
The headline does not need that many words...
"apps riddled with privacy, security issues" is more than enough...
The Open Rights Group (ORG) has raised concerns about a number of security issues it found in all three of the canvassing apps developed on behalf of the UK's three major political parties. Labour, the Conservatives, and the Liberal Democrats all offer different digital tools that aim to ease the burden of data entry for door- …
This post has been deleted by its author
I resigned from Momentum after they emailed all constituency data managers, reminding them of the importance of data security.
The email had all our personal email addresses in the CC field.
Despite repeated requests for them to remove me from their mailing lists, I was still getting emails with other members details for over a year afterwards.
I reported them to the ICO twice, I'm not sure if anything happened, as I eventually blocked their emails
After receiving a letter helping me decide on my postal vote, I complained to the Lib Dems and was informed they can do what they want with electoral roll data.
I asked if I could post his reply on the local community page, and was informed I could not.
I also asked to be forgotten under GDPR rules, still waiting for this reply.
Another rules for you on GDPR, but they can roll U over. What a Twit (misspelt)
"and was informed I could not"
Why not? If you were given a response to a legitimate non-personal question, they shouldn't mind if you publicise it as it'll be what they say to everybody who asks that.
This reaction suggests to me that you were given a brush off, the person is well aware of this, and doesn't want the hassle of being caught out.
The thing is, unless there is an aforementioned (and agreed by you) accord [*], there isn't any expectation of confidentiality, especially given as they are public servants and the question was in context of their public function.
If I was in your position, I would start by publishing it, because they're probably saying the same shit to everybody else and ignoring the law.
IANAL, etc.
* - Some crap at the bottom of an email doesn't count, it was never "agreed" to by you.
No idea about the rest of the exchange, but regarding the use of voter contact details from the unedited register, they are permitted to access this and use it for the purposes of official party-political campaign messaging, yes. It's either that, or we have an unequal system where whichever party is in government today effectively has all those details available by proxy, and all other parties are left to throw around as much money as they can gather, hoovering up whatever data they can from data-brokers, shady or otherwise. Personally, I'd rather our political parties were competing on as level a playing field as possible, and were given as few incentives as possible to cosy up with people who profit from selling my data. Getting the odd bit of junk mail that goes straight into the shredder on arrival is a small price to pay in my opinion, though I do make the effort to reach out whenever possible and advise them that it'd be better for their campaign budget and for the planet if they crossed me off their mailing list. Funnily enough, most parties have been fairly amenable to that - with the noticeable exception of the Scottish Greens...
A few elections ago our local Greens produced a big wodge of newsprint, unlike the other parties who simply printed small fliers. Their delivery of this wodge fell somewhat short. Instead of finding its way into my letter box it was dropped on the path as a piece of litter. But then the Greens have been wilfully ignorant of real green matters for uears.
This post has been deleted by its author
It was Liberal Democrat policy to overturn Brexit (whatever you may feel about it) proving once again any party with “Democrat” or “Democratic” in their title are neither. During their horse-trading with the Conservatives in 2010 they got a referendum on AV in exchange for boundary realignments to rebalance the voting-power of a single vote (based on actual population data – ie democracy) – the Limps went on to break their deal and vote against the boundary changes. The Liberal Democrats are neither liberal (wanted v.mandates and harsher lockdowns) nor democratic (wanted to reverse the will of the people).
"wanted to reverse the will of the people"
Keep on repeating that if it makes you feel better, but do remember that quite a number of people who were directly affected (ie live and work in the EU) were unable to vote and effectively told "shut up, this doesn't concern you", and remember also that parts of the United Kingdom actually voted in favour of the EU but larger numbers of people in other parts carried the vote. I do recall the English using the threat that if Scotland separated from the UK, they would lose their EU place and really "better together". Fast forward a few years and those same English tore away Scotland's EU place regardless of the democratic will of the Scottish people.
As for the Lib Dems opposing Brexit, maybe some day in the long distant future they'll eventually be exonerated, but for the time being far too many people are still behind the cult of Brexit, flag shagging nationalism (ie Farage), and in denial of the damage that it is causing for anybody to talk about any practical solutions that may try to undo some of that damage (such as a customs union).
Practically, the UK cannot rejoin the EU primarily because this hubristic concept presupposes that the EU would even want the UK back - sorry, but the last government did damn near everything in their power to ensure that there would be no red carpet welcome. The UK can, however, stop repeatedly shooting itself in the feet while triumphing minor trade deals as massive Brexit benefits, because a little blip doesn't make up for a huge loss. Your trade is down, your opportunities are down, and pretty soon you may find yourself floundering in a tug of war between the US and everybody else, and if you're really stupid enough to believe that the "special relationship" would benefit the UK in any way then that right there is reckless levels of delusion.
So basically, it sounds like only Share2Win had any actual security issues found. The fact that Firebase is often misconfigured doesn't automatically mean that the MiniVan app is insecure. As for the Labour apps, it's been pretty well publicised that they use Experian Mosaic to map postcodes to socioeconomic groupings as a means to target their campaign messaging, so it's no surprise their apps make calls to Experian URLs. So long as no personal information is changing hands, it's not even subject to GDPR.
Static analysis... Sounds to me like someone went on a fishing expedition, hoping to make a big headline here, and instead found basically nothing beyond the one app that was already known to be problematic. There's definitely a debate to be had around how these databases are built, managed and regulated in order to keep them secure and compliant, but I don't think this study added anything of value to it beyond pointing out that only expert regulatory scrutiny of the whole end-to-end ecosystem these apps operate in will be sufficient to assess their performance in those areas. It's worth remembering that these party databases are already subject to additional oversight when compared to business and public-sector, as parties must comply with the conditions laid out by the Electoral Commission in order to work with data from the Unedited Register. If they screw up, they risk not only some very embarrassing headlines, but stiff financial penalties too, and in the worst cases, they could put election results in jeopardy or even end up being barred from standing candidates, so they're even more incentivised to handle things responsibly than most other orgs out there.
I hate it, but if the article said: all parties' apps had slurped and spaffed constituents' data then left it on an unlocked laptop on a bus, your average Joe would say, "So what? I've got nothing to hide", etc, etc.
It didn't sound like thorough research to me; however, well done for trying, but don't expect the great unwashed to care.
Who knew it? It turns out career Politicians and the talent-less hangeroners who surround them know xxxx-all about real world stuff! I mean, next you'll be telling me we made a helpdesk complaints wallah Chancellor of the Exchequer! - No, I retract that - excuse my shock-jock excess, nobody would be THAT stupid! Would they?...
"...the common and continual mischiefs of the spirit of party are sufficient to make it the interest and duty of a wise people to discourage and restrain it.
It serves always to distract the public councils and enfeeble the public administration. It agitates the community with ill-founded jealousies and false alarms, kindles the animosity of one part against another, foments occasionally riot and insurrection. It opens the door to foreign influence and corruption, which finds a facilitated access to the government itself through the channels of party passions. Thus the policy and the will of one country are subjected to the policy and will of another."
- Anonymous colonial administrator's farewell address.