Labour denies data breach (well, they would). Here are THREE smoking guns..

The Labour Party has started writing back to members who complained about their data being given to Gerard Coyne, who has used it – stupidly, but nobody said he was competent – to contact non-Unite members asking them to vote for him as the union’s General Secretary.

The emails being sent are a study in generic denial and buck-passing. Here’s one:


  1. Dear Arthur
    Thank you for contacting us regarding unsolicited communication from Gerard Coyne’s campaign.
    We are unable to say how you were contacted by Mr Coyne’s campaign, and suggest you should contact his campaign directly to ask the source of their data they hold on you, and to remove any data they hold on you if you do not wish them to hold it.

    The Labour Party is very clear that no data may be shared with any third party or other organisation, and take our obligations under the Data Protection Act very seriously. We have not supplied any Labour Party data to Mr Coyne or anybody else. Labour Party data is held and processed only for the legitimate purpose of running a political party.

    Kind Regards

    Communications Assistant
    The Labour Party

    Seems they’re saying i have to investigate this myself
    Here’s what the ICO says
    Case Reference Number: RFA0675428

    Dear Mr Jordan

    Thank you for your correspondence in relation to your concern about the way the Labour Party (‘Labour’) handles personal information.

    The Information Commissioner’s Office (the ‘ICO’) is an independent regulatory authority reporting directly to the UK Parliament. The Information Commissioner enforces and oversees the Data Protection Act 1998 (the ‘DPA’).

    Our aim is to improve information rights practices. We do this by taking an overview of all concerns that are raised about an organisation with a view to improving its compliance with the DPA.

    Please see our website for further information:


    Your data protection concern

    You are concerned that Labour has shared your personal data with the campaign supporting Gerard Coyne of Unite Union.

    It appears that you raised your concern with Labour in the email you also sent to the ICO on 2 April 2017. Before we look at the issue you raise, we expect you to give the organisation the opportunity to consider it first. In order for us to look at Labour’s information rights practices we need you to provide us with its reply.

    Once you have received a response from Labour, if you still have concerns about its information rights practices please write to us again, quoting the above reference number and providing us with a copy of its response. We will then consider your concern and decide if we think there is an opportunity to improve Labour’s information rights practice.

    If you are responding via email, you can forward your response to our casework@ico.org.uk email address with the above case reference in this format [Ref. RFA…] in the subject line.

    Yours sincerely

    Phillip Marsh
    Lead Case Officer
    Information Commissioner’s Office
    01625 545 247

    Feedback about our service

    If you are dissatisfied with the service you have received, or would like to provide us with feedback of any kind, please let me know.

  2. Yes we all know how the DPA is supposed to work so stating the bleeding obvious is a waste of time and does nothing to address the situation. Obvious what’s gone on and the person or persons responsible for it *have* to be found / dealt with, not just brushed inder the carpet!

Leave a Reply

%d bloggers like this: