Parties, Campaigns and Voter Surveillance:

The Impact of Mobile Applications

Professor Colin J. BennettDepartment of Political Science

University of VictoriaBritish Columbia, Canada

www.colinbennett.cacjb@uvic.ca

Presentation to the International Conference of Privacy and Data Protection Commissioners,

September 23rd, 2013

Resolution on the Use of Personal Data for Political Communication

International Conference of Privacy and Data Protection Commissioners, Montreux, Switzerland 2005

Expressed concern for:

“direct and personalized contact with vast categories of data subjects” “increasing institutional communication from elected candidates and bodies” “a large quantity of personal data is continually collected by political organizations, and is

sometimes processed with aggressive modalities, applying various techniques including polls, collection of e-mail addresses via software/search engines, city-wide canvassing or forms of political decision-making through interactive TV, voter isolation files”

“unlawfully include…..sensitive data related to real or supposed moral and political convictions or activities, or to voting activities”

“Invasive profiling of … sympathizers, supporters, adherents or party members”…

And Resolved that :

“Any political communication activity, including those not related to electoral campaigns, which entails a processing of personal data, should respect fundamental rights and freedoms of interested parties, including the right to the protection of personal data, and should comply with data protection principles”…

Times have changed!

Outline• Current trends in voter surveillance in the United States

– “Voter management” databases to integrated voter management platforms

– Integration of data from commercial data brokerage firms and user-generated data

– Integrated campaign toolkits– Decentralization of voter intelligence to local campaigns– Micro-targeting and micro-listening

• Mobile apps in contemporary campaigning– Apps for political messaging– Apps for canvassers– Apps for ‘targeted sharing’ – Apps for campaign donation– Apps for civic engagement

• Have these practices been exported to other countries? • Implications for data protection law and data protection

authorities

PARTY-DIRECTED VOTER MANAGEMENT DATABASES IN THE UNITED STATES

Voter management databases elsewhere?

• Canada– Conservative Constituency Information

Management System (CIMS)– Liberalist– NDP Vote

• UK– Conservatives: Managing Elector Relations through

Local Information Networks (MERLIN)– Labour: Contact Creator

• Australia– Labour: Electrac– Liberal: Feedback

Calculating levels of support

Tracks Supporters, Non-Supporters and Undecided on scale from -15 to +15

Walk and Phone Lists

• CIMS has tools to print off lists for canvassers• Each sheet contains the name, address and

support level of each constituent• Sheet has a location for entering information

gained from the house• Information is then scanned back into CIMS

Get Out The Vote - GOTV

• Find supporters and make sure they get out and vote

MICRO-LISTENING

“Armed with research from behavioural psychology and randomized experiments that treat voters as unwitting guinea pigs, the smartest campaigns now believe they know who you will vote for even before you do.”

“These are the prescription drug-trials for democracy”

Trends?MASS MESSAGING TO MICRO-TARGETINGVOTER MANAGEMENT DATABASES TO

INTEGRATED VOTER MANAGEMENT PLATFORMS (“CAMPAIGNS IN A BOX”)

TRADITIONAL DATA COLLECTION AND AGGREGATION NOW SUPPLEMENTED BY: USER-GENERATED DATA, LOCAL CANVASSING, AND UNSTRUCTURED DATA CAPTURE

POLITICAL CAMPAIGNS NOW JUST ANOTHER MARKETING CHALLENGE

Integration of mobile apps….

• For political messaging• For “canvassing”• For event management• For “targeted sharing”• For donating• For civic engagement

Social Media and “Targeted Sharing”

Harvesting of voter intelligence data dependent on privacy choices within social media platforms

Data Protection Law and Political Parties: The Situation in some non-European countries

• United States– First Amendment dominance– No comprehensive privacy protection law– Scattered state laws governing uses of public databases

• Canada– Political parties are not covered by federal or provincial privacy laws (with exception of British

Columbia)– Not covered by Do-Not-Call rules or Anti-Spam legislation– But regulated under Canada Elections Act – Current proposals from Elections Canada to apply PIPEDA privacy principles

• Australia– Political parties not covered by Australian Privacy Act – Recommendation by Law Reform Commission that they be covered and that Office of Privacy

Commissioner should develop guidelines

European Data Protection Law and Political Parties

European DP regulation (Recital 36): “Whereas where, in the course of electoral activities, the operation of the democratic system requires in certain Member States that political parties compile data on people's political opinion, the processing of such data may be permitted for reasons of important public interest, provided that appropriate safeguards are established.” Political opinions – form of sensitive data

(Article 8)

Article 9 : Processing of special categories of personal data prohibited unless..

d) processing is carried out in the course of its legitimate activities with appropriate safeguards by a foundation, association or any other non-profit seeking body with a political, philosophical, religious or trade-union aim and on condition that the processing relates solely to the members or to former members of the body or to persons who have regular contact with it in connection with its purposes and that the data are not disclosed outside that body without the consent of the data subjects;

Data Protection Law and Political Parties in Europe

• In theory, parties cannot process data on political affiliations without express consent

• But they can process data on members, former members, donors and “regular contacts”

• Generally cannot maintain data from electoral registers (though practices vary)

• Stricter rules for e-mail and telemarketing, than mail canvassing

Perhaps these practices are confined to the US because of:

– Dominance of First Amendment protecting freedom of speech and association

– Liberal campaign financing laws allowing individual, corporate and PAC donations

– No comprehensive personal data protection act– Extensive market in personal data – Decentralized political parties with local autonomy

BUT there are pressures elsewhere……

Partisan de-alignment: “parties without partisans”

Shift from ‘mass’ parties to ‘catch-all’ partiesShift to more open procedures for selection of

candidates (primaries)Enormous influence of political consultants Universal appeal of mobile apps and social

networking toolsDecreased costs and technical requirements as a

result of lessons drawn from the US

Concluding questions for DPAs?

• Generic issues concerning non-consensual, non-transparent and insecure capture and transmission of PII through apps.

• Also some particular questions in the “political” environment:– Who now is a “volunteer” or a “canvasser” for a candidate/party?– Who is now a member or former member?– Who is a “regular contact”? – Who now is the data controller -- the campaign or the party?– How might PII migrate between parties/candidates and related

community/social movement campaigns?– How might PII migrate from politicians as elected representatives to

politicians as candidates and campaigners?

It all boils down to….. “what would Aristotle have thought of

Aristotle.com?”

???