The Labour Party's membership purge, which has seen it weed out 3,000 "infiltrators", could be in breach of the Data Protection Act, legal experts have warned.
Labour has vetted new members by trawling social media sites for statements which make it clear they do not share its "aims and values", as well as through data obtained from canvassing.
It has even named some individuals who had previously tweeted messages suggesting they are not party supporters.
Paul Bernal, law lecturer at the University of East Anglia, said: "The key thing is this is sensitive personal data, as it includes political opinions, defined in Section 2 of the Data Protection Act." As such, he said, the data subject has to give explicit consent for their information to be processed.
"I suspect this is not legal and ethically it is definitely wrong. They are processing personal data and creating databases about people who cannot find out why they were rejected," he said.
However, he added legally it remains a grey area. "As that information has been made public – that will be how they'll try and get out of it."
Tim Turner, data protection consultant, said the biggest legal concern is they have not told people how their data will be used.
"The thing they can’t get round is that the first principle of the act requires you to tell people how data are used. In the act it is called fair processing, which says to process data fairly you have to tell people what you are doing," said Turner.
"While you could debate whether they obtained consent or not, it doesn't matter because they didn’t tell people there would be a vetting process," he added.
The registration process for the Labour Party’s leadership contest has proved highly controversial, with prospective voters only needing to pay a £3 membership fee to take part, under a system brought in under the previous regime, leading to claims of political shenanigans and infiltration. Over 160,000 people signed up to vote in the final days before the deadline.
Jon Baines, chair of the National Association of Data Protection Officers, said: "Data protection law at its most fundamental level demands fairness in the handling of people's personal information, and for fairness to be met people should be made aware of what is happening with their information, and know why decisions have been made about them."
"I think Labour should come clean on exactly what processes have been followed to determine whether or not someone will be allowed to vote in the leadership ballot, as serious questions continue to be raised. If they fail to provide full details, I think the Information Commissioner should intervene and investigate," he added.
Earlier this week, acting leader Harriet Harman said 3,000 alleged "cheats" had so far been excluded from voting, adding that it “is not funny or clever for people from other parties to try to cheat their way into our system”, according to the BBC.
A Labour spokeswoman said: "We take our responsibilities under data protection very seriously and are confident our procedures are fully compliant.” ®