This article is more than 1 year old
Politicos whining about folks' data rights ought to start closer to home
When it suits them, they don't give a rat's arse about your privacy
Comment Political grandstanding about giving the UK's information commissioner more power rings hollow when parliamentarians tend to ignore her warnings about new data protection law and their parties continue to slurp up data for their own ends.
The scandal over Cambridge Analytica's et al's use of Facebook data to microtarget potential voters in recent campaigns is perfect for a bit of political outrage, tapping into concerns about public manipulation and rigged elections.
But it presses other buttons too – namely fears about the growing control and influence Big Tech has over our lives. Politicians (and the media) also love to push these buttons – you only need look at the constant barrage of pearl-clutching over kids' screen time.
Facebook confirms Cambridge Analytica stole its data; it’s a plot, claims former directorREAD MORE
But because we're so eager to get our hands on that app or desperate to save a few clicks and log-in via Facebook, many of us skip over the Ts&Cs without clocking the permissions we're giving away. And if we do realise, Facebook has (until recently) buried the settings to take those permissions back.
But amid the, albeit valid, calls for us to take a long, hard look at just how much power we've given to the tech oligopoly, it's frustrating that politicians fail to grasp the need to make changes closer to home.
Last weekend, former Lib Dem leader Paddy Ashdown took to the airwaves to say that one "very powerful" solution to this mass data slurping is to monetise it. If business profits from it, he said, "why not say to Messers Google, Amazon, Starbucks... I want a share of the profits".
Setting aside many of fundamental issues with this argument (for instance, that much of the data the companies benefit from is impossible to assert ownership over as it's not data about us, but data we generate) this smacks of hypocrisy.
Because it isn't just the big companies that Ashdown and his political peers choose to focus their ire on that benefit from people's data: organisations of all shapes and sizes suck up our details for their own use all the time.
And political parties are some of the worst offenders. Go to any political party's website and you'll be faced with the chance to add your name to a campaign or join the fight for various righteous causes.
In some – but crucially not all – cases, you'll get some very small print saying that by signing up to one issue you're giving blanket consent for them to contact you about anything in future. The Lib Dems' message even slips in a line saying that this consent applies "even though you may be registered with [opt-out database] the Telephone Preference Service".
Such behaviour can't be shrugged off as innocent mistakes: the parties understand how consent and the rules over direct marketing work because they've had their wrists slapped for breaching them in the past.
Tories spared fine after being told off by ICO for election telemarketingREAD MORE
In 2015, the ICO ruled that the Lib Dems' efforts to generate a marketing database through website sign-ups to various issues was indeed a breach of the Privacy and Electronic Communications Regulations (PECR).
A year later, the watchdog handed David Lammy a £5,000 fine after his campaign made more than 35,000 automated calls in his bid to be named Labour's mayoral candidate.
In 2017, phone calls made on behalf of the Conservatives in the run-up to the UK general election were ruled to have "crossed the line" into unlawful direct marketing.
And it's not like it's anything new: way back in 2006, the Scottish National Party went to the Information Tribunal arguing that PECR should only apply to commercial organisations, and lost.
So politicians opining on the importance of data protection, people's right to privacy, their right to know what happens with their data, doesn't chime when the parties they represent are so willing to flout the rules when it suits them.
Moreover, MPs' calls for enhanced powers for information commissioner Elizabeth Denham – which world+dog was calling for when she wasn't able to break down the doors of Cambridge Analytica's offices with immediate effect – could be generously described as a case of selective hearing.
That's because the ICO has been, unsuccessfully, lobbying against a number of clauses the government has inserted into the Data Protection Bill (that's the one the government has been bragging about so much in recent days).
These include provisions for a Framework for Data Processing for Government, which allows departments to draw up plans to process personal data.
Since it was slipped into the bill in the Lords, the commissioner has insisted it "will have an adverse effect on perceptions of her independence" and her ability to take action against departments and some public bodies – but the government has repeatedly swept aside her concerns.
UK.gov denies data processing framework is 'sinister' – but admits ICO has concernsREAD MORE
Other issues that have yet to hit home with the government are the breadth of the exemptions for defence purposes, which the ICO said has the potential to reduce the commissioner's powers, and the controversial exemption for immigration enforcement.
And that's before mentioning the exemption MPs are happy to insert for their own devices: as it stands, the bill would allow registered parties to process personal data "revealing political opinions" for the purposes of their political activities.
Central to this is the question over what data reveals your political opinions: if we've learnt one thing from the past two weeks, it's that information you never imagined could tie you to a party or a movement can be used as a proxy for your predilections.
That's not to say the exemption writes political parties a blank cheque to grab data on the scale CA is accused of – they'd still be obliged to be transparent, which would allow people to voice concerns, and the aim of increasing voter engagement is justified.
But in giving the parties and campaigns an inch, the legislation risks letting them take a mile. That's something we should be wary of when it comes to data protection laws.
As the debate about nefarious use of data for political manipulation swirls, MPs are right to come down hard on the bad guys. But in some cases, they might need to start looking in the mirror. ®