A number of law firms are helping current and former Labour members take legal action against the party over the damage they suffered when Labour gave their sensitive data to third-party suppliers whose system was hacked, resulting in the data of thousands – including people whose data Labour should not have been keeping – ending up in the hands of criminals.
And in documents seen by Skwawkbox, the Information Commissioner’s Office (ICO) has confirmed that the party is compounding its breach – by failing to meet its legal obligations to respond to ‘Subject Access Requests’ (SARs) from those affected. An SAR is a formal request to disclose what information an organisation holds on an individual – so those hit by Labour’s latest massive data breach are still in the dark about exactly what information of theirs is now likely to be circulating on the dark web and in the criminal underground.
The ICO has said that it is contacting the party to tell it to fulfil its legal duty and answer the requests. The regulator has so far proven toothless in terms of actually punishing the party for its contempt for the law and the rights of its members, but Labour could face fines of almost £20 million for the breach.
SARs are also in the pipeline to the two outside companies involved in the breach. The Labour party has been contacted for comment.
SKWAWKBOX needs your help. The site is provided free of charge but depends on the support of its readers to be viable. If you’d like to help it keep revealing the news as it is and not what the Establishment wants you to hear – and can afford to without hardship – please click here to arrange a one-off or modest monthly donation via PayPal or here to set up a monthly donation via GoCardless (SKWAWKBOX will contact you to confirm the GoCardless amount). Thanks for your solidarity so SKWAWKBOX can keep doing its job.
If you wish to republish this post for non-commercial use, you are welcome to do so – see here for more.