Blog

Over 2019, Open Rights Group (ORG) have been exercising our rights under the General Data Protection Regulation (GDPR) to find out what UK political parties are up to with our personal data. 

Staff and supporters wrote to parties across Great Britain to ask them what personal data they were holding. This gave us a sketch of how data is being used to profile, target and shape voters intentions.

We’re now asking hundreds of people across the UK to send similar data requests, so that we can draw a more detailed portrait. 

We want to know what exactly is going on with personal data in politics, and at what scale, and use this knowledge to stop shady data practices that break trust and the law, polarise society and damage democracy.

We’ve created an automated online tool that allows you to easily ask all active UK political parties what data they’re holding on you. With a few simple clicks you can discover what parties think about you and who they’ve decided you are. 

Our data requests uncovered some strange and troubling practices. To help you see what your “political data self” might look like, we wanted to share what we’ve learned so far from the three major parties: Conservatives, Labour and Liberal Democrats. 

Access the tool here.

All the main parties are dependent on profiling to decide who should get their message

All three major parties are all collecting personal data and doing some kind of internal scoring to target and/or screen out people. 

The Lib Dems are scoring you on things like how likely you are to vote for Brexit, how much of a “pragmatic liberal” you are, what connection you have to other parties, and whether that means you are likely to swing to the Lib Dems.

The Conservatives are giving you a “priority” rating which will determine whether to try to encourage you to vote.

Labour are giving you local area, essentially ranking you in massive local league tables based on where they think you stand on issues like housing, taxation, health, austerity, and Brexit.  rankings in their local areas based on issues like housing, taxation, health, austerity, and Brexit. 

For instance our Scotland Director was ranked 12,966 out of a possible 65,801 in his whole constituency on the issue of tax. The effect of this perhaps more relevant on the doorstep than on digital but it shows the level of granularity Labour are trying to ge to with their profiling.

They are also calculating your connection to other parties and likelihood to swing to Labour.

Labour at one point were also inferring ethnicity, it is unclear whether they are still doing this. This is something we hope to confirm or eliminate through further research.

This “trading and grading” of data is deeply troubling. We think it is going to vary based on where you live, whether in a marginal constituency, or who you are, if you belong to a particular community. This would make sense as some kinds of people and some places are of particular importance to the different parties, and with increased importance will come an increased focus on profiling and scoring.

We will be able to explore this theory with more data from a more diverse range of people. This is one of the reasons we we are so keen for lots and lots of people all over the UK to ask parties what personal data they currently hold.

Parties are profiling us based on where we live and who we live near - and that is not an exact science

The Labour party profiled our Scotland Director, Matthew Rice, as likely to be retired, over-65, childless and owning the flat he was registered to vote from.

None of this was correct. 

We don’t fully know why Matthew was profiled in this way, but we can make some sensible deductions. A key one is that since address is central to every dataset, Matthew’s profile is tied to that of his neighbours and the prevailing demographic in his area.

Parties are still trying to target every voter, not with particularly narrow data but with big wide data that they then tie to everyone in a given area. This isn’t accurate but it is invasive. Because it is also wrong, it creates further issues down the line in political campaigns for Matthew and others that live in the same area but may have different views, values or lifestyles.

What Labour's deducastions mean ultimately is that they are relying on concocted fictions to make decisions about what messaging to send Matthew, or even whether to include him in a campaign. They’re not only wasting both their time and his, but limiting his opportunity to genuinely engage with what their party stands for and how they compare to other political voices.

Parties are deeply reliant on commercial datasets 

Labour and the Conservatives use Mosaic codes in their voter profiles. Mosaic is an incredibly detailed system of household and individual classification owned by corporate data broker company Experian. It is based on geo-demographic data covering 49 million UK adults

According to Experian’s marketing materials, Mosaic codes contain over 500 variables and segmentations. These are based on offline and online data including email addresses and digital and social media searches. 

Mosaic codes are most frequently used for targeted commercial advertising.

Did you know that Experian was selling this information to parties?

The Liberal Democrats also use commercial datasets to get their scores. We don’t yet know what data sources they rely on and are hoping to find this out through further research.

The parties believe that using personal data like this is necessary for modern politics

All three parties are publicly relying on the same legal basis for their individual voter profiling: “substantial public interest”. They say that their processing of personal data is in the public interest and “necessary for democratic engagement”.

Political opinions are known in data protection law as “special category data”. This means that they require a higher level of protection than other more general categories of personal data. In our view, “substantial public interest” should not be relied on to profile political opinions.

We say that to process your political opinions (this might include trying to guess your connection to other parties), parties need to have obtained your consent. 

The problem? No party has ever asked any voter for permission before profiling them. 

We also aren’t so sure that using dodgy consumer data to segment the UK population into more and more narrow and questionable categories to then target us with polarising social media ads is necessary or even particularly healthy for democracy.

What do you think?

If you’d like to know who political parties think you are you can ask them yourself using our new online subject access request tool.

You can also use your result to be part of our UK-wide research. We’re undertaking the biggest mapping of use of personal data by political parties ever, and we need you and lots and lots of others to contribute your results to make the research achieve real impact.

Access our online tool here.

[Read more]

The 2018 General Data Protection Regulation (GDPR) was meant to be a Good Thing - a strong law that would make businesses act responsibly and give ordinary people control over our personal data. But it's been around for more than a year now and we're still being stalked online by creepy ads that seem to follow us around the web and know exactly what we're thinking and doing. So how, exactly, has anything been made better?

Looking at the scale at which online companies grab and hoard our private information, it might be thought that GDPR just gives corporate data thieves a thin veneer of legitimacy. How else to explain the advertising technology (AdTech) industry’s continued use of the same user profiling methods employed by the likes of Cambridge Analytica? 

Is GDPR a joke, or can it break AdTech’s vice grip on our personal data? The jury is out, but a verdict is coming.

In September last year, Open Rights Group’s Executive Director, Jim Killock, complained to the UK's Information Commissioner's Office (ICO) against the seismic unlawfulness of AdTech’s ubiquitous real time bidding (RTB) systems. This complaint was made together with Dr. Johnny Ryan of the privacy-focused web browser Brave and Dr. Michael Veale, Lecturer at University College London. Since then, we've worked with a network of privacy activists to spread the complaint to data protection authorities across the EU. 

This is the biggest GDPR complaint so far, and might be the biggest that ever happens.

RTB systems are used virtually everywhere on the Internet to show personalised ads. They broadcast intimate personal data - including everything we've been looking at or searching for online, our exact GPS location coordinates and indicators about our religion, sexuality and ethnicity - billions (yes billions) of times every day to legions of data companies that keep and use this data whether they enter the bid to serve an ad or not.

GDPR gives us the right to demand that companies tell us everything they know about us and delete our data on request. How is that even remotely possible when endless RTB bid requests routinely blast our data out to hundreds of faceless entities? RTB makes GDPR look like a sham.

The ICO offered a glimmer of hope in June this year when it agreed that RTB as currently configured is indeed unlawful under GDPR. Disappointingly, however, despite having the power to issue staggering fines for GDPR violations, the ICO instead gave the industry time to clean up their act while they continue to investigate further.

So what has the industry done with the time? Almost precisely nothing. Google this week announced that it will take a tiny amount of content data out of its bid requests. It heralded this as a big step forward in protecting privacy, but in fact the change does nothing extra to protect individuals, since the vast quantities of other information broadcast continue to be able to identify, profile and target people with stunning invasiveness. 

Tokenistic though it is, however, perhaps this change could still be a sign that RTB players are starting to recognise the status quo is no longer sustainable. 

The ICO said in June that they would review RTB in six months' time. That deadline is coming up fast and the world is watching. It’s the moment of truth not just for GDPR but for the ICO as well. While the Irish Data Protection Commission remains underfunded, the ICO has been adding hundreds of staff, signalling an intent to get serious about enforcement.

What will the ICO do? We don't know. But the AdTech showdown will tell us whether their bark is worse than their bite.

[Read more]

Compulsory Age Verification for adult content was cancelled yesterday by Nicky Morgan, the Culture Secretary. However, the plans may well come back.

Open Rights Group welcomes this change for two reasons. Firstly, the privacy protections within the scheme were merely optional for AV providers, leaving users at risk of having their porn habits profiled, recorded and leaked. Secondly, the plans included the prospect of widespread Internet blocking of non-compliant sites, raising the prospect of the UK becoming the most prolific Internet censor in the democratic world.

Attempting to regulate all Internet content to ensure it is safe for children is, unfortunately, not an achievable aim. Any steps taken will in truth be partial and come at costs. It is very unclear that Age Verification, especially when combined with Internet censorship of legal content, would reach a reasonable balance.

A more reasonable approach to child protection would firstly help parents to use content controls, such as filters, on devices, which can be tailored to suit the child’s development; and secondly it would ensure that children are empowered through education, so that they know how to manage their own risks and make sensible choices.

Whether we like it or not, the simple existence of easily distributed pornographic content means that it will always be within the easy reach of under 18s, whatever controls are put in place. Much like drugs, smoking or drinking alcohol, teenagers will ignore the rules if they wish to. Files are extremely easily swapped and shared. While this does not mean we abandon attempting controls, it does mean we should assume they are not a replacement for open discussion with under 18s.

Government policy we are told will now focus on an forthcoming Online Harms Bill. This may well bring age verification back into the policy mix, now or at a later date. The proposed approach of a “duty of care” to users is vague, and we believe likely to lead to risk-averse platforms over-censoring material, for instance by machine identification, merely to reduce risk. Age verification could easily become a general requirement for platforms, to manage risk more precisely. However, at this stage we are merely speculating about future policy.

For now we hope that Parliamentarians look back at the last two Digital Economy Acts, of 2010 and 2016. Both proposed widespread web censorship, of copyright infringing sites in 2010, and adult content in 2016. Both proposed measures that crashed and burned: the 2010 provisions for disconnecting alleged file sharing households in 2010 died without trace. In 2016, the complex measures to police some, but not all, adult content, now looks like it is gone.

What both acts had in common was that the favoured solutions of particular groups, the copyright holders in 2010, and some child protection and anti-porn campaigners in 2016, were taken by government as the best way to regulate. There was insufficient attention paid to people who pointed out the obvious flaws.

There is an easy way to avoid these kinds of policy failures, which is to discuss the means of reach an objective fully with all parties, including industry and the whole of civil society, before choosing a policy to pursue.

[Read more]

It’s October; temperatures are falling, nights are lengthening, and once again we are four weeks away from a potential no-deal Brexit.

No-one fully knows what a post-Brexit Britain will look like. At ORG, we’ve thought about how UK government surveillance operations might have to change. We’ve published briefings anticipating the impact on citizens’ online privacy and free speech. We’ve written to the PM to press for better no deal preparation ensuring the continued flow of personal data between the UK and the EU – essential for businesses, academic institutions and public services.

Digital often isn’t top of the agenda when it comes to UK political commitments. But given the immense power that technology and its deployment by both governments and private companies can have to control and subjugate ordinary citizens’ lives, this urgently needs to change.

In view of the ongoing political uncertainty, it’s increasingly likely that we’re heading to another general election – and soon. We at ORG want to make sure that post-Brexit our elected leaders build a future of digital rights for all. That’s why we’ve put together five core commitments that parties and/or candidates can make – to promise that if elected they will:

1. Commit to maintaining high data protection and fundamental rights standards, including protecting net neutrality.

2. Make the Information Commissioner’s Office (ICO) a true watchdog with teeth by increasing resourcing and empowering it to take enforcement action against non-compliant companies and organisations.

3. Protect consumer rights and vulnerable groups by legislating to grant organisations representative power to defend their fundamental rights.

4. Be transparent when negotiating international digital trade agreements and not commit to or sign any agreement that may undermine fundamental rights.

5. Work with individuals and groups from across society to develop digital policy, modelling a new, inclusive and forward-looking way of doing open and collaborative government.

At ORG, we want Britain to capitalise on the potential of digital technology, while becoming fairer, more open and more inclusive. We hope that parties and candidates will take up these calls.

[Read more]

Electronic counting in London – the subject of criticism from the Electoral Commission and Open Rights Group for many years - is now spiralling in cost. The cost of the election in 2020, for which the contract was tendered in 2018, will be over twice that of the last tendering process in 2010. Worse still, the contractual arrangements are highly obscure and problems with transparency are yet to be addressed.

At the end of July,  the Greater London Authority (GLA) Oversight Committee met to review the activities of the Greater London Returning Officer (GLRO), in the 2020 GLA elections. Election results for the London Mayoral and London Assembly elections have always been counted by machines, which is known as ‘e-counting’. This round, the GLRO and politicians are keen to avoid the problems they had with software and machines in 2016, which led to long delays in announcing the results.

E-counting has been criticised in successive reports by the Electoral Commission for being untransparent, as independent observers are unable to effectively monitor the count inaccurate as clearly marked ballots are frequently counted as unmarked; and expensive as this service cost £4.1 million for the 2012 elections. 

In particular the Electoral Commission advised that the GLRO carried out a ‘cost benefit analysis’ of e-counting, which should include a cost benefit analysis of manual counting. The GLRO has ignored this advice, twice. 

In 2018, the tendering process for the e-counting contract for 2020 elections began. The contract was eventually split between two companies: CGI, the lead contractor, and Smartmatic the sub contractor. The cost of the contract between the last tendering process in 2010 and the most recent of 2018 has more than doubled - from £4.1 million to more than £8.9 million. 

The increase in cost partly reflects the fact that the tendering process was uncompetitive - the market for e-counting providers is small, and they tend to operate in consortiums. In this case a very small number of expressions of interest were given, and the GLRO was itself very worried that they might not find a company able to meet the bid criteria, which included new measures to avoid the problems they experienced in 2016.

As part of the approval process for commencing e-counting procurement the GLRO stated that: 

“Should no tender prove satisfactory either quality-wise or price-wise, there will be no commitment to award a contract and consideration will be given to counting manually” .  

Nevertheless, even though the cost has spiralled to almost £9 million, the GLRO have decided to press ahead.

We are concerned that the methodology employed to assess the various bids for the contract is not being made publicly available. Without this information, it is impossible to know why £9 million pounds of public money is being spent. 

There are serious questions about the sub-contractor, Smartmatic. Smartmatic’s “election solutions” have been the subject of criticism in severalcountries where they have run electronic voting systems. Smartmatic says the criticisms are unjustified.  

For example, there were serious technical issues with the machines used in the 2012 Belgium elections in Flanders, with second preference votes incorrectly allocated. Additionally, there is no definitive account of why the Committee on Foriegn Investment in the United States were investigating Smartmatic. For now, Assembly members and the GLRO can only read the reports from the countries concerned, or view the hearings.

Given that the GLRO reported before the meeting of the Oversight Committee that many of the functions of e-counting had been subcontracted out further. The GLRO have stated that Smartmatic and CGI are: 

“Working with Rathmhor, who delivered user training for the programme in Scotland in 2017. Hamilton Rentals will supply hardware and audio-visual services at the count centres, using the latest generation of Fujitsu scanners. FDM will print the ballot papers.” 

 

In this long and unwieldy chain of command, is hard to see what value Smartmatic brings, and where accountability lies if something goes wrong. Only full information about the contracts and subcontracts will make it clear what Smartmatic’s role is, and whether that is appropriate.

The GLRO previously asserted that CGI’s and Scotland’s performance in Scotland where e-counting at local elections is also the norm, warranted the awarding of the contact – that they are tried and tested. In its report to the GLA Oversight Committee the GLRO stated: 

“CGI and Smartmatic have previously delivered successful electronic vote counting systems for Scottish elections.”

This was false. The Scottish Government have confirmed to us that Smartmatic have never been awarded an e-counting contract for Scotland. The GLRO have subsequently corrected the record and explained to Assembly members that Smartmatic have not in fact had any involvement with the Scottish e-counting systems.

The other delivery partner, CGI, have also not been without controversy. The company went to court in Scotland after repeated repudiatory breach with a subcontractor on an IT contract for Scottish councils. Agilisys and CGI tussled over who was responsible for the contract not being properly delivered. The judge described CGI’s expert witness as “one sided”, “not balanced” and its submissions as “unconvincing”. 

The GLRO were unable to answer many of the questions put to them by the GLA oversight committee. On costs, the GLRO, at one point attempted to attribute much of the £4.8 million increase in cost on ‘inflation’. 

Eventually, they made it clear that much of the cost was due to new safeguards against error, alongside a further large proportion of the price hike being simply unexpected costs at the real market. This may simply mean the cost of having an uncompetitive bidding process where the two participants do not have to constrain their estimates as they cannot be replaced. 

The GLRO did not explain why they have still not done a cost benefit analysis of the whole exercise, instead preferring  “stakeholder consultation” and “soft market testing”. Nor were the GLRO able to explain why they went ahead with such an expensive contract despite previously saying that they would not. Thankfully, the GLRO have now committed to cost benefit analysis of manual counting. 

However, scrutiny has been avoided for too long. The GLRO has failed to provide answers. We look forward to gaining clarity on the facts in a future meeting with them. We believe that London Assembly members urgently need answers to the following questions:

• Given the expense and the non competitive nature of the market for e-counting, why did the GLRO press ahead despite saying “Should no tender prove satisfactory either quality-wise or price-wise, there will be no commitment to award a contract and consideration will be given to counting manually”? 

• Will the GLRO release the details of the methodology used to award the contract and how individual companies scored? 

• Was Smartmatic’s controversial reputation and poor performance record taken into consideration in awarding this contract? What role are they actually performing?

Until Assembly members have answers, neither they nor the public should be confident that next year’s elections will be problem free, or value for money. The GLRO should have stuck to its promise, given the difficulties they have had getting competitive bids, and given “consideration to counting manually”. Voting systems need to be robust, trustworthy and inspire confidence. It is vital that this is done right.

[Read more]

European internet users may not have noticed, but their net neutrality and online freedom is at risk. At least 186 Internet Service Providers (ISPs) in the EU are using Deep Packet Inspection (DPI) to read their users’ traffic. That means they get to decide how much internet freedom you get.

Network neutrality explained

Net neutrality is the idea that ISPs must ensure an equal internet connection to each and every user. Although there’s an EU law that regulates this, some ISPs discriminate against their users by filtering or charging for the content they try to access or the devices they use to connect.

Among other means, such as using DPI to examine our communications, telecom companies apply extra charges for data packages or specific content users connect to. This contradicts the Body of European Regulators for Electronic Communications (BEREC), which states that all internet users must be able to use the web without any restrictions.

How net neutrality is being abused

Any internet service plan involving conditions based on the websites or services you visit and use needs to be able to identify your internet traffic. If your provider offers a plan where you can use certain apps without consuming your data, that’s more than just a fundamental violation of the principles behind net neutrality. It’s also a breach of your privacy, as one way to distinguish between various traffic types is by using DPI.

Once a user accepts DPI, the ISP can use it in many different ways: throttling connections, censoring content, and tracking users’ traffic in greater detail than before. Legal protection against these intrusive actions exists in the EU, so how can users still be at risk?

Net neutrality protection in Europe

Although net neutrality is already dead in the US, Europe is still fighting for open internet access and transparency. In the EU, the right to equal network access is protected by Article 3 of EU Regulation 2015/2120. However, the European Digital Rights (EDRi) association, which for many years has been advocating in favor of strong net neutrality, is warning against the widespread use of privacy-invasive DPI technology in the EU.

EDRi is negotiating for new European net neutrality rules even as some telecom organizations seem to be pushing for the legislation of DPI. These companies claim net neutrality requirements reduce competition in the market and that a neutral internet could obstruct growth, flexibility, and investment in new infrastructure.

This gives some room for thought: will UK citizens be stripped of net neutrality after the country leaves the EU?

The loss of net neutrality

Without net neutrality in Europe, ISPs could limit what you can and can’t see online and how you experience the internet in general. When it’s gone, certain content and services may be completely blocked by some ISPs. They could also force some websites to pay or suffer slow traffic, which might drive many smaller online services out of business. Supporters of net neutrality fear the loss of consumer protections, privacy, and security while ISPs profit.

With the help of BEREC and EDRi, it’s easier to stand for our rights, quality of service, fair competition, and transparency.  If it wasn’t for net neutrality, today we might not have popular streaming services like YouTube or Netflix and we couldn’t freely listen to music via Spotify.

What can we do to fight back?

Although using virtual private network (VPN) services is a good solution to fight ISPs, you’ll only protect yourself and your family. It’s also of crucial importance to make your voice heard and let the EU know that its internet users want net neutrality to be protected and enforced. For now, you can follow and support the great efforts of EDRi and BEREC to prevent the abuse of internet freedom.

By Daniel Markuson, a digital privacy expert at NordVPN

[Read more]

Blocking websites isn't working. It's not keeping children safe and it's stopping vulnerable people from accessing information they need. It's not the right approach to take on "Online Harms".

[Read more]

It seems apt that it was at this week’s ‘digital hustings’ for the Conservative Party leadership that Jeremy Hunt unilaterally came out in favour of online voting. Or at least, that is what elements of the press and Twitterati reported. What Hunt actually said was (slightly) more nuanced than a straightforward endorsement:

“The big innovation that we need is to introduce online voting...if we can book out holidays online, surely we can find a way that is fool proof to have online voting, and that is the way the world is going, and I think that would encourage much more participation in our democracy.”

There are four things to unpack in that statement that illustrate some core concerns about using the internet to help run elections.

1) Voting should be more like booking a holiday

Voting should not be like booking a holiday. Booking a holiday online requires you to input sensitive, traceable, personal information (like your card details, and name and address) online. The company must be able to identify you in order to follow up on your payment. This is not, however, desirable for an election. Whilst electoral register data is available (Although the type and accessibility of data this contains changes reasonably frequently), digitising the voting process risks undermining the principle of the secret ballot. This opens the door to electoral fraud.

We should also ask ourselves if we really want private companies administering our elections. How would they be held to account? What happens if people decide they don’t trust the company? If there’s a problem with your hotel room, you can get a refund. How would you refund an election? For private companies, elections are a consumer product. Some are offering Democracy-as-Ipod, with e-voting machines that come in “classic” or “premium” models. Should we have to choose between classic or premium democracy?

2) We can have a ‘fool proof’ online voting system

Existing statutory e-voting systems, most notably in Estonia, have been criticised for being insecure. The Netherlands stopped using e-voting machines in 2007 because they could be hacked within 30 seconds of entering a polling booth. Norway discontinued its i-voting trials in 2014, citing security concerns. The UK Electoral Commission has made serious criticisms of the e-counting hardware and software used in the London General Assembly Elections in every assessment of them it has ever done.

Put simply, the technology isn’t there. We shouldn’t turn our democracy into a user testing exercise for private companies. The risk is electoral outcomes that are decided by glitches in code or server security, rather than voters.

3) Online voting would encourage political participation

Enhancing political participation, particularly amongst people for whom the act of voting can be problematic (for example, people with disabilities), is a net positive for our democracy and a noble goal in itself. Further research about how to do this should be encouraged, and it seems likely that modern technology has a part to play.

Currently though, there is no academic consensus about whether e-voting encourages turnout. The limited number of studies makes it difficult to characterise. However, a recent Norwegian trial found no increase in aggregate turnout. In addition, it found that young people (an oft cited target demographic for e-voting) actually preferred walking to the polling station as it felt like a rite of passage for entering adulthood.

Just because your child might like playing Xbox, doesn’t mean they want to ‘play democracy’ on an Xbox.

4) “That is the way the world is going”

This statement assumes that there is a public appetite for elections to go digital.

The level of support of online elections depends on who you ask and what question you ask them (for example, conducting an *online poll* about *online elections* is likely to suggest an unrepresentative level of support, unless you do some reasonably complex sample weighting). The Electoral Commission however, in its 2017 post general election assessment found strong support for the way that the election had been administered. For example:

- 79% of respondents thought the election was well run (down from 91% in 2015).
- 98% of voters thought that the ballot paper was easy to complete.
- 84% of polling station voters were satisfied with the process of voting.
- 80% of postal voters were satisfied with the process of voting.
- 89% of candidates were satisfied with the administration of the election in their constituency.

This is not to say that elements of election administration could not be improved (for example, electoral registration is an issue). But let’s put these statistics into context. This was a national statutory election for which administrators had less than two months to prepare. If a commercial organisation had these levels of customer satisfaction after such an event, they would be cracking open the champagne.

So yes, let’s work out how to make it easier for all members of the electorate to vote. But we also need to encourage a political landscape that allows for a more equitable relationship between citizens and government. There are plenty of initiatives to encourage meaningful political engagement from a civic public: from citizen’s juries, to more localised economic and municipal models through to proportional representation and an independent Yorkshire (although some of these are more likely to be realised than others). In the meantime, the medium of our electoral system – people, pencils, and paper – should be left well alone.

In a world of uncertainty, electoral interference, and waning confidence in our democratic institutions, electronic voting is a surefire way to add to our problems. So please Mr Hunt - if it ain’t broke, don’t fix it.

[Read more]