Data watchdog writes to Sinn Féin over collection of Facebook users’ information

Helen Dixon’s office raises concerns over use of online data to match with home address

Sinn Féin leader Mary Lou McDonald. Party members were told that members should elicit more information from users so they can ‘tag them as a social media engaged and follow up with a canvass on their doorstep’, according to an internal document. Photograph: Collins

Sinn Féin leader Mary Lou McDonald. Party members were told that members should elicit more information from users so they can ‘tag them as a social media engaged and follow up with a canvass on their doorstep’, according to an internal document. Photograph: Collins

 

Data Protection Commissioner (DPC) Helen Dixon has written to Sinn Féin seeking information about its collection and use of data from Facebook and the electoral register.

It is understood officials in Ms Dixon’s office have raised concerns about the party’s practice of using the public Facebook information of potential voters to allow it to engage in targeted campaigning, including in-person canvassing.

Last week, the Sunday Independent reported that party officials are being told to use personal information posted on social media to identify voters’ home addresses.

Members are told that “Facebook is king” and that members should elicit more information from users so they can “tag them as a social media engaged and follow up with a canvass on their doorstep,” according to an internal document.

This is done using the party’s sophisticated Abú canvassing database and through the use of the electoral register, which lists voter addresses and is open to all political parties.

Ms Dixon’s office has put a series of questions in writing to Sinn Féin about how it uses the data and if users are aware how their public data is being processed. It is understood the office is particularly interested in the issue of user consent and knowledge.

Privacy expert Daragh O’Brien said the party’s data practices are “pushing the envelope” in terms of what is permitted.

There are broad exceptions in Data Protection Act for processing for “electoral activities”, but there is no formal definition of what “electoral activities” are in this context, he said.

“Of course, if Sinn Féin haven’t disclosed to people that they are linking activities on Facebook to off-line electoral analytics and location data to then drive a physical canvas that would be a potential issue from a fairness/transparency perspective under GDPR,” said Mr O’Brien, who is managing director of the data firm Castlebridge.

Users should have been clearly told that the Facebook information would be used to enable identification in the “real world”, he said, and they should also have been told why that information was being sought and that it would be used to inform canvassing activities.

“The very broad basis for political parties to process data for electoral activities doesn’t negate the obligation to be transparent about what is being done and provide people with the option to opt-out of that processing.”

A Sinn Féin spokesman said: “We can confirm that we have received correspondence from the Office of the Data Protection Commissioner. We look forward to engaging with them.”