Opinion: British Columbia ruling on political party data collection privacy is a victory for voter privacy
Colin Bennett is a professor of political science at the University of Victoria, where he studies data-driven elections. He has written numerous articles and reports on privacy and elections and helped develop new guidelines on Council of Europe political campaigns.
On March 1, the Office of the Information and Privacy Commissioner of British Columbia released a very important decision require federal political parties to comply with British Columbia’s privacy laws when collecting, using or disclosing personal data about residents of the province.
This is an important victory not only for voter privacy, but also for the integrity of our elections and democracy. This should bring more transparency to how political parties use Canadian voter data in their campaigns.
Contemporary elections in Canada, as elsewhere, are data driven. Political parties have become increasingly sophisticated in targeting voters, primarily through social media. When Michael McEvoy, BC Privacy Commissioner Investigates Provincial Parties in 2019, he discovered that they collected a variety of sensitive details about voters – such as income, ethnicity and religious affiliation – from a number of sources, and often without their knowledge and without their consent. Data brokers assist the parties in these efforts.
British Columbia’s privacy law applies to federal political parties, says commissioner’s office
This is a process with many risks, which is why most advanced democracies apply their privacy laws to political parties. The gold standard in privacy, the European Union’s General Data Protection Regulation, has designated political data as a category of sensitive information, to be captured only with express consent.
In Canada, data governance experts, regulators and civil liberties groups have been advocating for years that federal political parties be governed by the same legal principles that apply to all other private, not-for-profit organizations and businesses. . Digital Rights Defenders criticized the exclusion of political parties from the federal government’s recent privacy bill – the Digital Charter Implementation Act – as cynical. The Privacy Commissioner of Canada has repeatedly made the same recommendation to Parliament, only to have it ignored.
Voters agree. In a 2019 poll by Campaign Research and commissioned by the Center for Digital Rights, the vast majority of Canadians said they want political parties to be subject to strict privacy regulations. After so many scandals and abuses of digital campaigns in these last yearsthe arguments for greater transparency and independent oversight are unassailable.
BC’s recent ruling on federal political parties came after three residents asked the Liberals, Conservatives, NDP and Greens what personal information the parties held about them. The parties responded, but the complainants were not satisfied. Backed by the Center for Digital Rights, they filed a complaint with Mr. McEvoy, who opened an investigation.
The NDP, Liberals and Conservatives then responded that the Privacy Commissioner had no jurisdiction over their data operations. (The Green Party did not contest the complaint.) As federal organizations, they argued they were not bound by British Columbia’s Personal Information Protection Act, a provincial privacy law. private life. Mr. McEvoy then mandated David Loukidelis, former holder of the same position, to conduct an investigation.
What’s so interesting is how all three parties have fought this case so fiercely, engaging high-profile law firms to push back against the Privacy Commissioner’s assertion of jurisdiction. . They made extraordinary arguments that only reinforced the importance of the unregulated collection of voter data to their operations.
The NDP argued that British Columbia’s privacy law was an unconstitutional expression of provincial power and violated the right to vote guarantee contained in the Charter of Rights and Freedoms. The Liberals maintained that they were not “organizations” within the meaning of the law. Each of the parties argued that the provincial law contradicts “primary” federal laws, in particular the Elections Act, and infringes on the exclusive power of the federal government over federal elections.
But the electoral law does not protect all personal data that parties may collect – it only applies to the use of the list of registered voters. And the election commissioner has already refused to investigate how parties use the voters list as the basis for their internal databases.
After a very detailed legal analysis, Mr. Loukidelis rejected these arguments and concluded that the law is constitutional, that his definition of “organizations” applies to federal political parties and that it is not superseded by federal law. . He handed the victory to the three residents of British Columbia.
But this case is not just about the rights of these specific voters to access their data. Privacy regulations impose much broader obligations on parties to collect, process and disclose personal data only with the consent of the individual. That’s what it’s all about and that’s why the parties fought this case so hard. The BC Privacy Commissioner’s order would also mean one set of rules in the province and another for the rest of Canada.
So what practices are political parties trying to hide? Why should compliance with this law be seen as such a threat to their interests? If nothing bad happens, they shouldn’t be afraid of an expert regulator lifting the veil on their practices, advising them on good privacy and security management, and giving Canadians the assurances they need.
The BC Privacy Commissioner’s decision may seem like a small step, but it could be a big step toward protecting voters’ privacy rights and improving integrity. and the transparency of our elections.
Keep your opinions sharp and informed. Receive the Opinion newsletter. register today.