Political parties and voter privacy: Australia, Canada, the United Kingdom, and United States in comparative perspective
First Monday

Political parties and voter privacy: Australia, Canada, the United Kingdom, and United States in comparative perspective by Philip N. Howard and Daniel Kreiss

Political parties are among the most lax, unregulated organizations handling large volumes of personally identifiable data about citizens’ behavior and attitudes. We analyze the privacy practices of political parties in Australia, Canada, United Kingdom, and United States to assess the current state of electorate data, compare regulatory efforts, and offer policy recommendations. While data has long been a part of political practice, there has been a revolution over the last decade in the opportunities for gathering, storing, and acting upon data. Candidates, parties, lobby groups and data–mining firms collect massive amounts of data. They trade analytical tools, databases, and consulting expertise on a vast and unregulated market. In these practices, political actors routinely violate the privacy norms of many citizens. There are also documented cases of data breeches in all four countries. Meanwhile, political parties face relatively few restrictions on their use of data, and have developed a wide variety of largely voluntary privacy policies that are inadequate. We argue that some straightforward policy oversight would significantly improve the way personal records are handled by political actors.


The comparative politics of data mining
Why policy–makers and citizens should be concerned
Analysis: Policy oversight in four democracies




With every passing election grows concern about the way political candidates and parties gather and manipulate data about public opinion and voter preferences. For example, the data collected by the Obama campaign provides an indelible record of the volunteer efforts of millions of supporters around the country. Every action taken in response to an appeal to donate or volunteer among the 13 million citizens on Obama’s e–mail list, for instance, is etched in a database now housed under the auspices of the Democratic Party. As are the 223 million pieces of information citizens provided to Obama’s army of online and on–the–ground canvassers.

Despite its unique scale, the Obama campaign is merely the culmination of a two–decade long international revolution in political data. Data provides the invisible backend of contemporary campaigning across the developed world. A vast, international data industry and infrastructure underlies both old–fashioned shoe leather campaigning and newer forms of ‘Web 2.0’ politics conducted over social networks such as Facebook. In countries around the world political parties have built better databases, integrated online and field data, and created more sophisticated analytic tools to make sense of these traces of the electorate. They have crafted new ways of using data to strategize during elections and legislative battles. Meanwhile, political parties and candidates are not the only actors interested in voter intelligence: civic groups, lobby groups, unions and private firms also make use of data about citizens who donate money, affiliate with social movements, and register to vote.

Today, many policy–makers and industry lobbyists are aggressive in enrolling individual consumers in the task of securing their own data against loss or theft. However, little is known about contemporary political data practices, making it hard to determine whether there is a need for more robust public policy oversight. In this article, we ask what types of information do candidates and parties in mature democracies collect, and how do they act on them? What are the best ways of ensuring that confidential personal records are kept private during the work of political marketing? And, while it is difficult to imagine that any country could function democratically without a system of political marketing (Hunter, 2002; Henneberg, 2004) how can policy–makers ensure that there is robust electoral competition and political debate?



The comparative politics of data mining

Australia, Canada, United Kingdom and United States are all advanced democracies with largely English–speaking electorates and the primary markets for the international trade in data and data mining expertise. Across all four countries there are marked similarities in the types of political data collected by candidates and political parties, the systems for storing this data, and a professional class of political operatives who analyze and act on this information about the electorate.

Powerful advances in computing since the 1970s have greatly facilitated the breadth and depth of data compiled on the electorate of these democracies. Parties in Australia, Canada, the United Kingdom, and United States now maintain — or access through private firms — a mix of public, commercial, and generated data on the electorate. Public data includes vehicle and party registration records, voting and financial donation histories, and real estate records. Parties purchase commercial data from credit agencies and other vendors to access the credit histories, magazine subscriptions, and grocery purchases of voters. Meanwhile, as paid staffers and volunteers for parties and candidates contact voters, the information they learn is stored in these databases. Taken together, this is a vast trove of data. One U.S. firm, Catalist, is reputed to have 450 points of data on more than 250 million people in the United States.

Data alone is not valuable, however. It needs to be made meaningful to campaigns in some way. Namely, campaigns need to figure out who their supporters and likely swing voters are in order to turn them out or make a play for their votes. To this end, consultants poll likely voters and then look at their supporters and undecideds to determine what demographic and lifestyle characteristics they have and model prospective voters. The models generated from this data then gets mapped onto voter databases to generate a set of individual targets that campaigns contact.

The increasing uptake of the Internet in campaigning over much of the last decade has, in turn, provided a wealth of new data for campaigns. Parties continually track user behavior on their Web sites and user actions with respect to e–mail messages to ‘optimize’ applications, steering users to donate money and sign–up for volunteer activities. Campaigns segment their e–mail communications to supporters based on their demographics and involvement with the campaign. During the 2008 U.S. Presidential election cycle, campaigns made the first forays into gathering individual and social network data from individuals who “friended” campaigns on commercial social networking sites such as Facebook. Campaigns, in turn, are increasingly synching this online data with the voter databases detailed above.

Even as they share similar data practices and infrastructures, parties and candidates in the four countries we surveyed operate in different regulatory contexts governing the use of voter data. For each country below, we describe the regulatory framework in which political parties operate, assess their data management practices, and consider their stated privacy policies posted online.


There is little formal oversight of the activities of Australian political parties when it comes to data management and privacy. Political parties are exempt from the 1988 Commonwealth Privacy Act and the Privacy Amendment (Private Sector) Act 2000 when their activities are “in connection with an election, a referendum, or other participation in the political process.” By law, parties are “allowed to use that [national voter] roll, inter alia, for ‘any purpose in connection with an election’”, even as the use of this data for commercial purposes is prohibited (Onselen and Errington, 2004). Because political parties are private organizations, they are also exempt from the Freedom of Information Legislation, which means that they cannot be forced to disclose voter profiles at the request of citizens.

Australian political parties take full advantage of this lax regulation: they use the same voter databases for both elections and governance. For example, the Liberal Party’s voter database is called Feedback, while the Labor Party’s is Electrac. Feedback and Electrac are centralized party databases that receive all personal information about voters logged from Member of Parliament (MP) and candidates’ computers. Parties start with the publicly available voter roll, which is then supplemented with telephone and address records. Voter profiles are generated through this public information and commercially available databases, and then supplemented with records of phone calls to MP offices, letters to newspaper editors, and community–group membership lists. Commercial data is supplied through firms such as the world’s largest producer of consumer data, Acxiom, which at the beginning of the decade had a number of Liberal Party members on the board of its Australian subsidiary (Bockmann, 2004).

Using this data, voters are categorized according to age, occupation, gender, interest in more than 300 public issues, and their party identification. Typically, voters are catalogued as being weak, leaning, or strong supporters, or undecided.

In sum, all communications to the voter from the party office, whether in the context of governance or campaigning, are stored within these database. Most of the data is gathered and stored locally and then aggregated by the central parties, who have a strong interest in ensuring that data gathering is robust at the local level. Indeed Electrac is compulsory for all party MPs to purchase and use (Onselen and Errington, 2004).

Similar to the other countries surveyed, we found that Australian political parties have more robust online than offline data privacy policies. While there is little transparency around the use of electoral databases, for instance, Australian parties and candidates provide public statements and privacy protections around the use of online data. In its first privacy policy statement provided online in 2004, which has remained substantively the same, the Australian Labour Party (ALP) promised that “personal information provided to the ALP and information collected by the ALP will not be disclosed to any other third party except where legally required.” Meanwhile, the Liberal party’s privacy policy was not accessible in 2000, but easily found by 2004 and is today much the same. It explicitly states that “Any and all information collected at this website — including application form content and email addresses — will be kept strictly confidential and will not be sold, re–used, rented, loaned or otherwise disclosed to a third party, except where prior written permission is obtained from the individual who supplied the information and to whom the information refers.”


In recent years a number of privacy–related incidents have garnered extensive media attention in Canada, throwing a spotlight on the data practices of parties and candidates. In 2006, Conservative Party MP Cheryl Gallant sent birthday cards to her constituents using data from passport applications that had been submitted to her office. In 2007, Prime Minister Stephen Harper sent greeting cards to a number of citizens during Rosh Hashanah, causing a scandal that brought the existence of these political databases to wide public attention. In 2009, it came to light that the Royal Canadian Mounted Police had discovered lists of voter names and addresses at the offices of a cell of the Tamil Tigers — which had been classified as a terrorist organization for several years. The data was being used to help identify potential financial contributors. These incidents revealed, for the first time for much of the public, the extensive data stored about Canadians and used for a range of political purposes. Unlike Australian parties, the Liberal and the New Democratic parties both distinguish between constituent service records and voter campaign records, though doing so is voluntary and not independently confirmed. The Conservative Party, by contrast, uses a single database for both activities — the Constituent Information Management System (CIMS). The database not only contains profiles of voters based on public information, but is continually updated by elected officials as they log every constituent contact. This practice is mandated by the Conservative Party, and local party offices pay a small fee of $2,000 to the national party for a database of voters in their districts (Turner, 2007). Journalistic reports from 2008 suggest that Conservative efforts have in recent years grown even more sophisticated. Their efforts now include a database that includes geo– and psychographic surveys, polling, and personal contacts. The Party learned these practices from the Liberal Party in Australia and U.S. Republican strategist Mike Murphy (Valpy, 2008).

Meanwhile, during the 2008 election cycle the Liberal, Conservative, and NDP all used a powerful new Environics–developed analytical tool that creates sophisticated neighborhood profiles to target minority communities. Garnering extensive media attention, the Environics program:

breaks down voters into 18 groups, including suburban upscale ethnic and urban downscale ethnic, and provides a map of where they live in each of the 308 constituencies. Residents are assigned to a group based on their income level, age, job type, family type, ethnicity, and social values. The program then analyzes the 2006 election results through this lens to understand how much support each party received from each voter group, how large each group is, and where each one lives. (Jiménez, 2008)

Privacy experts agree that many of these practices are unethical, but probably not against the law. There is a commercial privacy law (PIPEDA) that parties are exempt from (the Liberal Party, however, says it voluntarily adheres to PIPEDA and the New Democratic Party says it will honor a key aspect of the law: transparency when a citizen requests to find out what data has been collected about her.) Political parties are also exempt from the ‘do not call list’, as are survey companies, charities, and newspapers.

The incidents cited above have led to increased scrutiny on the data practices of campaigns in recent years. Some scholars and pundits have advocated for a Canadian Charter of Privacy Rights that would clearly assign rights and responsibilities to political actors — instead of the current hands–off regulatory environment (Shade, 2008). The Canadian privacy commissioner recently released a report suggesting that the way political parties circulate data on the electorate may put voter privacy at risk. The office found that at least one percent of voter lists have gone missing during elections and by–elections and that Elections Canada collects too much personal information on Canadians, including on teenagers too young to vote. The report also noted that paper and electronic copies of voter lists are widely circulated to political parties and candidates who are not covered by the same privacy laws that federal employees have to abide by. Indeed, parties and candidates are not even compelled to report data losses or breeches to Elections Canada, the privacy commissioner, or a consumer protection agency.

As in the other countries in our survey, online privacy policies are left entirely to the discretion of parties. The Conservative Party Web site is not well archived, but its current privacy statement indicates that “it does not actively seek to collect the personal information of Canadians. Nor does it collect any personal information about you without your permission.” Elsewhere, however, the statement indicates that “because the Conservative Party is a national organization with a riding–based membership system, your personal information may also be used by our local riding associations including by contestants for nominations. For example, if you have made a financial contribution, the local riding may contact you to see if you would like to continue your support.”

Both the New Democratic Party and the Liberal Party had comprehensive privacy policies, linked from their home pages, by 2004. The Liberal Party policy promises to use personal information to communicate with citizens about Party activities and information, but not to sell personal information. The NDP offers to hold personal information in strict confidence, and only to share it with “express permission.” As in the Australian case these Internet privacy statements say nothing about the use of electoral databases.

United Kingdom

In the United Kingdom, there are a patchwork of regulations that apply to political parties with respect to the use of data. Direct marketing by political parties is governed by the Data Protection Privacy Act of 1988 (DPPA) and the Privacy and Electronic Communications Regulations of 2003 (PECR). All data handling is expected to comply with seven principles:

  1. obtained for specified and lawful purposes;
  2. adequate, relevant, and not excessive;
  3. accurate and, where necessary, kept up–to–date;
  4. not kept for longer than necessary;
  5. processed in accordance with the subject’s rights;
  6. kept secure; and,
  7. not transferred abroad without adequate protection (U.K. Office of Public Sector Information, 1998).

Meanwhile, Section 11 of the DPPA requires organizations (including political parties) to stop sending marketing material through post, online, or over the telephone if a citizen explicitly opts out. The Liberal Party learned this in 2008, when through a legal challenge it was reminded of a distinction between promotional and policy calls. For the former the party needs prior approval from the voter. E–mail contact is governed similarly, requiring prior consent. Even with these protections, it is unclear to what extent it is easy for citizens to opt out, and what happens to citizen information that is no longer necessary. Meanwhile, in contrast to promotions, research calls are broadly legal according to an advisory opinion of the U.K. Information Commissioner:

We are aware that political parties do not just communicate with individuals for promotional purposes. A political party can conduct genuine research just as professional market research companies do. Parties should, however, be careful to ensure that such communications are not in reality soliciting support under the guise of research. For example, a telephone call which starts by seeking opinion and then urges support or invites contact with a candidate would be considered as a marketing call and must therefore be conducted in accordance with the PECR. (U.K. Information Commissioner, 2005)

Even in the face of such regulation, political parties have sophisticated databases and highly developed processes for micro–targeting swing voters. Even further, the U.K. case demonstrates how database technologies and technical expertise cross national borders. The U.K. Conservative Party purchased the U.S. Republican Party’s database system, Voter Vault, in 2005. It is a relational database that draws from electoral rolls, census data, commercial data, and canvassing records to identify probable conservative supporters and swing voters that can be micro–targeted. There are 400 social characteristics tracked through Voter Vault including lifestyle choices, which are then analyzed using the credit agency Experian’s “Mosaic System,” a voter modeling program also used by supermarkets to work out which products to target at shoppers (Watt and Borger, 2004). The system graphically presents the odds that a citizen will vote, along with the probability that the voter will cast a ballot for the Conservatives. The Conservatives also track general population social characteristics against survey data on their own members to identify their likely voters. These systems are very accurate. According to Watt and Borger (2004), “In one study of 340,000 people the Tories achieved an 82 percent success rate in predicting who would vote for them.”

While not as extensive as Conservative efforts, other U.K. political parties have long engaged in data practices, including deploying Experian’s Mosaic System. The Liberal Democrats are using a homegrown database first developed in the 1980s called Election Agents Record System (EARS). This system places its emphasis on generating and retaining local canvassing data through field–level communications with constituents (McCue, 2005). The Labour Party used its Excalibur database throughout much of the last decade, but in 2007 contracted with the credit agency Experian to design, build, and manage a new database called Contact Creator that also handles e–mail and direct mail campaigns.

In the absence of clear standards, each Party meanwhile dictates its own privacy policies online. The Conservative Party developed a privacy page early on and kept it consistent through to the present. It provides a detailed list of the ways in which the party collects data. The Labour Party’s Web site has had a dedicated privacy page since at least 2002, and interestingly is one of the few parties with explicit commitments forbidding data transfer out of the country and offering users the right to remove details at any time. In contrast the Liberal Democrats did not have an accessible privacy policy until 2005. They too commit to not pass data on to third parties, although with many caveats:

Any personal information you provide, including your e–mail address, will not be passed on to any third party (other than any contractors or firms working on our behalf), except where you have signed a petition or similar, where the petition will be presented to a third party. We do not keep personal information for longer than necessary.

United States

As we have documented recently (Kreiss and Howard, 2010) political campaigns and parties in the United States face almost no regulation with respect to the collection, use, storage, and dissemination of data on citizens. On First Amendment grounds, provided they remain non–state actors candidates and parties enjoy broad latitude with respect to their data practices. Official state agencies and elected officials, for instance, are governed by a host of federal laws, such as the Privacy Act, that restrict the ways that data can be used in the course of governance. This includes mandating separate databases for the conduct of governmental affairs and campaigns. This stands in sharp contrast to the ways lawmakers and courts have generally protected candidates and parties’ use of databases to know who to speak to and what to say. This even extends to third–party providers of commercial and public data to campaigns and parties, who also can claim a broad political exemption.

The United States is the global pioneer in generating and storing political data. Beginning in the 1990s and carrying through to the present, both the Republican and Democratic parties used advances in computing technologies to build national–level databases. The Republicans were the acknowledged leader in this domain until the Democrats launched a national voter database effort during Howard Dean’s tenure as Party Chair. These databases blend public data (vehicle registration, party registration, and real estate records) with commercial data (magazine subscriptions, credit histories, grocery club card histories). The Democrats, in turn, brought their national party database online for the first time during the 2007–2008 cycle. This enabled the tens of thousands of field staffers and volunteers canvassing the electorate for campaigns from governor to president to continually update the database from field offices scattered throughout the country.

The uptake of the Internet in campaigning over much of the last decade has, in turn, provided new data sources. Obama’s effort was, by far, the most sophisticated political campaign with respect to the use of this data to–date. This happened on a number of levels. First, the campaign continually watched user behavior on its website and user actions with respect to e–mail messages to optimize its applications, resulting in millions of additional dollars donated and signups to the e–mail list.

Second, the campaign segmented its e–mail communications to supporters based on their demographics and involvement. Third, the campaign gathered data from individuals who “friended” the campaign on commercial social networking sites such as Facebook, data that was then synched — albeit imperfectly and through much effort — with voter databases and used to organize youth volunteers in early primary states. For example, the campaign’s Facebook Connect application enabled supporters to urge their friends in early primary states to vote, merging voter registration fields with social network data in a way that leverages the data about links between people, not just variables about people (Ambinder, 2008).

Similar to the other countries surveyed, there is no coherent overarching framework for protecting voter privacy online. In 2009, the Democratic Party noted that it “will not sell, rent, or disclose e–mail addresses or information about persons obtained solely from members of the online team program” — marking a distinction between online and off–line (or differently–acquired) voter data. The Republican Party, meanwhile, explicitly stated that it “may share your information with like–minded organizations.” Meanwhile, candidates are free to craft their own privacy policies for online data. In practice, candidates widely retain voter information across election cycles to cultivate an independent base of support for legislative priorities or use as a resource for future campaigns — as John Kerry did. Or, as noted above, data flows to the party after a candidate gets elected (for instance, upon assuming the Presidency the data generated by Obama’s Presidential campaign was moved to the Democratic Party.)

Why should polic–ymakers and citizens be concerned about these practices and the general lack of regulation around the collection of political data? As we outline in pages below, there have been many incidents involving compromises in the information infrastructure of political parties, even as the extent and nature of political data has the potential to threaten associational freedom, truncate democratic debate, and skew electoral competition.



Why policy–makers and citizens should be concerned

Each country in this study has experienced some significant incidents of compromised personal records. Table 1 identifies the most prominent incidents of compromised party data records in the four countries studied here. The table reveals the diverse range of incidents that have attracted the attention of journalists, citizens, and government investigators. Sometimes data about citizens’ political preferences is compromised by accident, whether through an internal breach or because some third–party provider’s criteria for selling access to data is not well enforced. For example, in the United Kingdom the Conservative party accidentally released member data, and in the United States journalists have been able to purchase data from vendors who did not adequately check references. Sometimes the data is shared with organizations at the discretion of party officials, such as when data on U.S. voters was sent overseas for analysis. Most common are incidents where personal data is misused, or used by political actors who have not been expressly given permission to use the data.


Table 1: Major incidents of compromised political data.
DateOrganizations involvedIncident notes
February 2005Liberal Party, Desktop Marketing ServicesLiberals use a database reserved for emergency services and law enforcement political marketing. They acted appropriately, but questions raised about public telephone numbers being used for political telemarketing (Needham, 2005; Australian Communications and Media Authority, 2005).
May 2007All parties, TelstraChanges in Telecommunications law gave parties access to a public number database (Carswell, 2007).
January 2006Conservative PartyConservative member of parliament collects birthday information from passport applications, and sends constituents birthday cards. Subsequently cleared of wrongdoing (Harris, 2006).
October 2007Conservative Party, CIMSRosh Hashanah cards were sent to supporters with Jewish–sounding names (Cheadle, 2008; McGregor, 2008).
February 2009Tamil TigersPrivacy Commissioner report cites how voter data was found in a local office of the Tamil Tigers, evidently being used for political purposes (Brennan, 2009; CBC News, 2009).
All parties implicatedPrivacy Commissioner report regarding illegal use of public data by parties and exposure of voters to identity theft (CBC News, 2009; Spencer, 2009)
United Kingdom
November 2001All parties implicatedCourt case finds the State’s practice of selling electoral registers violates EU rules (BBC News, 2001; Dyer, 2001).
May 2008Conservative PartyConservative Party accidentally released private data in three computer files containing names, addresses, telephone numbers, and voting intentions were sent to a radio station and local newspaper — 8,500 voters affected (Hodgson, 2008).
September 2008Liberal PartyLiberal Party was found in violation of breaching privacy regulations through making robocalls — 250,000 voters affected (Carrell, 2008; Russell, 2008).
United States
March 2001Voter.comFailing firm auctions off voter profiles to raise cash — 170,000 voters affected (Sanders, 2001).
December 2003Aristotle Inc., All parties implicatedJournalists from Wired magazine purchase data online from Aristotle under assumed names and in apparent violation of state laws — data on 2,600 voters was purchased, though voter records 157 million voter were on sale for $25 per 1,000 names (Zetter, 2003).
September 2004Republican Party, Voter VaultControversy about Republican off–shoring development work on their voter database (Tynan, 2004). Questions about the security of the data (Grossman, et al., 2004).
May 2006Government agenciesConcern over commercial data being used by the executive branch (BusinessWeek, 2006).
October 2008Government agencies, All parties implicatedData on “Joe the Plumber” extracted from government agencies by political parties (Toledo Blade, 2008).
November 2008Presidential campaignsObama and McCain’s computers hacked by foreign agents, and Sarah Palin’s personal e–mail account was hacked by a college student (Newsweek, 2008; Glendinning, 2008; Stephey, 2008).


The failure of institutional transparency

The concerns over voter information used for unintended purposes can be seen in the news coverage of the incidents identified in Table 1. Even more, they reveal how journalists — and citizens — rarely realize that data about them is being collected and used for political purposes.

This lack of transparency is compounded by the stated privacy policies of parties, often presented online. In the vast majority of cases, the stated privacy policy on party Web sites only refers to data collected online, such as log files and any profile information a user might volunteer. In very few cases is there an easy–to–find policy statement on the other kinds of data these political parties use. In other words, online privacy policies often have nothing to do with the use of voter registration files or proprietary or third–party databases.

Table 2 reveals this, comparing the privacy policies of the major political parties in this four–country study. Along with providing the URL for each party, the table identifies whether or not the organization’s privacy policy is accessible through a front–page link based on archived editions of the Web site kept at the Internet Archive (http://www.archive.org/). In addition, we compare the privacy policies of parties on multiple points.


Table 2: Web site privacy policies of major political parties.
Party Year of accessible privacy policy?* Refers only to Web site users? Can users petition for exclusion? Sharing only with prior consent? Policy on other data? Notes
2001Will not share data. Data “not disclosed to any other third party except where legally required.”
2001Data shared only with “prior written permission” of the individual.
Bloc Québécois
(www.conservative.ca and www.conservateur.ca)
2005Will not share data. Data not sold or disclosed “to third parties except as required by the Elections Act.”
2004??Will not share, except to local party offices. Does not “sell your personal information to anyone under any circumstances.” No statement on allowing unpaid access to affinity groups.
New Democratic
2004Will not share with third parties, except with “express permission.”
United Kingdom
2000Does not sell or disclose to “outside organizations or individuals”; no transfer outside the U.K. Users may opt out, right of user access for an administration fee.
2000Will not sell, share or rent data. The Party claims sole ownership of data, with access allowed only with disclosure on the website. Detailed list of the ways data is collected.
Liberal Democrats
2005Shared only with contractors or firms working on Party’s behalf.
United States
1999“The DNC will not sell, rent, or disclose e–mail addresses or other information about persons obtained solely from members of the online team program when creating their teams.”
1999“We may share your information with like–minded organizations.”
Note: Web sites inspected in January–March 2009. Internet Archive Wayback Machine (http://www.archive.org/web/web.php) consulted in the same period. Comparison dates contingent on when dedicated pages appeared or when privacy policy was clearly accessible from home page. As with all uses of the Internet Archive Wayback Machine, comparisons are meant to suggest general content and features, not necessarily an absolute view of what pages looked like. For example, parties have the right to have Web pages purged from the archive, and pages are often imperfectly archived. The Web sites of the Conservative Party of Canada was assessed beginning with records in 2005.
* Year of link to privacy policy from the home page.


As Table Two suggests, political parties use quite varied terms to describe what they will and will not do with voter data. These policies variously refer to sharing, selling, renting or disclosing data, but no party has a clear policy on all four of these possible ways of surrendering information about voters. This leaves many open questions. For example, if a party fails to state a policy on selling data, does that mean that it sells data, that it reserves the right to sell data, or that it neglected to develop a policy on selling data? In the complex web of political organizations, consulting agencies, and hired political guns jointly operating under contractual agreements, what exactly does it mean when a party pledges to not surrender data to a “third party”? If the Republican Party says they may be sharing data with “like–minded” organizations, would such organizations include generous political action committees or corporate actors with shared interests in legislative outcomes?

Overall, the wide range of terms used in the privacy policies of political parties illustrates the possibilities for subterfuge, opportunities for abuse, and general lack of transparency.

Associational freedom

In the United States courts have long held that privacy is important with respect to protecting anonymous speech and freedom of association. This is, in essence, the right to have a space to develop one’s political views and voice outside of the glare of the public. In this respect, privacy helps ensure robust political debate by providing the opportunity for citizens to form their own viewpoints, craft arguments, and develop political identities free from surveillance and public pressure so we preserve a space for fostering dissent from prevailing social norms. Political privacy, in this sense, has the robust social value of fostering a robust public sphere.

The logic behind associational privacy is that if citizens feel as if they are constantly being watched they will be less likely to state their opinions and be wary of the media, organizations, individuals, and consumer goods they choose to associate with. While non–official state actors such as candidates and parties are not the official arms of the state — which mitigates concerns over state–sponsored repression and surveillance — it is safe to assume that citizens do not distinguish between uses of political data in the context of electioneering and governance. Meanwhile, in Australian and Canada databases are actually merged across these domains. The danger is that if citizens start to realize that their expressly political affiliations (becoming a member of an organization), ideological engagements (magazine subscriptions), and even mundane lives (grocery club card purchases) are being aggregated to create a portrait of them that is then used for political purposes, they will alter their behavior accordingly.

Democratic debate

While freedom of association indirectly affects public speech in foreclosing those spaces apart for the formation of political views, political data also serves to shape political debate more directly. With unprecedented opportunities to tailor information environments to individual preferences — from what citizens see online, hear in a radio advertisement, encounter when they meet a neighbor canvassing at their door or a friend contacting them through Facebook, or even see in video games — campaigns engage in persuasive and mobilizational forms of communication designed to narrowly appeal to individual self–interest.

While speaking in these narrow ways to citizens on the basis of their interests and needs as gleaned through traces of their consumer and online data may produce turnout at the polls, it does not produce anything in the way of conceptions of the public interest or general good. Meanwhile, entire portions of the electorate (particularly those unlikely to vote, which also is highly correlated with lack of education and low socio–economic level) are routinely ignored by campaigns.

Asymmetries in information between political actors and voters, in turn, facilitates the ability of elites to manipulate the electorate. For example, candidates and their agents — paid operatives or citizen–supporters enlisted to spread their message and generate data on their friends and neighbors — know a lot more about those they are seeking to represent than citizens do about them. This makes these forms of “personalized political communication” (Nielsen, 2010) fundamentally transactional and manipulative, as campaigns and their supporters strive to tailor their political speech in terms of what individual voters want to hear. While this is not entirely effective, of course, it allows candidates to present only select aspects of themselves to voters, providing a fundamentally incomplete portrait of their policy preferences. Meanwhile, political data refashions relations between citizens in similar terms, creating power dynamics where volunteers not only have data on their peers, but they become active pitchmen to them.

Democratic competitiveness

Outside of the impact that political data has on the public sphere, it adversely effects democratic competitiveness and mechanisms for political representation. As a number of our cases suggest, parties set their own rules about providing candidates with access to political data. What that means is that elite–supported candidates often have exclusive access to party political data for the conduct of their campaigns. While there are a number of third party, private vendors of political data and analysis, these services are often cost prohibitive (which in turn privileges candidates that are also backed by interest groups that provide their own data and resources.) If non–institutional and non–wealthy candidates of the major parties are at a competitive disadvantage, minor party candidates are left entirely out of the equation. With few resources and comparatively little organizational infrastructure, third party candidates have little of the advantages offered to institutional political actors.



Analysis: Policy oversight in four democracies

In an interesting way, these cases present a number of options for public policy oversight in this domain. For example, oversight in the United States is highly decentralized, and indeed inaction at the federal level over the last eight years has prompted states to step in with their own regulatory regimes. These regimes more explicitly cover third–party data resellers, yet without creating clear obligations for political parties, candidates, and special interest groups. At the other end of the spectrum is the information commissioner of the United Kingdom, an organization whose very funding depends on the collection of licensing fees from firms making use of data. Such licensing allows the agency to maintain good records on the types of firms operating in the market for political data and the quality of the data.


Table 3: Public oversight of political data.
Office and mandateOffice of the Privacy Commissioner: Independent of executive branch, mandated by Privacy Act of 1988. Oversight of “privacy principles.”
Breach reporting requirementsVoluntary, though reform of the law is under consideration.
Public researchNo clear research publications on Web site. Clear data on number of incidents.
Organizational capacity62 staff in 2007–2008; budget of 7.3 million AUD (6.4 million CAD) in 2008–2009.
Performance metricsHigh–quality results, increased community awareness, robust relationships, and a competent workforce.
NotesPolitical parties, and organizations helping with elections, referenda or political participation are exempt. Rules currently being evaluated, with proposal to make breach reporting mandatory.
Office and mandatePrivacy Commissioner of Canada: Independent of executive branch and mandated by the Privacy Acts.
Breach reporting requirementsVoluntary.
Public researchSubstantial public information available online.
Organizational capacity110 in 2007–2008; budget of 19 million CAD in 2008–2009.
Performance metricsMetrics include number of inquiries, complaints, and Web site hits, and involvement in public and governmental forums.
NotesEnsuring the privacy rights of individuals are protected through compliance activities, research and policy development, and public outreach.
United Kingdom
Office and mandateInformation Commissioner’s Office: Under the direction of the Ministry of Justice, mandated by Data Protection Act of 1984, with additional guidelines.
Breach reporting requirementsVoluntary.
Public researchComprehensive information for citizens, reports on breaches. Collects and publicizes data on privacy breaches.
Organizational capacity314 staff in 2007–2008; budget of 16.7 million GBP (30.2 million CAD) in 2008–2009.
Performance metricsGoals of educating and influencing, resolving problems, and enforcement.
NotesData controllers must register and pay a fee (35 pounds), the fees from the budget of the ICO along with “grant–in–aid” sponsorship from the Ministry of Justice.
United States
Office and mandateMultiple offices: For commercial data it is the Division of Privacy and Identity Protection, Bureau of Consumer Protection, Federal Trade Commission. Government data must be managed by relevant agencies under the 1974 Federal Privacy Act.
Breach reporting requirementsRequired, with conditions, in 36 states.
Public researchSome state agencies report statistics, but the Government Accounting Office is the one office that consistently reports on data breaches.
Organizational capacityNo one agency responsible.
Performance metricsNo comprehensive performance metrics.
NotesMost of the policymaking is at the state level. Commercial databases are largely unregulated outside of breach notifications at the state level.


Table 3 compares the organizations for policy oversight along multiple dimensions: the federal–level agency responsible for oversight; its legal mandate and relative organizational capacity in terms of funding and staffing; whether or not breach reporting is voluntary or required; whether the agency produces public, accessible research; and, whether the agency has policy goals or performance metrics that it seems to be achieving, such as a reduction in breaches, improved public knowledge of issues, or successful prosecutions.

From this spectrum of oversight agencies and practices, we have devised a concrete set of policy recommendations that can strengthen voter privacy.

Policy recommendations

Reporting data breeches

In Australia, Canada, and the United Kingdom, there is no legal obligation on private data controllers to report breaches of security. Only the United States has breach notification laws, but there is no federal standard — states determine their own practices — and it does not apply to political actors. Despite these limitations, in the U.S. commercial context state regulations for the mandatory reporting of security breaches work relatively well. This is because private actors are often forced to raise their security standards to comply with the most restrictive state, and each breach raises public awareness of privacy issues. At a minimum, notification of breach policy obliges any business or agency that has been the victim of a security breach to notify any parties whose personal information may have been compromised — and this standard is used in the majority of states within the United States.

Political actors in all four countries should be held to the same level of accountability as commercial actors in the most restrictive states in the U.S. California’s policy, for example, provides a good model:

The company or institution responsible for handling the compromised data must notify potential victims individually, unless the cost of notification exceeds a threshold amount of $250,000, or if the total number of individuals affected is greater than 500,000. In these cases, substitute notification can be made using a combination of e–mail notification and disclosure to major media outlets. Notification must be carried out: in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law enforcement … or any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system. (California Civil Code)

Such a requirement for political parties would raise the pressure on political actors to keep data secure, make it possible to track the flow of data across organizational and international boundaries, make victims aware when they have been put at risk, and make the general public more aware of this issue.

Expanded party privacy statements

Parties should be required to develop privacy statements that cover the full range of personal data they manage. As is clear from the above discussion, most parties already have statements on their Web sites detailing varying degrees of online privacy protection. The problem is that these policies often fail to cover non–Internet sources of data, and there are very inconsistent standards. Some parties promise not to share e–mail addresses, but say nothing of the other data they collect. Some parties promise not to share server log files, but say nothing of the credit card data that they have merged with users’ online profiles. Some parties have very simple statements that they reserve the right to use whatever data they can collect, and openly advertise that they share data with whomever is politically affiliated.

Regardless of what the policies are, requiring parties to at least address a standardized slate of possible uses involving purchased, public, or user–generated data about voters would improve democratic transparency.

Separated constituent and campaign data

To discourage elected leaders or political parties from linking constituent services to electioneering, every effort must be made to prevent officials from merging these two types of data. Campaigns should be allowed to collect limited amounts of data on the electorate so as to make smart choices about how to approach potential voters. Elected officials, however, should not have access to this data — at the very least to prevent the possibility or appearance of officials rewarding or punishing voters through public services. Constituent service data should be distinct from campaign management data, and we recommend independent confirmation the incumbent candidates and political parties are maintaining this separation.




Even as data practices support political participation and mobilization, they come with a social cost. While the risks of poor data management practices may be partially borne by political parties, ultimately it is citizens whose personal records have been compromised. Political data is collected and traded on a vast and opaque market, with documented cases of breeches in security. Meanwhile, the extent and nature of political data has the potential to threaten associational freedom, as citizens become increasingly aware that much of their online and offline behavior is subject to monitoring and act accordingly.

Of greatest concern, however, is how political data affects democratic practice. As data grows more sophisticated, so too does targeted, persuasive communication that speaks narrowly to individual interests instead of public concerns. Currently, only well financed candidates can afford sophisticated data and modeling services, which truncates democratic competition. Finally, political data fundamentally creates ‘informational asymmetries’ between candidates and voters. These asymmetries undermine the mechanisms of political representation, enabling candidates to conjure up issue publics for their agendas and tailor narrow appeals for the support of voters.

Given the unique challenges to democratic practice posed by the data practices of parties and candidates in mature democracies, what is needed are institutional and technical innovations that secure political privacy while promoting participation, deliberation, and competition. Strong governmental oversight that secures the mandatory reporting of data breeches, expanded privacy statements, and separation of campaign and governance data will help protect political privacy while promoting strong democratic practice. End of article


About the authors

Philip N. Howard is Associate Professor in the Department of Communication at the University of Washington, with adjunct appointments at the Jackson School of International Studies and the Information School.
E–mail: pnhoward [at] uw [dot] edu

Daniel Kreiss is a Fellow, Information Society Project and Postdoctoral Associate at Yale Law School.
E–mail: daniel [dot] kreiss [at] yale [dot] edu



This research was supported by the World Information Access Project (www.wiareport.org) and funded by the Office of the Privacy Commissioner of Canada, under contract 2R008–08–0104. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the Office of the Privacy Commissioner of Canada. For their assistance and support of this project, the authors are grateful to Kim Alexander, Wendy Bolton, Greg Elmer, Chris Hoofnagle, Colin McKay and Gina Neff. In addition, we are grateful to the helpful staff of the Office of the Privacy Commissioner of Canada, the Office of the Privacy Commissioner of Australia, and the Information Commissioner’s Office of the United Kingdom.



Mark Ambinder, 2008. “How to tell your votebuilders from your mybos, your catalists from your vans,” Atlantic Monthly (14 November), at http://marcambinder.theatlantic.com/archives/2008/11/technology_catalist_votebuilde.php, accessed 21 March 2009.

Australian Communications and Media Authority. 2005. “Investigation finds no evidence of misuse of telephone number database,” Media release, number 9 (21 March), at http://www.acma.gov.au/WEB/STANDARD/pc=PC_2885, accessed 15 November 2010.

BBC News, 2001. “Court backs data privacy complaint” (16 November), at http://news.bbc.co.uk/2/hi/uk_news/england/1659807.stm, accessed 3 March 2009.

Michelle Wiese Bockmann, 2004. “Dark side of democracy,” Australian (20 August), at http://www.australianit.news.com.au/story/0,24897,10501564-15302,00.html, accessed 21 March 2009.

Richard J. Brennan, 2009. “Voter data security questioned,” Toronto Star (12 February), at http://www.thestar.com/article/586519, accessed 21 March 2009.

BusinessWeek. 2009. “The snooping goes beyond phone calls“ (29 May), at http://www.businessweek.com/magazine/content/06_22/b3986068.htm, accessed 21 March 2009.

California Civil Code, 2009, at http://www.leginfo.ca.gov/calaw.html, accessed 15 November 2010.

Severin Carrell, 2008. “Lib Dems broke privacy rules with ‘cold calls’,” Guardian (25 September), at http://www.guardian.co.uk/politics/2008/sep/25/liberaldemocrats, accessed 21 March 2009.

Andres Carswell, 2007. “Phone database opened to MPs,” Daily Telegraph (29 May), at http://www.dailytelegraph.com.au/news/phone-database-opened-to-mps/story-e6freuy9-1111113631475, accessed 15 November 2010.

CBC News, 2009. “Elections Canada may be exposing voters to ID theft: Privacy Commissioner” (12 February), at http://www.cbc.ca/canada/story/2009/02/12/voters-privacy.html?ref=rss, accessed 27 February 2009.

Bruce Cheadle, 2008. “Commission drops probe of Rosh Hashanah cards,” Globe and Mail (6 March), at http://www.theglobeandmail.com/servlet/story/LAC.20080306.PRIVACY06/TPStory/TPNational/Politics/, accessed 21 March 2009.

Clare Dyer, 2001. “Court challenge to councils’ sale of electoral roles,“ Guardian (6 September), at http://www.guardian.co.uk/society/2001/sep/06/localgovernment1, accessed 21 March 2009.

Lee Glendinning, 2008. “Obama, McCain computers ‘hacked’ during election campaign,” Guardian (7 November), at http://www.guardian.co.uk/global/2008/nov/07/obama-white-house-usa, accessed 21 March 2009.

Lev Grossman, Viveca Novak, and Eric Roston. 2004. “What your party knows about you,” Time (18 October), at http://www.time.com/time/magazine/article/0,9171,995394,00.html, accessed 21 March 2009.

Kathleen Harris, 2006. “Surprise puts Valley MP on the hot seat,” Ottawa Sun (4 January), at http://www.ottawasun.com/News/Election/2006/01/04/1378016-sun.html, accessed 21 March 2009.

Stephan C. Henneberg, 2004. “The views of an advocatus dei: Political marketing and its critics,” Journal of Public Affairs, volume 4, number 3, pp. 225–243.http://dx.doi.org/10.1002/pa.187

Martin Hodgson, 2008. “Investigation launched into Tories' voter data bungle,” Guardian (22 May), at http://www.guardian.co.uk/politics/2008/may/22/crewebyelection08.conservatives, accessed 21 March 2009.

Christopher Hunter, 2002. “Political privacy and online politics: How e–campaigning threatens voter privacy,” First Monday, volume 7, number 2, at http://firstmonday.org/htbin/cgiwrap/bin/ojs/index.php/fm/article/view/930/852, accessed 15 November 2010.

Marina Jiménez, 2008. “Parties get sophisticated in bid for immigrant vote,” Globe and Mail (6 October), at http://www.theglobeandmail.com/news/politics/article714688.ece, accessed 21 March 2009.

Daniel Kreiss and Philip N. Howard. 2010. “New challenges to political privacy: Lessons for the first Presidential race in the Web 2.0 era,” International Journal of Communication, volume 4, pp. 1,032–1,050.

Andy McCue, 2005. Election ’05: High–tech campaigning targets key voters,” Silicon.com (27 April), at http://management.silicon.com/government/0,39024677,39129879,00.htm, accessed 27 February 2009.

Glen McGregor, 2008. “Rosh Hashanah greeting cards from Conservative leader arrive in mail slots,” Ottawa Citizen (10 September), at http://www2.canada.com/ottawacitizen/news/story.html?id=b8d8a07d-4bb9-4208-8e08-2908ec4d5487, accessed 15 November 2010.

Kristy Needham, 2005. “Liberal Party off one hook but a call on privacy looms,” Sydney Morning Herald (22 March), at http://www.smh.com.au/news/National/Liberal-Party-off-one-hook-but-a-call-on-privacy-looms/2005/03/21/1111253958619.html, accessed 21 March 2009.

Newsweek, 2008. “Hackers and spending sprees” (5 November), at http://www.newsweek.com/id/167581, accessed 21 March 2009.

Peter van Onselen and Wayne Errington. 2004. Elector databases: Big brother or democracy unbound? Australian Journal of Political Science, volume 39, number 2, pp. 349–366.http://dx.doi.org/10.1080/1036114042000238555

Ben Russell, 2009. “Liber Dems’ knuckles are rapped over Clegg’s 250,000 cold calls,” Independent (26 September), at http://www.independent.co.uk/news/uk/politics/lib-dems-knuckles-are-rapped-over-cleggs-250000-cold-calls-942812.html, accessed 29 March 2009.

Edmund Sanders, 2001. “Planned sale of Voter.com’s data raises privacy concerns,” Los Angeles Times (8 March), at http://articles.latimes.com/2001/mar/08/business/fi-34937, accessed 21 March 2009.

Leslie Regan Shade, 2008. “Reconsidering the right to privacy in Canada,” Bulletin of Science, Technology and Society, volume 28, number 1, pp. 80–91.http://dx.doi.org/10.1177/0270467607310591

Christina Spencer, 2009. “Voter info going missing — Privacy commissioner concerned data ‘could fall into wrong hands’,” Daily Herald–Tribune (Grande Prairie, Alberta), at http://www.dailyheraldtribune.com/ArticleDisplay.aspx?e=1435065, accessed 9 March 2009.

M.J. Stephey, 2008. “Sarah Palin’s e–mail hacked,” Time (17 September), at http://www.time.com/time/politics/article/0,8599,1842097,00.html, accessed 21 March 2009.

Toledo Blade, 2008. “GOP calls for inquiry of ‘plumber’ data breach” (26 October), at http://www.toledoblade.com/apps/pbcs.dll/article?AID=/20081026/NEWS09/810260368, accessed 3 March 2009.

Garth Turner, 2007. “Nowhere to hide” (12 October), at http://www.garth.ca/weblog/2007/10/12/nowhere-to-hide/, accessed 27 February 2009.

Daniel Tynan, 2004. “GOP voter vault shipped overseas,” PCWorld (24 September), at http://www.pcworld.com/article/117930/gop_voter_vault_shipped_overseas.html, accessed 21 March 2009.

U.K. Information Commissioner, 2005. “Promotion of a political party,” at http://www.ico.gov.uk/upload/documents/library/data_protection/practical_application/promotion_of_a_political_party.pdf, accessed 15 November 2010.

U.K. Office of Public Sector Information, 1998. “Data Protection Act of 1998,” at http://www.legislation.gov.uk/ukpga/1998/29/contents, accessed 15 November 2010.

Michael Valpy, 2008. “What the Tories know about you,” Globe and Mail (12 September), at http://www.theglobeandmail.com/servlet/story/RTGAM.20080912.welxnpolling13/BNStory/politics/home, accessed 9 March 2009.

Nicholas Watt and Julain Borger. 2004. “Tories reveal secret weapon to target voters,” Guardian (9 October), at http://www.guardian.co.uk/politics/2004/oct/09/uk.conservatives, accessed 15 November 2010.

Kim Zetter, 2009. “For sale: The American voter, ”Wired (11 December), at http://www.wired.com/politics/security/news/2003/12/61543, accessed 21 March 2009.


Editorial history

Received 3 May 2010; revised 11 November 2010; accepted 16 November 2010.

Creative Commons License
“Political parties and voter privacy: Australia, Canada, the United Kingdom, and United States in comparative perspective” by Philip N. Howard and Daniel Kreiss is licensed under a Creative Commons Attribution–NonCommercial–ShareAlike 3.0 Unported License.

Political parties and voter privacy: Australia, Canada, the United Kingdom, and United States in comparative perspective
by Philip N. Howard and Daniel Kreiss.
First Monday, Volume 15, Number 12 - 6 December 2010

A Great Cities Initiative of the University of Illinois at Chicago University Library.

© First Monday, 1995-2016.