Castlebridge and Least Authority team up to reinvent Privacy Reviews
Castlebridge announces another exciting partnership in the Data Protection by Design space
The Register of Electors needs overhaul, but it’s not just a tech problem An article in the Irish Examiner yesterday reported that “The Government ‘Ignored Calls’ on Improving the Voter Register”. Seán McCárthaigh reports that the city and county management association have been warning the Government that “the practices used to maintain the register were outdated and in need of urgent improvements” for the past three years. McCárthaigh notes the following reforms have been proposed:
The concern stretches back longer than that though. My boss and I had been discussing the Electoral register recently, and a few weeks ago Daragh unearthed a paper he wrote in 2006 analyzing the proposals for electoral reform that had been under discussion ten years ago. In that paper he notes that the proposed solutions tend not to address the root causes of the problems with the electoral register. Some of the proposals certainly look similar. Among them:
Clearly the Government has been aware of the outdated register and its problems, and has been proposing reforms to fix it for at least a decade. You could say that the more things change, the more they stay the same. We know the Register of Electors is in disarray, but getting it in shape does not have an easy fix and does have a lot of risks for complete disaster. Anyone who remembers the electronic voting machine debut of 2002-2009 has a relevant example of what introducing updated technology change into the electoral process without due diligence in information governance and security might look like. We’re still using “stupid old pencils” because they were better fit for purpose than the machines as designed.
Plus ҫa change. But, one thing that has changed incredibly in the last ten or so years is the amount of information about people available, and the potential uses it may be put to when it comes to analytics and targeted campaigning. Campaign strategists have been looking across the pond to the pioneering use of analytics and social media in recent US elections, particularly the Obama campaign. Particularly since 2012, people interested in the data-enabled political campaigning have become increasingly enthusiastic about the ability to create a “single view of constituent” and use it to target political messaging and get out the vote.
The amount of data that can legally be and has been sliced and diced on American residents is frightening and far more invasive to privacy than is legal under European data protection laws. But the fact is, Americans don’t want that invasion any more than Irish citizens do, and knowledge of use of their personal data to target political messaging is likely to damage their opinion of candidates and affect their likelihood to vote for them. In fact, there have been several cases where US political parties have stepped a little bit back from going full “creepy” because they realized doing something perfectly possible and legal would have a very bad reputational effect.
European political parties and candidates are more restricted by comprehensive data protection legislation than in the US, but the technological capabilities exist and without clear guidance it may be easier to stray into the “because we can” without due consideration of “whether and how we should”. For instance in the UK, the Conservative Party has brought in the US Republican Party’s voter database system to aid their canvassing. Robust Information Governance practices, with proactive guidance from the DPC, is essential.
If one models the theoretical data flows already possible with information currently available about Irish citizens, including the possible availability of the marked electoral register, one really appreciates the importance of the Data Protection Acts and the constitutional protection of privacy of the ballot. The idea of a “Single View of Constituent” sounds great to people working political campaigns, but it is fraught and high risk. There are dots that should not be connected in order to preserve individuals’ privacy rights. Any implementation of a “single view” or “universal identifier” will have to be extremely carefully constructed to ensure it does not violate the fundamental privacy rights of the individual and the privacy of the ballot. Safeguards must be built in to prevent its abuse or subversion of the democratic process. Privacy of the ballot is constitutionally protected right in Ireland and fundamental to the democratic process. A successful design of a “single view of constituent” may be possible, but it must be extremely carefully constructed to preserve fundamental rights.
This is one of the reasons why the repeated proposal of using the PPSN as a unique identifier for the electoral register is concerning. The PPSN has seen a lot of scope creep, but this particular proposal may be particularly problematic. Risks raised by this proposal include:
Electoral reform is needed. But effective electoral reform must be implemented in a way that addresses the root causes of the current problems with the electoral register, preserves the privacy rights of individuals or “doesn’t cross the creepy line”, and upholds the constitutional right to privacy of the ballot. With advances in data analytics and increased connectivity of the last few years, the risks of invasiveness are much higher than ten years ago. What do we need for effective electoral reform that does not cross the creepy line?
It’s generally well recognized that electoral register reform is necessary. Effective reform requires addressing the root causes of current problems and designing and communicating a strategy that implements best practices in governance and Information Quality. Unfortunately, the Government’s recent track record here has not been good.
Castlebridge announces another exciting partnership in the Data Protection by Design space
Castlebridge announces partnership with leading Data Governance technology provider, Collibra
The second edition of “Data Ethics” by Daragh O Brien and Katherine O’Keefe will be published by Kogan Page on the 3rd of June 2023. Coming 5 years after the...