ICO Invites Views on Data Use in Political Campaigns

In the UK, Information Commissioner Elizabeth Denham has asked for views on a code of practice covering the use of data in campaigns and elections. This follows what she describes as 'disturbing disregard' for voters' personal privacy by players across the political eco-system.

For the past eighteen months, Denham (pictured) has been investigating the use of data analytics for political purposes, and earlier today she presented her Office's report to Parliament's DCMS Select Committee. At the launch of the investigation, Denham said she and the ICO were concerned about invisible processing - the 'behind the scenes' algorithms, analysis, data matching and profiling that involve people's personal information.

Denham has also called for the UK Government to consider where there are regulatory gaps in the current data protection and electoral laws, and her team is working with the Electoral Commission, law enforcement and other regulators in the UK to increase transparency in election campaign techniques. While Denham says that voluntary initiatives by the social media platforms are welcome, she believes a self-regulatory approach will not guarantee consistency, rigour or shore up public confidence. Commenting on the initiative, Denham said: 'We may never know whether individuals were unknowingly influenced to vote a certain way in either the UK EU referendum or the in US election campaigns. But we do know that personal privacy rights have been compromised by a number of players and that the digital electoral ecosystem needs reform'.

Last month, Facebook received the maximum pre-GDPR fine of £500k from the ICO, for failing to protect users' personal information in the recent Cambridge Analytica (CA) data breach. In addition, the ICO has fined pro-leave campaign group Leave.EU and Eldon Insurance, a company owned by Leave.EU co-founder Arron Banks, £60k each for 'serious breaches' of the Privacy and Electronic Communications Regulations 2003 (PECR), legislation which sets the requirements for opt in, opt out and unsubscribe rights of the individual. ICO also issued a notice of intent to fine Leave.EU £15k for a separate breach of PECR, after almost 300,000 e-mails were sent to Eldon Insurance (trading as GoSkippy) customers containing a Leave.EU newsletter. The report also confirms that it is still investigating allegations about use of data by Vote Leave, and on the Remain side, the Liberal Democrats and Open Britain.

Web site: www.ico.org.uk .