Second email likely an attempt to cover for glaring omission in first
Labour’s data breach – revealed only yesterday despite the party knowing about it last week – when it outsourced members’ sensitive information to an outside company, apparently without members’ permission that was subsequently hacked – was notified by the party in an email from David Evans to hundreds of thousands of members.
That email also broke data laws.
The ‘GDPR’ data protection legislation introduced in 2018 requires any sender of emails to a mailing list to provide a clear and obvious method of unsubscribing from any further communications – but the email simply ends at ‘Kind regards, the Labour Party’, with no option at any point for readers to unsubscribe.
Recipients have also reported having left the party as long as a couple of years ago and receiving confirmation from the party that their data had been deleted at their request – and yet not only were apparent victims of the hacking of current data, but also still on Labour’s database in order for the party to send yesterday’s email.
Further emails without an opt-out were sent this morning.
Labour has still not identified the third-party provider that was subsequently hacked in a ‘ransomware’ attack, putting members’ sensitive data in the hands of criminals. The party has told victims they should not discuss the breach or mention it publicly.
SKWAWKBOX needs your help. The site is provided free of charge but depends on the support of its readers to be viable. If you can afford to without hardship, please click here to arrange a one-off or modest monthly donation via PayPal or here to set up a monthly donation via GoCardless (SKWAWKBOX will contact you to confirm the GoCardless amount). Thanks for your solidarity so SKWAWKBOX can keep bringing you information the Establishment would prefer you not to know about.
If you wish to republish this post for non-commercial use, you are welcome to do so – see here for more.