Analysis

Labour’s latest data breach communication reveals more breaches

Analysis of Labour’s attempt to minimise the significance of its huge loss of data to criminals exposes the party’s disregard for data protection laws and the dishonesty of responses to ex-members who asked for their data to be erased in accordance with the law

This article was written after consultation with GDPR professionals.

An email from Labour in which the party tries to excuse its retention and loss of data on members and ex-members has opened a further window on the extent and variety of ways in which the party under Keir Starmer and David Evans have been disregarding ‘GDPR’ data protection laws.

The email tells members that Labour has been keeping data even on people who have resigned their membership:

The Labour Party retains a minimal amount of information on an indefinite basis for members, affiliated and registered supporters and former members and supporters. This is to administer our internal governance, as well as to apply our membership rules.

This appears to code for ‘we need to know who we’ve expelled and who owes us money’ – those who left via the arrears/lapse process. But under GDPR neither warrants holding the data indefinitely and the party should have a deletion policy.

We also retain your name and address from the electoral register, as we have a legitimate interest in continuing to process this data. This also helps to facilitate the fundamental role political parties play in engaging with voters as part of the democratic process.

According to regular users of it, Labour’s membership system does not hold electoral registration data. It has a ‘flag’ which does not appear to be regularly audited against the electoral roll.  The party is entitled to hold addresses to ‘engage with voters’ – but unless it checks regularly for facts where the ER is their sole source, Labour is in breach as it has a duty to ensure that data is accurate.

‘Legitimate interest’ is the most qualified and conditional of lawful purposes and excludes legal minors.

Under GDPR A6 1.f, processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

We do however minimise the personal data we hold and ensure that unnecessary information is deleted once it is no longer required. Where someone is no longer a member or supporter, we restrict the processing of this information in such a way to ensure that the Labour Party does not contact you again.”

So Labour keeps data but ‘restricts the processing’? There’s no room for that under GDPR – data is either held or it is not and the party has previously confirmed to ex-members who asked for confirmation that it had erased their data from its systems.

And the deletion of data under law is not simply to ‘ensure that the Labour Party does not contact you again’, but also to ensure that the data can’t subsequently be misused, either by Labour as the ‘data processor’ or by its loss to criminals or other third parties – which is precisely what has happened.

In addition, Labour is unclear how it distinguishes between those it thinks it is entitled to keep and those it has a duty to delete. The law prohibits the storage and processing of private data unless it conforms with the GDPR & Data Protection Act 2018 (DPA) – and the fact it relates to Labour, a political party, makes it ‘special data’ on which there are more restrictions, not less.

But perhaps most crucially, Labour’s website tells those who provide the party with their details that it will never do what it has already admitted it routinely did. The party’s contact page states that ‘we will never pass your information on to any third parties:

Every person providing their personal data to the party therefore had an absolute right to expect that Labour would never give their data to anyone else – yet Labour’s original admission of the data breach is clear that the data was given to a third party.

Labour lied to those it assured that their data had been erased – and it lied when it said their data would never be shared, obtaining individuals’ private information under false pretences.

Labour’s latest and rather blasé email to members whom it has wronged appears to suggest that the data breach is not such a big deal worth worrying about. But in fact, the email and the circumstances surrounding it simply confirm hat the scale of the party’s misuse of personal data and abuse of data protection laws has gone even wider and deeper than what was already known about the breach.

SKWAWKBOX needs your help. The site is provided free of charge but depends on the support of its readers to be viable. If you can afford to without hardship, please click here to arrange a one-off or modest monthly donation via PayPal or here to set up a monthly donation via GoCardless (SKWAWKBOX will contact you to confirm the GoCardless amount). Thanks for your solidarity so SKWAWKBOX can keep bringing you information the Establishment would prefer you not to know about.

If you wish to republish this post for non-commercial use, you are welcome to do so – see here for more.

53 comments

  1. The data is not shared with third parties it is processed by third parties on behalf of the Labour Party on a strict contractual basis. This could be for any number of legitimate reasons like facilitating an internal ballot or sending out a mailshot.

    1. We’ve just had Starmer’s claim that were discussions but not talks about his second job.
      Which was up there with Clintons smoking marijuana but not inhaling attempt to treat people like idiots..
      Now data is being processed but not shared.
      Well done for this contribution.
      But you’re only fooling those that want to be fooled and there aren’t that many on this blog.. .

      1. iamcrawford – Time will tell, we’ll see who’s proved right.

    2. They processed the data without that data being shared with them.

      Thank you.

      All is clear now.

      😯😘🤔🤔🤔🙄😣😥

      1. Brian – Don’t be silly Brian. If you can’t appreciate that language matters then that’s your problem not mine. If you check the ICO’s guidance you will find that there are numerous sections covering the relationship between data controllers and data processors.

    3. Starmer & Evans are so sure of their position that they still haven’t named the company they said they would never share members’ data with.

    4. I am struggling to understand why our legal representitives cannot get a answer to a straight question.Name the third party and explain the contractural details of
      former members data being handed over.?….Deathly silence and a lockdown at HQ fawlty towers.Writs will soon be flying around like confetti at HQ who have all of the signs of a company on the Ropes and going down.

    5. Processed…Steve H….do you think its a local farmers market.!Your bullshit doesn’t even make sense,not that theres ever been much intelligence coming from your processed comments…You must realise by now that the Labour party are going to be buried in writs before the end of the month.Happy ☺Xmass!

      1. Thanks Joseph. All I can say to members who have received these stupid letters, is hand it over to a lawyer who specializes in such data breaches. Currently there is at least one class action being formulated that I know of.

    6. “The data is not shared with third parties it is processed by third parties on behalf of the Labour Party on a strict contractual basis.” – This could be true. It depends on whether the data was simply transferred electronically for processing by computer and the results then reported back to the LP or sent elsewhere so some other function could be carried out electronically, or whether a person at the third party needed to be involved. If the process was entirely electronic then it would have been “processed”. If there was any human input then it would have been “shared”. Anyone who could assert that “The data is not shared with third parties it is processed by third parties on behalf of the Labour Party on a strict contractual basis.” is either much better informed than the rest of us about what was being done with this data (and I would suggest that, if that is the case, he inform us), or he is, at best, making unwarranted assertions. He goes on to say “This could be for any number of legitimate reasons like facilitating an internal ballot or sending out a mailshot.” So, it is clearly unwarranted assertions.
      Of course the LP could clear up the muddy waters by simply telling everyone who the “third party” was and what they had been asked to do with the data. I can’t think why they wouldn’t do that.

      1. One, additional thought – my understanding is that those who were informed of a “data incident” were advised to check their bank accounts. I can’t think that “legitimate reasons like facilitating an internal ballot or sending out a mailshot.” would require a “third party” to be sent people’s bank details.

    7. SteveH
      On too many occasions you are a complete waste of space, you contribute nothing to the debate, you are the democratic equivalent of crabs

      1. Doug – ….and yet here you are responding to my comment. Thanks for your input.

      2. steveh, to utilise your own line of argument, doug was not ‘responding’ to what passes as contributions by yourself. He was ‘marking’ it.

    8. I defy any third party to process data that has not been shared with it, or to have data shared with it and not process it in some form, if only to note its presence and decide on no further action.

  2. On the 4th November I sent an email to the party containing a simple question as to why and who was the third party they shared my details with. Still haven’t received a reply. Yet I’ve read other ex and current members have heard from them on more in-depth questioning of the party’s data breach. Perhaps I need to resend the email with extra queries. Who knows I may receive a reply.

    1. Goldbach,

      “legitimate reasons like facilitating an internal ballot or sending out a mailshot.”

      Why would a member who left in 2017. or any time since be on a list for internal ballots or mailshots?

      Nah, not buying that one.

      1. Dont they have organise for the mail-outs? Looks more like another excuse (lie).

      2. Quite right. Don’t buy it. It is being sold by the equivalent of the bloke with the quarter load of left over tarmac that you can have cheap.

    2. If you send a data access request, don’t forget to reassure Starmer and Evans that if it gives them any cause for concern, they can always give the Samaritans a call for advice.

  3. The contract says “we wiĺl never PASS your information on to any third parties. ” The issue of sharing it whatever that would involve is not addressed . As one would expect Labour gave a clear assurance that only it would hold and make us of the data. It doesn’t allow Labour to provide the data to any Tom Dick or Harry in whatever capacity they might be acting for the Party.

    Such an assurance is of vital importance to those who entrusted Labour with their data because they would certainly demand to know to whom Labour wished to pass their data on to and the reason for doing so before they gave their permission for Labour to go ahead. The fact that Labour has passed their data on and even now has not disclosed to who or even given precise details of what that third party was doing with it is a very serious matter and one of some considerable concern to a lot of people.

    As an aside I would also like to point on that no data contoller has an option to hold any amout information on a data subject for an indefinite period. This is because the shelf life of even basic personal data is limited and is very likely to become inaccurate without the data subject even being aware that it’s still held. Data subjects even die and I have know of their relatives being caused real upset when they have received communications in the name of their late family member quite some time after that person’s death.

    The fact that Labour has its lackeys on this site who have so obviously been tasked to be quick off the mark to down play the seriousness of the data breach and to go on to mock the genuine concerns of its victims makes me want to vomit.

  4. As someone who was forced to repeatedly cough up cash to be able to support Corbyn, I see a huge silver lining in this.

    Lawfare.

    Sure, it’s gonna cost me more money, but it going to cost them a lot more. Staffing costs to deal with my subject access request, and depending on what comes back, more letters or straight to court.

    Karma? Or Nemesis? Pick one and go for it!

    1. NVLA. Join a class action with a no win no fee deal. Won’t cost you anything.

      1. @baz2001

        Sounds like a plan. The wife and I will still drop SARs in as they only cost a tenner each. That’s staffing costs, data costs (the irony), printing and postage. Well worth the money. I’m struggling to think of entertainment so good for so little outlay.

      1. NVLA

        A SAR is now free. The law changed in 2018 when GDPR superceeded the previous GDP. So don’t give this shower any more money.

      2. @baz2001 & Nemtona

        Thank you for the link and advice. Most helpful. Enjoy your weekend.

  5. From the ICO website, under the right to be informed.

    (1) Individuals have the right to be informed about the collection and use of their personal data;

    (2) You must provide individuals with information including: your purposes for processing their personal data, your retention periods for that personal data, and who it will be shared with. We call this ‘privacy information’;

    (3) The information you provide to people must be concise, transparent, intelligible, easily accessible, and it must use clear and plain language;held?
    ______________________

    Q1. How many members knew that somebody in the party was collecting their data?

    Q2. How many members knew the purpose for processing their data. There appears to be no retention period, so that looks like another breach and the third part of this paragraph is still being persued by numerous parties. Also note the word MUST, that seems like they have no get out of jail card on this one.

    Q3. That one speaks for itself. The party have been neither concise, transparent, intelligible or easily accessible at any stage from the collection of personal data, their purposes to their retention period.

    So it appears to me that apart from the breach with the data being “processed” or “held” or whatever you want to call it by this third party, further breaches of GDPR, the wilful disregard for and mishandling of members data, goes back in the first instance to the data scaping of social media, holding it in secret and for the length of time the party want to hold it.

    https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-law-enforcement-processing/individual-rights/the-right-to-be-informed/

  6. I need advice please. My husband & I resigned from the Party in May 2020. We have both received emails about the data breach.
    Anyone know if the data breach includes mobile phone numbers?
    The reason I ask we both have iPhones with 3 network, my hubby is out of contract & can change his phone. I got a call on MY mobile asking to speak to my husband using his Christian name which is weird so I asked who was calling & the person at the other end said Three, just thought they had mixed the phone numbers somehow so I told him that he’s at work call back later on his mobile which he said he would do, I did tell him that hubby is wanting to change his phone…He never received a callback.
    Considering they’re Sh1t hot at trying to get sales I thought it was strange they didn’t call him after work… then all the information about the data breach hit social media & I started to wonder if this could be a scam call?
    Anyone any idea? I’ve rung three but they can’t help it could have been one of their agents.
    What makes it even more sinister I registered hubby’s membership with the Party for him & used my mobile number as he didn’t want calls at work.
    Anyone else think this is suspicious?

    Thanks
    Hilary

    1. So far as I am aware Hilary our data is currently been held to ransom. The database has been stolen form the company who had it in the sense that the criminals are preventing them from getting access to it and have issued a threat that unless a ransom is paid they will permanently delete all of the data. These days any data loss either illegal or accidental can be quite critical to the efficiant working of a company’s’ business it can cost them a lot of money so its a very powerful threat but its not as yet aimed directly at us.

      These people are of course criminals so there is no assurance that the wouldn’t go on to sell the database to scammers even if the ransom is paid . The scammers would then make bogus calls and try to extract money from people on the database or use data like bank account details to swindle cash.

      Naturally you have as always be very much on your guard with respect to these things but if we are lucky we may at the moment be still at the frozen database stage. This might explain why a lot of people who have been told their data has been stolen may not have experienced any attempts (yet) to extract money from them. But please do keep a close guard on things no one can be absolutely certain..

      1. Thanks! Albert ❤️ that has put my mind at rest, hubby said I’m worrying over nothing but you can’t be too sure these days, it probably was just a coincidence.
        Thanks again.

      2. Albert – “So far as I am aware Hilary our data is currently been held to ransom.”

        That may have been the intention but currently it looks like a failed ransomware attack. The Labour party obviously still has an intact members database.

  7. Data retention policies that seemed quite harmless under previous Labour leaderships, really seem quite sinister under a pair of bad faith actors like Starmer & Evans. You can probably count Starmer’s remaining time as leader in weeks and months if next May’s elections are as calamitous as they rightfully should be for the party. So why do they need allegedly- according to reports, to profile and vet everyone for their left-wing views, including ex-members?

    Transparency must be demanded from the next Labour leader about everything that’s been done in terms of the mishandling of members’ data under Starmer & Evans. So lessons can be learnt.

    1. Andy, because those two corrupt bastards are not working for the Party and it’s members. They work for the Establishment. This data has been fished from Labour and god knows where it will end up. Suffice to say that Israeli spy has done his job very well.

      The Party needs burning to the ground, it is beyond redemption.

      1. baz2001

        I don’t understand why all the members , CLPs aren’t totally fixated on getting Starmer & Evans out. Enough is now known to see Labour either faces either crushing defeat, or a hollow victory – due to the Tories’ waning popularity, with a bland centrist manifesto, followed by disappointment and ultimate defeat at the subsequent election as the Tories recover. Because there will be no attempt to compromise with the left coming from Starmer, ever! His leadership is a dead end for the party either way.

        I mean, those that say knuckle down and concentrate on getting the Tories out, need to explain for what purpose, why? If all that’s on offer is a personnel change- new management – and possibly even more reactionary, authoritarian policies, than those of Patel. When the alternative is an insipid right-wing bunch led by Starmer – a man who looks uncomfortable even being in the party, and appears to be there as a favour to the UK establishment, for which he has unquestioning, sickeningly servile loyalty. What’s the point?

      2. Andy – “What’s the point?”

        To enact the policies that were announced at this years conference.

      3. SteveH

        Reeve’s announced a £28bn ‘green jobs’ programme, but analysis shows that money risks just going to further enrich private company providers.

        And her plan to end charitable status(tax relief) for private schools I’d wager won’t happen. Imho ,Reeves just threw that out there, as token gesture to the left. As leader ,Ed Miliband and Ed Balls talked about it at conference and iirc it didn’t make the manifesto. Private schools will lobby. pointing out if they forced to close due to high fees putting parents off, it’ll cost the state more to educate all those previously privately educated pupils. And Labour will back down again.

      4. Andy – Literally dozens of other policies that were announced/confirmed at this years conference.
        I don’t have a problem with a well regulated mixed market economy.

        Angela Rayner (Shadow Secretary for the Future of Work)
        ▪️ Fair pay agreements. “A Labour government will bring together representatives of workers and employers to negotiate pay and conditions in every sector. Collective bargaining in every sector will end the free market free-for-all that encourages undercutting, exploitation and a race to the bottom.”
        ▪️ Give all workers rights from day one in their jobs: sick pay, holiday pay, parental leave and protection against unfair dismissal.
        ▪️ Create one, single worker status, banning bogus self-employment.
        ▪️ Ban zero-hour contracts and ensure all contracts come with minimum hours and reflect normal working life, requiring notice of shift changes and pay.
        ▪️ End fire and rehire. “Labour will end the scandalous practice of fire and rehire once and for all.”
        ▪️ Introduce a new right to flexible working as the default, protections for those with caring responsibilities and a right to switch off.
        ▪️ Increase statutory sick pay and make it universal.
        ▪️ Put mental health and safety on a legal par with physical health and safety, and make sure the laws are enforced by a new, empowered watchdog.
        ▪️ Sign into law the new deal for working people within the first 100 days of coming to office.
        ▪️ Set up an integrity and ethics commission to “stamp out the Tory sleaze”.

        Anneliese Dodds (Shadow Women and Equalities Secretary)
        ▪️ Introduce a Race Equality Act. “A Labour government that would introduce a Race Equality Act to tackle structural racial inequality at source.”
        ▪️ Reform the Gender Recognition Act. “A Labour government that acknowledges that trans rights are human rights and that would reform the Gender Recognition Act to enable a process for self-identification while continuing to support the 2010 Equalities Act.”

        Ed Miliband (Shadow Business, Energy and Industrial Strategy Secretary)
        ▪️ A ten-year commitment for the steel industry to go green, “investing up to £3bn, in collaboration with business, over the coming decade”.
        ▪️ Help fund investment in gigafactories. “Not just subsidy but public equity stakes taken by government to ensures a people’s dividend from the green transition.”
        ▪️ Require every major business to tell us their carbon footprint and how it is consistent with net zero.

        Jo Stevens (Shadow Digital, Culture, Media and Sport Secretary)
        ▪️ A healthy living index to ensure that every government decision improves wellbeing, “just as the Office for Budget Responsibility tracks government spending”.
        ▪️ Legislation that “forces a proper duty of care on social media companies” and introduces “criminal penalties for senior tech executives who repeatedly breach the new law”.

        Lucy Powell (Shadow Housing Secretary)
        ▪️ A new Building Works Agency to assess, fix, fund, certify all tall buildings and pursue those responsible for costs. Legislation to ensure leaseholders won’t pay the costs.
        ▪️ A “massive increase in council and social homes, fit for all ages”.
        ▪️ End “the huge net loss in council houses resulting from Right to Buy and its huge discount”.
        ▪️ End rough sleeping.
        ▪️ End no-fault evictions.
        ▪️ Make housing a human right.
        ▪️ Give local authorities “new powers to buy and develop land for housing, and revitalise town centres, by reforming arcane compensation rules”.
        ▪️ Set a new definition of affordable linked to local wages.
        ▪️ Close loopholes “that let developers wriggle out of commitments”.
        ▪️ Give first time buyers first dibs on new developments.
        ▪️ End the practise of foreign hedge funds “purchasing swathes of new homes, off plan”.

        Jim McMahon (Shadow Transport Secretary)
        ▪️ End transport deserts by offering affordable and reliable services for rural communities.

        Jonathan Reynolds (Shadow Work and Pensions Secretary)
        ▪️ Scrap the five-week wait for Universal Credit.
        ▪️ End the benefit cap.
        ▪️ End the two-child limit.
        ▪️ Replace Universal Credit “with a better system”, including a change to the taper rate so “people keep more of the money they earn” and assessments “focused on what people need to succeed rather than one that treats them with suspicion”.

        John Healey (Shadow Defence Secretary)
        ▪️ Boost the current £20m government spend on veterans’ mental health by £35m, with a special fund to support mental health care for British veterans and the Afghan personnel now in the UK.
        ▪️ Give “the highest priority to security in Europe, North Atlantic and Artic, pursuing new defence cooperation with European NATO neighbours”.
        ▪️ Lead moves in the UN to negotiate new multilateral arms controls and rules of conflict for space, cyber and AI.
        ▪️ Freeze Tory cuts to the army, then review and reverse the numbers if needed.

        Rachel Reeves (Shadow Chancellor)
        ▪️ Look at “every single tax break” and scrap it if “it doesn’t deliver for the taxpayer or for the economy”, including:
        ▪️The tax break benefiting “private equity bosses who strip the assets of British businesses pay a lower rate of tax on their bonuses”.
        ▪️Scrapping the charitable status enjoyed by private schools.
        ▪️ For next year: freeze business rates, increase the threshold for small business rates relief and increase the Digital Services Tax to 12%.
        ▪️ Scrap business rates.
        ▪️ Create a new, independent Office for Value for Money.
        ▪️ Putting an additional £28bn of capital investment into the UK’s green transition for each and every year of this decade.

        Anas Sarwar (Scottish Labour leader)
        ▪️ An energy transition commission – led by former energy minister Brian Wilson, “to help create a greener, fairer and more prosperous future”.
        ▪️ Increase winter fuel payments by £70 for the lowest income pensioners.

        Kate Green (Shadow Education Secretary)
        ▪️ Children’s Recovery Plan.
        ▪️ Extend the school day for additional activities – breakfast clubs giving children the fuel to learn, art, sport, cooking, coding, book clubs.
        ▪️Invest in training world-class teachers.
        ▪️Give schools the resources to expand small group tutoring.
        ▪️Support the early years sector, schools and colleges with an Education Recovery Premium, with additional learning support including for children with SEND, and engage with families around the SEND review.
        ▪️Prioritise young people’s mental health with access to a professional mental health counsellor for every school.
        ▪️ End tax breaks for private schools.
        ▪️ Provide every young person with work experience and careers advice, and ensure every child has digital access.

        Wes Streeting (Shadow Child Poverty Secretary)
        ▪️ A ‘ten by ten’ ambition – “to give every child a great childhood with every child enjoying ten great experiences by the age of ten”.

        Jonathan Ashworth (Shadow Health Secretary)
        ▪️ End zero-hour contracts in social care.
        ▪️ Pay care workers at least the living wage.
        ▪️ Double current funding for dementia research.

        Nick Thomas-Symonds (Shadow Home Secretary)
        ▪️ Open neighbourhood ‘police hubs’ in every community.
        ▪️ Launch a major recruitment drive for special constables.
        ▪️ Create a new Child Exploitation Register for those drawing children into county lines drug gangs.
        ▪️ Pass new laws to protect women and girls from domestic abuse, harassment, intimidation and violence.

        David Lammy (Shadow Justice Secretary)
        ▪️ Legislate to bring the United Nations Convention on the Rights of the Child into domestic law.
        ▪️ Fast-track rape and sexual assault cases in courts.
        ▪️ Increase minimum sentences for rapists,
        ▪️ Create a new offence for street harassment.
        ▪️ Ensure victims of domestic abuse get the legal aid they need.
        ▪️ Make misogyny a hate crime.
        ▪️ Enshrine victims’ rights in law.
        ▪️ Support the introduction of a new national pro bono service, with “binding pro bono targets to support those who can’t afford legal advice and are ineligible for legal aid”.
        ▪️ Implement the Lammy Review.
        ▪️ Introduce targets to bring in more women and more ethnic minorities to the most senior positions in our courts.

        Keir Starmer (Labour leader)
        Crime:

        ▪️ Strengthen legal protections for victims of crime.
        ▪️ Fast-track rape and serious sexual assault cases, and toughen sentences for rapists, stalkers and domestic abusers.
        Health:
        ▪️ Guarantee mental health support will be available in less than a month.
        ▪️ Recruit staff so there are over 8,500 more mental health professionals supporting a million more people every year.
        ▪️ Never allow spending on mental health to fall.
        ▪️ Ensure every school has specialist support and every community has an open access mental health hub.
        Education:
        ▪️ Launch “the most ambitious school improvement plan in a generation”.
        ▪️ Reinstate two weeks of compulsory work experience and guarantee that every young person gets to see a career’s adviser.
        Economy:
        ▪️ Change the priority duty of directors to make the long-term success of the company the main priority.
        ▪️ Make Britain a world leader in science and R&D, setting a target to invest a minimum of 3% of GDP.
        Climate:
        ▪️ Bring forward a Green New Deal, including a Climate Investment Pledge “to put us back on track to cut the substantial majority of emissions this decade”.
        ▪️ Fit out every home that needs it over the next decade, to make sure they are warm, well-insulated and cost less to heat, and create thousands of jobs in the process.
        ▪️ Introduce a Clean Air Act.
        ▪️ Meet a “net zero” test for everything Labour does in government “to ensure that the prosperity we enjoy does not come at the cost of the climate”.

  8. I gladly left Labour 10 seconds after the Neo-Liberal Lump of Wood was elected Leader (I suspected what was coming) and have severed my links completely and want nothing to do with Right Wing Labour.
    As far as I am concerned they have NO RIGHT to keep any information on me.
    They have run a coach and horses through GDPR rules and should face huge fines and every person whose information they misused should get substantial compensation!

    1. Bazza. 100% exactly the same as me. The letter was written and open on my computer, and as soon as the result came through it was sent. Literally 10 seconds was all it took.

      I will not be dealing personally with the Labour Party any more, they can deal with my lawyer.

  9. Some talking on that show are saying that they have been asked to produce photo ID when they submitted a SARS to the party, which they say, the party is entitled to do for identification puposes, even though in most cases the LP HQ would have no mugshot to compare your photo to. This, it is being said is a delaying tactic as the 30 day response time does not start until they receive the photo.

    1. Maybe, or far more likely they are just taking extra precautions to ensure that nobody can take advantage of the situation by impersonating (ex)members.

      1. Long ago, when I joined the Labour Party, there was no requirement to submit a photograph of myself. To my knowledge, people who have joined more recently have not been required to do so either.
        So, oh wise one, tell us how the LP can tell whether or not any photo submitted is of the person who is the registered member. Maybe there is a cunning way to do so, or maybe you are just making up a load of twaddle.

      2. goldbach – As I understand it from the above reports they are being asked to produce a copy of their photo-ID. eg a driving licence.
        Why are you so desperate to start a disagreement. What do you hope to achieve.

      3. Could it be that your propensity for irritating others has rubbed off on me?
        However, it’s all of little consequence given that COP26 has just signed the (lingering) death warrant of human life on the planet.

  10. Please be very wary of Lab Party trolls on here who are trying to give the impression that the data the Lab Party holds on you is safe and is not likely to have been the subject of a ransom ware attack.

    In his letter to you of 4 Nov Dave Evans confirmed that the date held on the Partys own computer systems was safe .At no stage has Labour ever said that any of the data on its internal systems that it is in direct control of have been compromised.

    It is clear that its a copy of that data that Labour has handed over to a third party that has been attacked and probably held to ransom. Only an idiot would imgine that the Lab party or any other data controller for that matter would take the huge risk of handing over its only copy of an extremely important database to a third party. In any event It is standard practice for every organisation including Labour to take at the minimum a daily back ups of all its data and to store them securely in chronological order for several months.

    Of course Labour knows whose data has been compromised and why it is able to contact those people who have been affected as it owns and has access to the orginal copies of the compromised databases.

    Please note – If you intend to require Labour to remove you data form its databases don’t forget that you should also ensure that it removes your data from all of the back up copies that it holds. There is likely be lots of them stored on tape or disk. We don’t want anyone digging out a back up copy and looking at your data at any stage in the future.

    1. Good point about backup copies – but often some very huge logistical problems in deleting data from them as that implies
      1) Isolating individual records from possibly millions of others in multiple copies of multiple backups
      and
      2) Making changes to data that is archives as an exact copy data set at the time they were made. Also in some cases the means to do it may not exist.
      Suspect that pragmatticly much data like this is “soft-deleted” whereby it’s marked as not to be used in a different set of records.
      It’s a big problem as most systems were never designed to do this.

  11. If you belong to a union, contact them about this. I’ve told Unite about the email I had and they are following it up for me.

Leave a Reply

%d bloggers like this: