Arron Banks's firm and Leave.EU face £135k fines over data misuse
Brexit campaign group Leave.EU and the Eldon Insurance company, owned by Arron Banks, face fines totalling £135,000 over breaches of data laws, a report from the information commissioner, Elizabeth Denham, has confirmed.
The report, released on the commissioner’s website, stated that Leave.EU and Eldon – trading as GoSkippy – were each being fined £60,000 for “serious breaches” of the law that governs electronic marketing.
A separate £15,000 fine has been levied against Leave.EU for a further breach of email regulations in the opposite direction, sending 300,000 emails to Eldon customers with a Leave.EU newsletter.
In her report, Denham said she found “a disturbing disregard for voters’ personal privacy” has been uncovered by the Information Commissioner’s Office investigation into the political uses of voters’ data.
She said: “Personal privacy rights have been compromised by a number of players” adding that the digital electoral ecosystem needed reform.
Denham said the ICO’s investigation involved 71 witnesses, 30 organisations with data practices under review, and more than 700 terabytes of data being assessed by investigators.
Eleven UK political parties have received warning notices demanding action on data protection, the report said, with the threat of possible audits later in the year.
The activities of the now-defunct Cambridge Analytica also continue to face scrutiny. The ICO said it had ordered the company to “deal properly” with a personal data request from David Carroll, a US professor.
It added that the company would be facing a substantial fine had it not already collapsed into administration in the wake of the Facebook data-harvesting scandal.
The wide-ranging investigation also continues to scrutinise data brokers and their relationship with the UK political scene. Three leading data brokers, including Experian, have been issued with assessment notices.
The ICO has described its investigation, launched in 2017 following revelations in the Observer newspaper, as “the most complex data protection investigation we have ever conducted”. More than 40 full-time investigators are examining data from servers either voluntarily surrendered or seized by the ICO, with information held in the cloud also being assessed.
Referrals have also been made to other law enforcement offices in the UK and overseas due to the suggestion of “offences beyond the scope of the ICO’s legal remit”.
The ICO said it was vital for voters to understand how their data was being used to engineer the targeting of political messages. “Without a high level of transparency and trust amongst citizens that their data is being used appropriately, we are at risk of developing a system of voter surveillance by default,” the report said.
The organisation said it was time for a statutory code of practice to clearly set out the law for political parties, data brokers and campaigners. “There is no turning back the clock – digital elections are here to stay,” it said.