Skip to content
Join our Newsletter

B.C. political parties exploiting your data: privacy watchdog

Politicians exhorted to do better job of explaining need for personal info
Michael McEvoy
Privacy commissioner Michael McEvoy is urging the NDP, Greens and Liberals to do a better job of providing a simple explanation to voters as to why their information is being collected and what it's being used for.

B.C. political parties are collecting too much personal information from voters without consent, including sensitive details such as ethnicity and religion, B.C.’s privacy watchdog says in a new report.

The B.C. NDP, the B.C. Greens and the B.C. Liberals also shared people’s email addresses with social media giant Facebook in order to send targeted ads and identify other potential voters with similar political leanings, information and privacy commissioner Michael McEvoy said in the report.

McEvoy urged B.C.’s three main political parties to do a better job of providing a simple explanation to voters as to why their information is being collected and what it’s being used for.

Many of the recommendations centre around how personal information is collected from or shared with social media platforms, which have become powerful tools in targeting voters based on their ideological views.

The report, Full Disclosure: Political Parties, Campaign Data, and Voter Consent, was sparked by several complaints about how B.C. political parties use voter information and in the wake of the data breach scandal that centred around U.K.-based Cambridge Analytica, which manipulated Facebook data to psychologically profile voters before the U.S. presidential election.

McEvoy did not find evidence of widespread data manipulation, but said it’s important to ensure all parties are following privacy laws before they become “too tempted by the use of profiling technology.”

The report investigated how the three main parties manage the personal information of British Columbians. The parties were chosen because they requested the entire voters list from Elections B.C. in the 2017 provincial election.

Individuals should be asked permission before political parties scrape their personal information from social media and must give consent before their email addresses are disclosed to social media providers, McEvoy said.

The report found that all three parties provided email addresses or donor lists to Facebook so that the social media giant could match the names to Facebook profiles and send targeted ads. Facebook also used its “lookalike” audience tool to identify potential party supporters based on their ideological views, the pages they like or the information they share.

During door-to-door canvassing, the report found that canvassers would note someone’s ethnicity or religion, not by asking them, but guessing based on their appearance.

“If it’s awkward and they think the person is not going to say ‘yes,’ that identifies your problem right there,” McEvoy said.

“If the voter would not want the information recorded, people have a right to control how information is collected about them.”

Often canvassers were not asked to collect this information, but after they did, it was used by the party anyway, McEvoy said.

McEvoy said political parties are allowed to collect and use personal information, but only if they have someone’s consent. Consent doesn’t mean a line hidden in a 25-page privacy policy, McEvoy said, but explicitly requested.

In March 2018, tens of thousands of Green Party supporters were told that their personal information was accessed by AggregateIQ, the Victoria tech company that allegedly worked with political consulting firm Cambridge Analytica to mine personal data and influence elections around the world, including the Brexit vote and the 2016 U.S. presidential election.

The B.C. Greens hired AggregateIQ to work on a new voter contact database and website in advance of the 2017 provincial election. The party said an internal privacy review found no evidence that the personal data, including names, email addresses, home addresses and phone numbers, was misused.

Green Party director of communications Stefan Jonsson told the Times Colonist that in the last year, the party has already made some of the changes recommended in McEvoy’s report. The party has stopped using a person’s email address to scrape information from public Facebook profiles and stopped collecting public Facebook information from someone who likes or shares the party’s social media content, Jonsson said. Anyone’s information that was obtained using these methods will be destroyed, he said.

The party has also made it easier for people to find out what personal information has been collected by the B.C. Green Party and implemented new privacy training standards for campaign staff and volunteers.

This could make it more difficult for the party to target potential supporters through digital ads, but the move will earn voters’ trust, Jonsson said.

“My assertion is [voters are] more likely to share their information if we are forthright and proactive in protecting it.”

Colin Bennett, a University of Victoria political scientist who specializes in privacy protection legislation, said the report marks the first time a Canadian privacy commissioner has investigated the data collection practices of political parties.

Bennett said political parties have been quietly expanding their data collection capacities without enough consideration about whether these practices violate privacy laws.

“In the political realm, it’s even more important to take privacy very, very seriously,” he said. “Because we’re not talking about selling goods here, we’re talking about our democracy.”

kderosa@timescolonist.com