On Saturday, People’s Assembly is holding an anti-austerity event in London:
It’s an important event, with a stellar line-up of speakers including Labour front-benchers John McDonnell, Diane Abbott & Barry Gardiner and tickets cost a maximum of £5.98. The event runs from 10am to 6pm at St Pancras New Church, Euston Road, London NW1 2BA.
But there is a troubling aspect to some of the publicising of the event: Labour Future has been sending emails to promote the event.
Labour Future (LF), in spite of its name, has no formal standing with the Labour Party – it is a limited company found by millionaire John Mills, which has links to right-wing groups Business for Britain and The Taxpayers’ Alliance.
The company has been criticised for sending fundraising emails that recipients have said misled them into thinking they were donating to the Labour Party. The company has used logos of Momentum and other groups without permission to promote its image – and when asked to account for how it spends moneys donated to it, it said it was unable to do so.
LF’s email advertises the details of the People’s Assembly event correctly, but the problem appears in the last paragraph:
The email tells recipients that it wants them to register for a specific purpose: to act as stewards at ‘numerous events’ at which it will be helping People’s Assembly – and it provides a link for them to ‘get in touch’ for that purpose. It even provides details of what will be required of those registering as stewards.
But the link does not go to a page specifically for registering as a steward for People’s Assembly events. Instead, it takes visitors straight to LF’s own, general support page:
Stewarding is only one of twenty activities – and even that is not for People’s Assembly events, but for “events like” it.
Providing a misleading description of a sign-up link is almost certainly a breach of privacy laws, because the new General Data Protection Regulation (GDPR), like its predecessor the Data Protection Act (DPA) mandates that data can only be used for the purpose for which it is provided. Even if not outright illegal, it is deeply troubling.
The SKWAWKBOX spoke to People’s Assembly, which confirmed it had discussions with Labour Future and had agreed to let it provide support. However, the organisation was unaware of the nature of the company and of the link it is including in its email.
The SKWAWKBOX also contacted Labour Future for comment, asking:
Labour Future are emailing people about the approaching People’s Assembly event and inviting recipients to sign up as stewards to help with it. However, the link provided for the sign-up is Labour Future’s own sign-up page, so people may end up registering for something else than they think they’re signing up for.
If you have any comment you want to have included, please provide it by return.
Labour Future’s Director of Digital, Michael O’Sullivan, responded:
Labour Future takes data privacy and security extremely seriously. To this end we have always complied with the DPA, and more recently the GDPR.
On Wednesday we emailed our supporters with an update about the People’s Assembly campaign, one which Labour Future is proud to support. In this email we included a link to purchase tickets directly, and we also included a link to our standard volunteer signup page. It is via that signup page that supporters are able to list themselves as available for the People’s Assembly event.
Both the page and process are fully GDPR compliant. As such Labour Future will be making no further comment on the matter.
The ‘link to our standard volunteer signup page’ is not described as such and the response does not answer this blog’s point about the mismatch between the description provided and the nature of the page that following the link will open.
Comment:
The SKWAWKBOX recommends – as it has done before – that no recipient of Labour Future emails click on any links contained and that no personal details should be provided to what is, in spite of its name, a private limited company with significant links to right-wing organisations. This information should be shared widely to ensure that others do not inadvertently register or donate believing that the company represents the Labour Party.
Of course, this has no bearing on the authenticity and merits of People’s Assembly’s event later today and everyone interested can register at the event’s Eventbrite page here.
The SKWAWKBOX needs your support. This blog is provided free of charge but depends on the generosity of its readers to be viable. If you can afford to, please click here to arrange a one-off or modest monthly donation via PayPal. Thanks for your solidarity so this blog can keep bringing you information the Establishment would prefer you not to know about.
If you wish to reblog this post for non-commercial use, you are welcome to do so – see here for more.
This is very dodgy indeed – and unless you havbe omitted to mention it there is no specific “opt in” clause included in the email, which means that sending any further emails to these people would definitely be illegal under the GDPR (they are already flirting with illegality IMO even in sending this message).
The reason for Mill’s and his mates to sponsor such events seem odd. Normally, a direct sales multi-millionaire would run miles from such events. One byzantine reason may be that Mills and many of the people around the Assembly share a similar obscurantist view about the EU – Mill’s from a traditional ‘little Englander’ approach, bankrolling the “Labour Common Market Safeguards Committee’ (he’s probably the last person alive to use the Common Market term) , the Assembly from a similar obscurantist ‘Lexit’ position. It could be that seeing the writing on the wall is saying no hard (or even medium soft) Brexit will happen now, he’s trying to muster the forces for a last ditch showdown in the Labour Movement.
Michael O’Sullivan of Labour Future is incorrect.
The page listing multiple volunteering options breaches GDPR regulations, as those regulations are quite explicit that data can only be collected for one specific purpose and with the explicit opt in consent of the data subject required for each and every purpose. GDPR is very clear on this. This type of consent bundling by Labour First is not allowed under GDPR.
I will be reporting this GDPR breach to the ICO on Monday morning.
Whilst the ICO is satisfied when companies can demonstrate they are taking reasonable steps to comply with GDPR, it takes a very dim view of companies which openly flout and circumvent the new regulations, which were only introduced on 25th May.
Copy in the Electoral Commission & Advertising Standards Authority too, while you’re at it 🙂