Pages

October 30, 2016

Ottawa may review parties' use of Canadians’ private data

A House of Commons committee plans to study whether political parties should have some basic rules for collecting — and protecting — private information from millions of citizens.

File photo

A House of Commons committee plans to study whether political parties should have some basic rules for collecting — and protecting — private information from millions of citizens.

OTTAWA—As Parliament considers peering into political parties’ collection and use of sensitive personal information about citizens, those parties are busy developing more powerful and sophisticated tools to track voter data.

Canada has virtually no rules governing how political parties collect, use and share information about voters they meet on the doorstep, hear from on issues, or observe on social media.

In fact, Canadians are largely in the dark about what kinds of information parties collect and how they use it.

But a House of Commons committee plans to study whether parties should have some basic rules for collecting — and protecting — private information like political beliefs, financial information, family makeup, and contact information from millions of citizens.

Daniel Blaikie, the New Democrat MP who suggested the study, said multiple witnesses brought the issue to the Access to Information and Ethics committee during a review of the Privacy Act this year.

“Witnesses had expressed a lack of knowledge of where exactly (the data) goes.” Blaikie said in an interview Thursday. “So the idea was really just to get a better idea, if there was going to be regulation, where would you put it and how would it work.”

How much of an appetite Parliament has to debate the issue, however, remains to be seen. All three major parties have a strong interest in keeping secret the specifics of their data operations.

The Star asked the three parties to outline exactly what types of data they were collecting and what steps they take to protect that data from both outside intrusion, such as hackers, or internal misuse.

Liberal party spokesperson Braeden Caley did not get into specifics about what sorts of information the party collects — although he did point to the party’s privacy policy, which states they collect any “information you choose to give (them).”

Caley said that in 2015, 80,000 Liberal volunteers had an estimated 4 million conversations with voters.

“We engage with Canadians from coast to coast to coast on a daily basis and we are committed to protecting information assets and any personal data we collect in the process,” Caley said. “The party also does not sell personal information under any circumstances.”

The Conservatives use an in-house database known as CIMS, short for the Constituent Information Management System. Party spokesperson Cory Hann said it would be difficult to list all the types of data that go into CIMS, as 338 local campaigns upload information into the central database.

However, he said in a statement, “I’d say you want to know if the household is voting Conservative.”

“That’s the minimum, in my opinion, to make going door-to-door worthwhile.”

According to reported accounts from former party officials, CIMS also keeps track of donors, people who request election signs, and supports both electronic and on-the-ground outreach efforts. In 2007, one former Conservative politician even accused the party of logging the concerns citizens brought to their local MPs into the party’s central database.

Hann added the party takes “every precaution” to ensure the CIMS data is secure.

The NDP used a new voter database in the 2015 election called “Populous.” According to Dave Hare, the party’s director of operations, the database can track demographics, party membership, even specific issues of concern for individual voters.

“The information is primarily used to direct our ground efforts (mobilizing supporters and talking to persuadable voters) during and in-between elections,” Hare wrote on Friday.

He said the NDP hired an independent firm to conduct a security audit of the database before the party used it, and even commissioned “white hat” hackers to test the limits of its security.

It’s not clear when the parliamentary committee will begin the study into this issue. The committee has committed to just two studies ahead of it — on private sector privacy and on the Security of __canada Information Sharing Act — but other business could push the examination of parties’ data practices further down the line.

No comments:

Post a Comment