaked to the media,” a spokesperson from Starmer’s campaign told IT Pro.

“We are still awaiting the party’s formal response to the serious concerns we and others had about access to Labour Party membership data.”

Jenny Chapman MP, who is organising Starmer’s leadership campaign, branded the allegations as “utter, utter nonsense” and suggested the incident didn’t happen.

“This isn't even a situation where you say 'some over-enthusiastic young volunteers may have done it'. It didn't happen,” Chapman told BBC Radio 5 Live.

"We wrote to the Labour Party, and we thought that was the end of it as far as we were concerned. And the next thing you know, a couple of people on our campaign get letters saying 'actually we think you have done something wrong'.”

"Labour members want a fair contest. Whoever decided to send these threatening letters to people on the Starmer campaign and then leak it to the BBC are not really doing the Labour Party or their preferred candidate any favours."

Related Resource

How targeted simulations differ from penetration tests and vulnerability scanning

Stay one step ahead of cyber attackers

Download now

The ICO confirmed that it had received reports of a data breach from the Labour Party in relation to the membership database, and that it would be investigating the allegations.

Chapman added that the leadership campaign of Starmer’s key rival, Rebecca Long-Bailey MP, had similarly engaged in a concerning breach of data protection rules recently.

She accused the rival campaign of having linked supporters to a database of the central Labour Party’s phone bank through emails last week. The team for Long-Bailey suggested this was done as a mistake.

The fact that serious data protection allegations have been launched against the key front-runners for Labour leadership raises concerns over whether those behind them truly understand the nature of data protection laws.

The Labour Party had previously reported a data breach to the ICO in February last year after a handful of MPs resigned their membership to join the Independent Group (TIG). The party had accused the former MPs of improperly accessing party systems to contact party members after their resignation.

Featured Resources

Choosing a collaboration platform

Eight questions every IT leader should ask

Download now

Performance benchmark: PostgreSQL/ MongoDB

Helping developers choose a database

Download now

Customer service vs. customer experience

Three-step guide to modern customer experience

Download now

Taking a proactive approach to cyber security

A complete guide to penetration testing

Download now

Recommended

Geico data breach leads to stolen driver’s license numbers
data breaches

Geico data breach leads to stolen driver’s license numbers

21 Apr 2021
1Password targets enterprise customers with Secrets Automation
IT infrastructure

1Password targets enterprise customers with Secrets Automation

14 Apr 2021
The definitive guide to IT security
Whitepaper

The definitive guide to IT security

9 Apr 2021
Ubiquiti insider says the company downplayed the severity of a major breach
data breaches

Ubiquiti insider says the company downplayed the severity of a major breach

31 Mar 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021
UK exploring plans to launch its own digital currency
digital currency

UK exploring plans to launch its own digital currency

19 Apr 2021