Douglas Carswell MP is a data controller.
It says so on the Information Commissioner’s register:
(I hope he remembers to renew the registration when it expires next week it’s a criminal offence to process personal data as a data controller without a registration, unless you have an exemption).
But, more directly, he is a data controller because as an MP he is a person who determines the purposes for which and the manner in which the personal data of his constituents is processed. Sensible guidance for MPs is provided by Parliament itself
A Member is the data controller for all personal data that is handled by their office and they have overall responsibility for ensuring that this is done in accordance with the DPA.
I have already written recently raising some concerns about Carswell’s alleged handling of constituents’ personal data. But this week he decided to leave the Conservative Party, resign his seat, and seek re-election as a member of the UKIP party. James Forsyth, in the Daily Mail, talks about the constituency knowledge Carswell will bring to UKIP, and reports that “one senior Ukip figure purrs: ‘The quality of Douglas’s data is amazing'”.
The second data protection principle requires that
Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes
A person’s political opinions are “sensitive personal data”, afforded even greater protection under the DPA. It is not difficult to understand the historical basis for this, nor, indeed, the current basis for its still being so. Data protection law is in part an expression of and development of rights which were recognised by the drafters of the Universal Declaration of Human Rights and European Convention on Human Rights. Oppression of people on the basis of their politics was and remains distressingly common.
If I gave my data to help the Tories and found it was being used to help UKIP I’d be livid
UPDATE: Paul Bernal has written a superb piece on the broader ethical issues engaged here.
Filed under Confidentiality, Data Protection, human rights, Information Commissioner
4 responses to “Data protection implications of MPs crossing the floor”
Leave a Reply to Ross Grant Cancel reply
-
InformationRightsandWrongs by Jon Baines is licensed under a Creative Commons Attribution 4.0 International License.
informationrightsandwrongs 
Pingback: Data and politics… | Paul Bernal's Blog
I can’t imagine it will be hard for the Conservatives to line up a few of their local members to complain about Carswell’s apparent misuse of their data.
Parties have been doing this with data, with varying degrees of sophistication, for years. Indeed, much of the benefit for them is being able to track an individual over the years, combining canvass returns, returns of who actually voted with all their other data to identify voters who need and will respond to their efforts. If voter X always votes, and always votes Tory, then they can effectively be ignored by all the parties (including the Tories). On the other hand if voter Y votes Tory, but only occasionally makes it to the polling station, then the Tories ought to work hard to persuade her to turn out to vote.
They must have been using the same data for all of their work, not just getting Carswell elected but also local and Euro elections, PCCs and so on.
All of which suggests that the Tories’ data must pre-date 2005 when Carswell became an MP, and it’s their data and not his. So while s. 55 may well be engaged, perhaps a productive line of attack for the Tories would be that he’s in breach of their database rights.
Isn’t an issue that people gave information to an MP, irrespective of party. Carswell has ceased being an MP. He should therefore delete the information?
Pingback: You can’t take it with you | informationrightsandwrongs