ICO confirms breach to complaining members – and advises them of legal right to compensation for harm suffered
The Information Commissioner’s Office has confirmed to a member that the party is in breach of its legal obligations under GDPR data protection laws – and has indicated that there are multiple such cases.
In a response to a complainant who has not receive a response to their ‘Subject Access Request’, a statutory, binding request to provide copies of all data held by an organisation on an individual, the ICO stated that it found Labour in breach – and advised that there are ‘a number’ of such cases:
The ICO, which has often been criticised for its lack of action on Labour’s breaches, also stated that it is not pursuing the party for these ongoing breaches – but that individuals have a statutory right to pursue legal action – and to receive compensation for any harm suffered:
Last year, Keir Starmer’s leadership campaign was reported to the ICO after ‘serious’ hacking of member data. The ICO does not appear to have taken any action. Labour members will need to pursue legal action against the party rather than rely on the ICO, if they wish to see the party brought to account.
GDPR law allows for fines of up to €20 million (c. £17.5 million) or 4% of an organisation’s turnover – whichever is the greater – for breaches.
The SKWAWKBOX needs your help. The site is provided free of charge but depends on the support of its readers to be viable. If you can afford to without hardship, please click here to arrange a one-off or modest monthly donation via PayPal or here to set up a monthly donation via GoCardless (SKWAWKBOX will contact you to confirm the GoCardless amount). Thanks for your solidarity so SKWAWKBOX can keep bringing you information the Establishment would prefer you not to know about.
If you wish to republish this post for non-commercial use, you are welcome to do so – see here for more.