Press releases

Press releases

Poll finds strong support for policies combating nefarious online campaigning activity


(Friday 22 November 2019)                                                                                                       

A poll commissioned by civil society organisation Open Rights Group has found strong public support for policies designed to curb the worst excesses of online campaigning. 

Open Rights Group commissioned YouGov, a polling company, to conduct a poll of public attitudes towards data driven campaigning practices amongst people living in the most marginal constituencies in Great Britain. Marginal constituencies are likely to be on the receiving end of heightened campaigning activities by political parties. The fieldwork for the poll began on 06.11.2019 (the start of the election campaign) and ended on 13.11.2019.

Overall a majority of people were aware of the practice of targeting or tailoring political adverts (63%). In particular, a clear majority of young people (75%) were aware of political microtargeting. When asked about the following election campaign techniques, a majority of people thought that targeting/tailoring adverts, 'dark ads' (online adverts only seen by the recipient) and election campaign money without a declared source, should not be allowed (58%, 54% and 74%, respectively). In particular, older people were more likely to think these practices should not occur.

There was strong support for a range of policy responses, including enhanced regulation of how parties can campaign and advertise online (75%) and digital literacy training (71%). The most popular policy overall was tougher punishments (82%), inclusive of fines and convictions. The level of support for these policies was broadly demographically agnostic. There is a clear appetite for reform. 

These results suggest very low public support for the way in which the ‘most digital election campaign ever’ is likely to be conducted, and puts pressure on political campaigners who use these methods.

Pascal Crowe, Data and Democracy Project Officer for Open Rights Group, said: 

“Regardless of who wins the General Election the proper regulation of our campaigning infrastructure must be a legislative priority. 

There is a clear gulf between what the public wants from politicians on this issue and what they are delivering. 

It has been three years since Cambridge Analytica. Reform is well overdue. “ 

Notes to Editors

Open Rights Group are petitioning political parties to stop using our personal data for political advantage. To show your support, sign here:

All figures, unless otherwise stated, are from YouGov Plc. Total sample size was 1,015 adults. Fieldwork was undertaken between 6th - 13th November 2019. The survey was carried out online. The figures have been weighted to be representative of a selection of 28 marginal constituencies. 

A full breakdown of results can be found here:

A list of the 28 constituencies polled can be found here:

For further information please contact Federica Dadone, Communication Officer for Open Rights Group, at or 0207 0961079.


[Read more]

Twitter ban on political ads welcome move but ultimately symbolic one

Matthew Rice, Scotland Director, Open Rights Group, reacting to the Twitter ban on political ads said:

This decision by Twitter is a welcome move but ultimately a symbolic one. The bigger problems are in larger platforms like Facebook and in the personal data processed by political parties and the campaign groups that support them. 

These are systemic problems, created by lax data protection laws and opaque advertising systems. Systemic problems need systemic solutions.  The only way forward is through reform of the law and new rules for use of personal data in political campaigns. We can’t rely on every actor in this space having a moral awakening like Twitter - and even if they did, there would still be opportunities to exploit the exemptions in our existing laws.

The current system is not fit for purpose and we need a lot more than the moral posturing of social media companies to make it fit for purpose.


Open Rights Group also wrote to every leader of political parties today calling on them to be more transparent about their processing of personal data. The joint letters were sent alongside Privacy International, the Institute for Strategic Dialogue, Fair Vote, Who Targets Me? and Demos is here:

For further information please contact Federica Dadone at



[Read more]

Government drops Age Verification plans

Reacting to news that plans for Age Verification for adult content have been halted, Jim Killock, Executive Director of Open Rights Group said:

“Age verification for porn as currently legislated would cause huge privacy problems if it went ahead. We are glad the government has stepped back from creating a privacy disaster, that would lead to blackmail scams and individuals being outed for the sexual preferences.

“However it is still unclear what the government does intend to do, so we will remain vigilant to ensure that new proposals are not just as bad, or worse.” 

More info:

For further information please contact Federica Dadone, Communication Officer for Open Rights Group, at or 0207 0961079.

Jim Killock is available for comment.


Nicky Morgan today has stated in a written question that the government is not going ahead with compulsory Age verification under the DEA 2016:


[Read more]

Civil Society organisations raise concerns over rules designed to prevent a new Cambridge Analytica



Civil Society organisations raise concerns over rules designed to prevent a new Cambridge Analytica

The Information Commissioner’s Office (ICO) recently issued a draft framework code of practice for the use of personal data in political campaigning. This draft guidance applies the ICO’s interpretation of UK data protection law to the context of political campaigning. This guidance can be read partly as a response to the political upheaval of the past few years, during which data driven political campaigning has come increasingly under the microscope.

Open Rights Group (ORG) organised a round table discussion event on the 25th September 2019 to discuss the ICO’s draft guidance. There were participants from academia, government, and civil society. Participants came to consensus about how the draft guidance could be improved. For example, there were several areas where the draft guidance did not clearly evidence what was requisite for compliance with data protection law. More specifically, the draft guidance was too narrow, focusing primarily on electioneering between political parties, with little consideration for party leadership contests or third-party campaign groups. Additionally, greater clarity is needed on how the financial value of ‘data assets’, such as data sets used by political campaigners, should be recorded.

Most significantly however, participants made a bold call for greater coordination between the ICO and the Electoral Commission. It is clear that it is in online political campaigning that data protection regulation and campaign finance regulation meet. Currently however, it is difficult for the ICO and the Electoral Commission to interact as effectively as they could. Additional resources, structural changes, and primary legislation were all proposed as potential remedies.

Pascal Crowe, Data and Democracy Project Officer for Open Rights Group, said:
“Better coordination between the ICO and the Electoral Commission is key step towards resolving the crisis in political campaigning online.
For example, better collaboration between them would allow regulators to more fully account for the financial cost of data sets used in political campaigning.
Our roundtable demonstrated that there is widespread support for measures to make interaction between the ICO and the Electoral Commission much more smooth.“

Notes to Editors
For further information please contact Federica Dadone, Communication Officer for Open Rights Group, at or 0207 0961079.

The ICO’s consultation on its draft framework code of practice for the use of personal data in political campaigning closes today.

A full list of points of consensus and signatories can be found here:


[Read more]

Open Rights Group and the3million seek to appeal immigration exemption judgment

Campaigning organisations the3million and Open Rights Group have made an application to appeal the High Court judgment handed down today which dismissed their judicial review challenge to the Home Office regarding the ‘immigration exemption’ contained in the Data Protection Act 2018.

The organisations argued at the High Court hearing, that took place on 23 and 24 July 2019, that the exemption is far too broad and is contrary to the General Data Protection Regulations (GDPR). The GDPR was designed to strengthen fundamental rights of data subjects. The organisations argued in their legal case that the immigration exemption does the opposite: enabling government departments to derogate from a wide range of obligations towards individuals in the interest of ‘maintaining effective immigration control’.    

Mr Justice Supperstone handed down judgment this morning, finding against the claimants. He found that “the provisions of the exemption setting out the purposes for which, and the categories of data to which, it may be applied are, in my view, clear and appropriately delineate”. Accordingly, the claim was dismissed in full. 

Open Rights Group and the3million, who are represented by law firm Leigh Day, are seeking permission to appeal to the Court of Appeal.     

The Open Rights Group is a UK-based digital campaigning organisation working to protect the rights to privacy and free speech online.  The3Million is an organisation of EU citizens in the UK that campaigns for EU citizens who have made their home in the UK to be able to continue their life here after Brexit.  

The case was brought in the wake of the Windrush Scandal and during a time where the future rights of approximately three million EU citizens in the UK remains uncertain. Open Rights Group and the3million launched their challenge due to serious concerns that, among other things, the removal of data rights protected by GDPR prevents individuals from knowing whether or not the information held about them is accurate. 

The consequences of inaccurate data in the context of the Government’s ‘hostile environment’ have proven to be catastrophic for individuals, ranging from people being wrongly disqualified from holding bank accounts to wrongfully receiving deportation threats and even being forcibly removed in error. In the immigration context, data protection rights are vital to avoid miscarriages of justice. 

The claimants argued that under EU law, derogations from fundamental rights have always required evidence of ‘strict necessity’, which they do not believe had been shown to be the case with the immigration exemption provisions. EU law also requires specific safeguards as set out by the GDPR to reduce the risk of abuse, which the claimants argued do not exist in this case. The Information Commissioner intervened in the proceedings, arguing that the exemption would be lawful if statutory guidance was produced clearly defining its use. In response to the case put forward by the Information Commissioner Mr Justice Supperstone found that guidance was not required to render the exemption lawful.  

Open Rights Group and the3million in a joint statement said:

We are disappointed by the judgement in the High Court today and we have applied for permission to appeal.

We still believe that the immigration exemption in the Data Protection Act 2018 as it stands breaches fundamental rights. It is a blunt instrument, poorly defined and ripe for abuse. Access to data is key for an accountable system, that corrects errors in an immigration system that occur at an alarming rate. The importance of this can’t be underestimated. Millions of EU citizens must navigate the Home Office application process to stay in the UK. This exemption removes that ability to correct errors, which could prove decisive in immigration decisions whether to allow a person to remain in the United Kingdom.

As a result of this litigation we know the exemption is being used, and is being used often. Open Rights Group and the3million will continue the fight against the immigration exemption, seeking an immigration system and data protection framework that respects the rights of everyone.

Rosa Curling, solicitor at Leigh Day, added: “Our clients are understandably disappointed that their claim has been dismissed but they are determined to seek an appeal of the judgment as they believe that the government’s immigration exemption is fundamentally unlawful. Millions of people are already feeling uncertain and anxious about their immigration status as we approach Brexit and our clients feel that the immigration exemption adds a further layer of uncertainty by removing transparency and the opportunity to correct mistakes in the immigration system.”


[Read more]

Loophole in Facebook’s new ID rules on political ads leaves door wide open for astroturf groups

Today Facebook has announced higher identity verification standards for US political adverts ahead of the 2020 presidential election. However, loopholes still exist that could enable astroturf (fake grassroots) campaigns if the rules were rolled out for a UK election.

Facebook announced in a blog post that, from mid September, organisations and individuals in the US buying political ad space on its platform would have to provide more information than previously required. This includes information such as a Federal Election Commission ID number, which would be extremely difficult to fake. Doing so will mean those organisations receive a “Confirmed Organization” watermark on their adverts.

However, they may also be able to receive this watermark if they provide a verifiable phone number, business email, mail-deliverable address and a business website with a domain that matches the email. Ostensibly this is to lower barriers to entry for smaller campaign groups. In practice, this loophole is open to abuse by anyone with a computer, a phone, and a mailing address.

In a UK context, this means that astroturf campaigns, such as those run by Lynton Crosby's Mainstream Network, may still be able to get “Confirmed Organization” status. As a result, powerful interest groups can still manufacture support for their causes on social media whilst hiding behind a smokescreen of authenticity. 

Pascal Crowe, Data and Democracy Project Officer for Open Rights Group, said: 

“The loophole in these requirements means any astroturf campaign with an email account, mobile phone, and mailing address can set up shop as a grassroots movement.

“Powerful interest groups will abuse speech rights online to tighten their stranglehold on democratic debate by throwing money at political advertising. 

“It’s going to take tighter rules and tougher sanctions to stop Steve Bannon or Lynton Crosby.

“Facebook must urgently take this into account for any upcoming UK election.”

[Read more]

Cost and security issues fuel concern for 2020 GLA elections

The Greater London Authority (GLA) Elections use e-counting machines to tally votes. These e-counting machines have been criticised by the Electoral Commission in successive reports. Not only do the machines often count votes incorrectly, they are also extremely expensive. The Electoral Commission has recommended in successive reports that a cost benefit analysis of e-counting be done, including a costing of manual counting. European Parliamentary elections, which use a similar voting system, are counted by hand in London.

For the 2020 elections, the cost of the machines has risen to £8.9 million. This is more than double the last time the contract for the machines was tendered (£4.1 million). In addition, elements of the contract have been subcontracted to Smartmatic, a Venezuelan company with a poor track record of running elections, and alleged links to the Venezuelan Government. The Greater London Returning Officer (GLRO), who oversees these statutory elections initially claimed that Smartmatic had previously run successful elections in Scotland. However this has since been found to be incorrect. The GLRO seems to be moving forward with this company despite their failure to vet them properly.

ORG is concerned that not only is e-counting an enormous waste of money, but that the poor reputation and performance history of Smartmatic risks undermining trust in the outcome of a statutory election.

Pascal Crowe, Data and Democracy Project Officer for Open Rights Group, said:

“This must be the biggest waste of money at City Hall since the Garden Bridge.

Private companies are using our democracy as a user-testing exercise for their products.

In addition, despite our protestations the GLRO seem to be pressing ahead with employing Smartmatic to run London’s elections.

In the post Cambridge Analytica world, with trust in democracy at an all time low, why has the GLRO allowed this unstable element into the mix?”

Notes to Editors
For further information please contact Federica Dadone, Communication Officer for Open Rights Group, at or 0207 0961079.

Earlier articles tackling the matter are available here:

[Read more]

Controversial 'immigration exemption' used in 60% of cases, court case reveals

A legal challenge to the immigration exemption in the Data Protection Act 2018 has revealed that the Government has used this controversial GDPR opt-out in response to 60% of its immigration-related data requests since the beginning of 2019. This will have resulted in data subjects being denied access to some or all of their data.

The figure was confirmed on the first day of a High Court challenge brought by the Open Rights Group and the3million.

It was further confirmed that individuals were not being informed when the immigration exemption is applied. Ben Jaffey QC, representing the Open Rights Group and the3million, argued that the lack of explicit notification leaves many without the ability to challenge the use of the exemption.

The exemption has never existed in UK law before its introduction last year. It allows data controllers, including public bodies such as the Home Office or a school or hospital and private bodies such as employers or private landlords, to restrict access to personal data if releasing the information would “prejudice effective immigration control.”

Matthew Rice, Scotland Director for Open Rights Group, said:

“The number of times this exemption has been used confirms the fears we had when we brought the case forward. This vague exemption provides a wide open opportunity for the Home Office to restrict access to data and avoid accountability for the mistakes it is regularly found to make.

The fact that no-one is even informed that the exemption applies adds insult to injury. This is a blunt force exemption being used in opaque circumstances to restrict individuals fundamental right to access to personal data."

Maike Bohn, Co-Founder of the3million, said:

“GDPR is about transparency and protection of our data rights. Today we found out that the Government have not told people when their rights have been curtailed - on a surprising scale of 60% of cases.”

Notes to editors:

The case is being heard in the High Court of Justice. The second day of the case on Wednesday 24 July will see the Government responding to the arguments put forward by the claimants.

For further information please contact Federica Dadone at

An earlier press release explaining the hearing is available here -

[Read more]

High Court to hear judicial review of the immigration exemption for data protection rights

A judicial review of the government’s immigration exemption for data protection rights will be heard at the High Court in London on Tuesday 23 and Wednesday 24 July 2019. The hearing on Tuesday 23 July will take place at Court 18, before Mr. Justice Supperstone, at half past ten.

The legal challenge has been brought by the Open Rights Group and the3million who argue that the immigration exemption, which passed into law in May 2018 as part of the Data Protection Act 2018, is unlawful.

The immigration exemption allows the Home Office, and other organisations or companies involved in “immigration control” to refuse access to personal data held about individuals if it might prejudice “effective immigration control”.

The immigration exemption affects the three million EU citizens who will have to submit their applications for a new immigration status after Brexit. It also affects anyone who has dealings with the Home Office, other state bodies and several companies who are involved in “immigration control”, such as those seeking refuge in the UK and those impacted by the Windrush scandal.

By blocking access to data, the groups argue that mistakes by the Home Office will go unchecked, important decisions about an individual’s immigration status could be made based on incorrect or incomplete information and it could even lead to wrongful deportations. This is of particular concern given that the Chief Inspector of Borders and Immigration has acknowledged the Home Office has a ten percent error rate in immigration status checks.
Both organisations argue that the exemption is unlawful because it amounts to an unlawful, unnecessary and disproportionate interference with fundamental data protection rights.

Matthew Rice, Open Rights Group, said:

"The fundamental right to data protection includes a right to access information held about you. The immigration exemption removes that right for millions of people for the vague purpose of effective immigration control. This restriction is available to all data controllers, it could be your school, your Doctor, your local authority or your employer that exercise the exemption and restricts your access to your data while continuing to share it with the Government for immigration enforcement.
“This is against human rights standards and we are seeking that the exemption is removed, or restricted in its scope. At this crucial time we need an immigration system that treats all parties fairly, this exemption tips the scales too much in favour of the powerful and leaves many powerless.”

Co-founder of the3million Maike Bohn said:

“EU citizens will need their personal records to prove that they are entitled to live in the UK. They need to know how the Home Office and other government agencies are using those records so they can call out mistakes that could have disastrous consequences for their lives. That is why we support removing this shocking exemption.”

Rosa Curling, solicitor at Leigh Day, said:

“We look forward to presenting this case to the High Court on behalf of our clients. The discriminatory, two tier data protection regime created by our government is unlawful and we hope the Court will agree it must be reconsidered on an urgent basis. Individuals must have access to their personal data so they know what information is held about them by the Home Office and others, how this information is being processed and shared and to allow them to correct any errors made. Without access to the data, their right to rectify is meaningless.”

For more information contact Federica Dadone, ORG Communications Officer,

Federica Dadone
Communications Officer
Tel: +44 (0)74 4689 6115


[Read more]

DCMS urged to make porn privacy scheme compulsory

Open Rights Group has today sent an open letter to DCMS Secretary of State, Jeremy Wright, calling on him to introduce legislation requiring the British Board of Film Classification (BBFC) to make their privacy certification scheme compulsory.

The letter notes that the BBFC privacy standard contains broadly-worded provisions that allow age verification providers to write their own rules and that there are no penalties for providers who sign up to the scheme and fail to meet its requirements.

Jim Killock, ORG Executive Director, said:

"Highly sensitive sexual data should be protected to the highest standards; instead, the vague and voluntary BBFC scheme leaves consumers unable to know who they can trust. DCMS needs to act now to fix this disaster."

Open Rights Group has also today launched an age verification advice site for individuals and organisations at:

Killock added:

“Millions of UK adults and teenagers are likely to be looking for answers on what the law means and how they can keep their personal data safe. Our site offers practical guidance to Internet users and site owners on how age verification works and what the risks are for their personal privacy.”




For more information, please contact - 07749 785 932

Notes to editors:

Letter available here:

The age verification scheme under Part 3 of the Digital Economy Act 2017 was due to come into force today. It has been delayed for a period of six months as it had not been properly notified to the European Commission.

The BBFC’s Age verification standard was published in April 2019:

ORG's analysis of the standard is here:

Open Rights Group’s age verification advice site for Internet users and site owners is freely available at


[Read more]