Political Parties & Voter Privacy

Title

Political Parties & Voter Privacy Australia, Canada, the United Kingdom, and United States in Comparative Perspective Philip N. Howard and Daniel Kreiss

Contents Executive Summary ..................................................................................................................................... 3 About this Research ..................................................................................................................................... 4 About the World Information Access Project ............................................................................................................... 5 About the Authors ................................................................................................................................................................. 5 Acknowledgements ............................................................................................................................................................... 6 Abbreviations ........................................................................................................................................................................... 7 The Evolving Market for Political Data .................................................................................................... 8 History of Datasets and Vendors in the Market for Voter Intelligence .............................................................. 9 Country Specific Watchdog Groups ............................................................................................................................... 11 Political Parties, Information Security, and Compromised Records ............................................. 12 Table 1: Compromised Political Data, 2001-2008 ................................................................................................. 13 The Comparative Politics of Data Mining ............................................................................................. 15 Australia - Policy Evolution From Exemptions To Oversight ................................................................................ 15 Canada - Preventative Policies, With Industry Self-Regulation .......................................................................... 17 United Kingdom - Preventative Policies, with Public Policy Oversight ............................................................. 19 United States - Decentralized and Ad Hoc Policy..................................................................................................... 21 An Unwanted Issue ............................................................................................................................................................. 26 Analysis: Privacy Practices and Policies of Major Political Parties .............................................. 27 Table 2: Website Privacy Policies of Major Political Parties ................................................................................ 29 Analysis: Policy Oversight in Four Democracies ............................................................................... 30 Table 3: Public Oversight of Political Data ................................................................................................................ 31 Conclusion .................................................................................................................................................... 32 Suggestions for Best Practices ........................................................................................................................................ 32 Guidelines and Sanctions for Elections Administrators, Poll Workers, and Campaign Staff ............... 33 Mandatory Notification of Breaches .......................................................................................................................... 33 Expanded Party Privacy Statements with Standardized Terminology ......................................................... 34 Separated of Constituent and Campaign Data ..................................................................................................... 34 Digital Gerrymandering and the Democratic Deficit ............................................................................................... 34 Appendix: Prominent Vendors and Databases for Voter Information ......................................... 37 References ................................................................................................................................................... 39

Political Parties & Voter Privacy

2

Executive Summary In this study, we analyze the privacy practices of political parties in Australia, Canada, the United Kingdom, and the United States. Comparative analysis—across countries and between political parties—reveals much about the strengths and weaknesses of current practices, and the role of political parties and policy makers in protecting voter privacy. Candidates, parties, lobby groups and data‐mining firms have violated the privacy norms of many citizens in all four countries. Political parties themselves face relatively few restrictions, and have developed a wide variety of largely voluntary website privacy policies that rarely extend to the use of voter datasets. There is great variety in the forms of public policy oversight: in Australia the parties are exempt from oversight; in Canada and the United Kingdom policy oversight is developing and preventative; in the United States party behavior is regulated by decentralized government agencies in an ad hoc manner. Moreover, country‐ specific voter data, analytical tools, and consulting expertise increasingly moves across borders. We offer four recommendations for protecting voter privacy through public policy oversight: clear and specific regulations for how poll workers, campaign staff and elections officials manage voter data; mandatory privacy breach reporting by firms, candidates, campaigns, lobbyists, and parties that use datasets containing voter registration information; a standardized template for party privacy statements that allows voters to see how parties use and protect data from all sources, including websites, consulting firms, canvassing staff, and public voter registration files; a separation of constituent service data from campaign management data, and independent confirmation the incumbent candidates and political parties are maintaining the separation. We assess the current state of the art of voter data mining, offer a history of the political data‐mining industry, and compare the capacity of regulatory bodies in these countries to protect the privacy of voters.


3

Citation Howard, Philip N., and Daniel Kreiss. 2009. Political Parties & Voter Privacy: Australia, Canada, the United Kingdom, and United States in Comparative Perspective. World Information Access Project Working Paper #2009.1. Seattle: University of Washington.

About this Research This project has investigated the evolving practices and policies of contemporary political parties and candidates have for managing the personal information of supporters and voters. Principle Investigator Howard is an Associate Professor in the Communication Department at the University of Washington in Seattle and has published several books and articles on the use of information and communication technologies in advanced democracies. Mr. Daniel Kreiss is a PhD candidate in the Department of Communication at Stanford University whose research focuses on the impact of information technology on the political culture of the United States. There are several kinds of political actors involved in the marketplace for data on voters: the firms that aggregate commercial and public information on citizens; the parties and special interest groups that build their own relational databases and supplement their data with purchased information from commercial firms; the information managers who use and manipulate datasets for parties and candidates; citizens and other individuals who contribute information on their political preferences, with or without informed consent. This project details the role of political parties and candidates in collecting, managing, and utilizing data on citizens. Stage 1: Document, compare and contrast the privacy practices and policies of major political parties in four countries: Australia, Canada, United Kingdom, and the United States. We will identify the key pieces of legislation that regulate the use of data by political parties, the tenets of any evolving legal regimes, or goals of any voluntary guidelines these parties adhere to. How do parties protect the privacy of supporters and voters? Where do these firms acquire their data? What information about citizen preferences is actually available on the market? How easy is it for parties to acquire data about citizens? What internal guidelines do parties have for their data managers, and are these guidelines actually adhered to? Do the pressures of high‐stakes campaign seasons change the way parties treat data? What are the “best practices” for data management among the political parties in advanced democracies? Stage 2: Short case studies on incidents within the four countries will allow for cross‐national comparison on how parties handle inappropriate use of data internally, what public policies are relevant, and what regulatory initiatives resulted. Careful attention will be paid to the difference between the stated party policies and the actual practices of campaign managers and party insiders. These case studies will be based on several forms of qualitative and quantitative research: profiles Political Parties & Voter Privacy

4

of the private firms purporting to sell data on the political preferences of citizens in these four countries; content analysis of stories relating to the use and abuse of political data as reported in major news media in the four case study countries; review of any legal proceedings launched in other countries against actors misusing such data; estimation of the level of coverage of Australian, Canadian, UK, and US voters in existing political datasets. Stage 3: Prepare a summary document that introduces the challenges of managing political data, evaluates the public policy options for regulating the use of voter information, and suggests some best practices for political party data managers. In addition, this document will identify a strategy for advancing the research into the role of other actors involved in the market for citizen data.

About the World Information Access Project The World Information Access Project (www.wiareport.org) is an international team of researchers dedicated investigating global trends in technology distribution, information security, and personal privacy. We look for practical ways to improve equity in information access, and ways to use communications technologies to improve the quality of our economic, political and cultural lives. Please direct correspondence to: Philip N. Howard Director World Information Access Project Department of Communication 141 Communications Building, Box 353740 University of Washington Seattle, Washington, 98195‐3740 Telephone: (206) 543‐2660, Facsimile: (206) 616‐3762 www.wiareport.org

About the Authors Philip N. Howard (BA Toronto, MSc London School of Economics, PhD Northwestern) is an associate professor in the Department of Communication at the University of Washington. His current research and teaching interests include the role of new information technologies in the political communication systems of advanced democracies, and the role of new information technologies in the social development of poor countries. He is the author of New Media Campaigns and the Managed Citizen (New York: Cambridge University Press, 2006), about how information technology is used by political elites to structure public Political Parties & Voter Privacy

5

opinion and political culture in the United States. This book was awarded the 2007 CITASA Best Book prize from the American Sociological Association and the 2008 Best Book prize from the International Communication Association. He has edited Society Online: The Internet in Context (Thousand Oaks, CA: Sage, 2004, with Steve Jones) and the Handbook of Internet Politics (London: Routledge, 2008, with Andrew Chadwick). He has authored numerous journal articles examining the role of new information and communication technologies in politics and social development, including pieces in the American Behavioral Scientist, the Annals of the American Academy of Political and Social Science, and New Media & Society. He has worked on several National Science Foundation projects, serving on the advisory board of the Survey2000 and Survey2001 Projects, co‐managing a project about Information and Communication Technologies in Central Asia, and directing the World Information Access Project. Howard has been a consultant to the Canadian International Development Agency, and held fellowships at the Pew Internet & American Life Project in Washington D.C., the Stanhope Centre for Communications Policy Research in London, and the Center for Advanced Study in the Behavioral Sciences in Palo Alto. Daniel Kreiss (BA Bates College, MA Stanford University) is a PhD candidate and the Rebele First Amendment Fellow in Stanford’s Department of Communication. His dissertation research focuses on new media and contemporary political practice with an eye toward documenting shifts in the American political field over the last decade. A paper developed from this research is forthcoming from the Journal of Information Technology and Politics, and he has also published on African American social movements and technology. In addition to pursuing this scholarly work, he serves as the Development Director for Catalytic Communities, an open‐source platform for global social innovation, and was previously the Senior Director of Programs and Development for VoterWatch, an online governmental transparency initiative. Prior to pursuing a PhD he worked as a political journalist and blogger who covered the 2004 Democratic primaries and the Democratic National Convention. He also has a decade of experience in nonprofit management.

Acknowledgements This research was supported by the World Information Access Project (www.wiareport.org) and funded by the Office of the Privacy Commissioner of Canada, under contract 2R008‐08‐0104. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the Office of the Privacy Commissioner of Canada. For their assistance and support of this project, the authors are grateful to Kim Alexander, Wendy Bolton, Greg Elmer, Chris Hoofnagle, Colin McKay and Gina Neff. In addition, we are grateful to the helpful staff of the Office of the Privacy Commissioner of Canada, the Office of the Privacy Commissioner of Australia, and the Information Commissioner’s Office of the United Kingdom. Political Parties & Voter Privacy

6

Abbreviations Computer Fraud and Abuse Act (United States) Constituent Information Management System (Canada) Data Protection Privacy Act (United Kingdom) Department of Motor Vehicles (United States) Election Agents Record System (United Kingdom) Federal Communications Commission (United States) Federal Election Commission (United States) Federal Trade Commission (United States) Privacy and Electronic Communications Regulations (United Kingdom) Personal Information Protection and Electronic Documents Act (Canada)


CFAA CIMS DPPA DMV EARS FCC FEC FTC PECR PIPEDA

7

The Evolving Market for Political Data Modern democracies are increasingly data‐driven. Government agencies rely on data analysis and geographic information systems for service delivery. To help plan and strategize during elections and legislative battles, candidates, leaders, and parties rely on digital records that track voter preferences. Political parties and candidates are not the only actors interested in voter intelligence: civic groups, lobby groups, unions and private firms also make use of data about citizens who donate money, affiliate with social movements, and register to vote. In recent years, some of this data has been compromised, and even though contemporary citizenship is increasingly defined by targeted communication and demographic profiling, many citizens understand little about the industry and practices of political data mining. The threat of data theft has serious implications for societies that increasingly rely on the security of data networks for day‐to‐day life. The linkages between our credit card purchases, demographic profiles, and voter registration records are increasing. Concomitantly, the odds that data about us is being used by actors we don’t know for purposes we do not control also rise (Howard 2003; Clark 1994). For example, credit card records about contraceptive purchases, gun purchases, and issue‐specific magazine purchases are valuable data for lobby groups working on abortion, gun licensing, or other political issues (Howard, Carr, and Milstein 2005; Howard 2006; Sides and Karch 2008). Yet most US citizens report being uninterested in learning how to manage their personal data better or in learning about how organizations mine for data (Fox 2000; Milne and Culnan 2004). In Canada, the public is somewhat better informed on privacy issues (EKOS Research Associates 2007). Today, however, many policy makers and industry lobbyists are aggressive in enrolling individual consumers in the task of securing their own data against loss or theft. Is there a need for public policy oversight? Across all four countries in this study, news reports suggest both that the public is outraged when data breaches occur, and that there are substantive reasons to be wary of the democratic deficit incurred by such breaches. Citizens do not always realize that data about them is being collected and used for political purposes, and are surprised when they discover that they have been profiled. They are even more surprised when they discover that such profiles have been lost, or are being used in questionable ways. Citizens who want to learn about the data that has been collected on them often have difficulty doing so, and there is no clear way to “opt out” of political datasets or manage the flow of data about them. Voters become concerned when registration files, even though they may be public records, are used for commercial gain or are packaged into proprietary datasets that then get sold to political interests. Perhaps least surprising, Political Parties & Voter Privacy

8

citizens express concern when they are exposed to uncertain risks because databases are lost, accidently exposed online, or hacked. When given the opportunity to reflect on the meaning of compromised political data, many of the citizens surveyed by journalists and researchers report concern about the impact of data mining on political deliberation.

History of Datasets and Vendors in the Market for Voter Intelligence Systematically compiling information about voters is a very old practice that has long been a feature of the electoral process. Powerful advances in computing since the 1970s, however, have greatly facilitated the breadth and depth of data compiled on citizens, particularly in the United States. While this case is the best documented in this regard, comparing the practices of political parties and campaigns across all four advanced democracies reveals similarities with respect to the use of data, the commercial and public information compiled, the narrowcasting of political communication, and the at times direct linkages between consultants and the data systems they utilize across national boundaries. Prior to the 1970s, the collection of data on the electorate in the United States was largely a haphazard affair, coordinated mostly by state parties. Yet, this began to change in the 1970s. Two contributing factors were the direct election of primary candidates—implemented as a series of nominating reform measures in the early 1970s—and campaign finance reform efforts that mandated smaller donations. This in turn contributed to ongoing shifts toward more independent candidates with autonomous campaign organizations and the development of a thriving class of political consultants independent of party. Increasingly, data management skills, and raw datasets, became bankable assets for new cohorts of tech‐ savvy campaign consultants (Whitman and Perkins 2003; Sabato 1981; Howard 2006). In the 1970s and 1980s, when privacy was a public policy issue, the concern was over a small number of large databases held on mainframe computers (Agre and Rotenberg 1997). Today the concern is over the proliferation of large datasets easily shared by personal computers. Technological innovations facilitated this process. Mainframe computers were being used as data repositories in the 1970s, and by the 1980s these machines and desktop computers supported “prospect direct mail,” which involves data mining commercial information to identify prospective donors and voters. Direct mail for fund‐raising and campaign purposes grew increasingly sophisticated in the 1980s, largely through Republican innovations, and was premised on the micro‐targeting of political communication given increasingly sophisticated knowledge of the electorate garnered through commercial and public data. In these years, part of what made a campaign consultant valuable was the datasets they had amassed through experience in districts. During the early 2000s, internet data collected through cookies or email addresses voluntarily given enabled campaigns to target voters both geographically and virtually. Outside firms provide Political Parties & Voter Privacy

9

the analytical modeling tools that work with this data to develop voter models. By the 1990s, political marketing became a professional undertaking distinct from political communication or polling work. With elected leaders perpetually on the campaign trail for re‐election or a term in a higher office, a healthy flow of data about voter intent was crucial for dynamic image management (Scammell 1996; Lees‐Marshment 2002). Prior to the 2002 congressional midterm elections in the United States candidates purchased data by Congressional district largely from specialist, bipartisan firms including Aristotle. A significant innovation was a national Republican voter database called Voter Vault created in 2002. By 2004 it was reputed to have 168 million names and include a vast trove of public information—including census data, party affiliation, voter turnout, and vehicle registration—combined with consumer data that was compiled and sold by private firms, everything from credit data to magazine subscriptions. After a number of early, ultimately abandoned efforts, the Democrats began compiling a national voter database in earnest in 2004. Two efforts initiated after the 2004 general election, one started by the Democratic National Committee and another by a private firm Catalist, were particularly successful and used widely by candidates in the 2008 presidential primaries and general election. During the 2008 election cycle, Barack Obama’s presidential campaign was particularly noteworthy for opening up its voter files to volunteer canvassers, and MoveOn.org, an online progressive advocacy organization, built the first application that combined voter registration data with the social affordances of the internet. In addition, many of these systems now include detailed canvas records, meaning that every conversation voters have with campaign volunteers and staff is documented. These efforts are facilitated by the federal “Help America Vote Act of 2002,” which requires states to create statewide voter databases. While many states have been slow to implement the law, eventually it will result in one central site in each state for parties and commercial data providers to go to receive public information on voters. Campaign consultants themselves frequently cross national boundaries. In 2004 the UK Tories brought the Republican Voter Vault system to the United Kingdom for its data storage system and analytical modeling tools. The Labour Party, meanwhile, hired prominent online activist Zack Exley who pioneered the use of e‐ mail in the United States as an organizing tool in 2005 to help with its online efforts. Meanwhile, the Canadian Conservative Party consulted with both the Australian Liberal Party and US Republican Strategist Mike Murphy to develop a voter database and analytical modeling system. The firms used by candidates and parties to compile and analyze voter data are unique. Yet there are marked similarities in the services they provide, from how the data is compiled and analyzed to the processes used to keep it continually updated. Many of these services and processes were first designed by the large marketing and advertising agencies. It is difficult to imagine that any country could function democratically without a system of political marketing, Political Parties & Voter Privacy

10

yet there must be ways of encouraging electoral competition while keeping personal information secure and voter privacy intact (Hunter 2002; Hennenberg 2004).

Country Specific Watchdog Groups A number of specialized non‐governmental agencies work on privacy issues, but their attention is largely focused on the privacy practices of large firms and government offices, rather than political parties or candidates. In Australia such groups include the Australian Privacy Foundation (www.privacy.org.au) and Electronic Frontiers Australia (www.efa.org.au). In Canada, a host of groups collect resources and advocate on behalf of consumer privacy, including PrivacyInfo.ca (www.privacyinfo.ca), the Privacy Law Blog (www.privacylawyer.ca), the Public Interest Advocacy Center (www.piac.ca), and the Canadian Internet Policy and Public Interest Clinic (www.cippic.ca). In the United Kingdom, the Enterprise Privacy Group (www.privacygroup.org) attempts to achieve privacy solutions. In the United States, such groups include OMB Watch (www.ombwatch.org), the Center for Democracy and Technology (www.cdt.org), the Electronic Privacy Information Center (www.epic.org), and the Privacy Rights Clearinghouse (www.privacyrights.org). In addition, the California Voter Foundation (www.calvoter.org) tracks the public datasets available on a state‐by‐state basis. Moreover, in the United States there are several websites for internet users to track data purchases through campaign finance records (www.moneyline.cq.com). Privacy International (www.privacyinternational.org) compares privacy legislation across advanced democracies, emerging democracies, and authoritarian regimes.


11

Political Parties, Information Security, and Compromised Records

Privacy breaches by political parties are a unique order of security threat and a violation of voter trust.

In recent years, there have been many incidents in which citizen data held by firms, universities, government agencies and other organizations has been compromised. Between 1990 and 2006 there were some 600 high‐profile incidents of compromised data records internationally, most of which occurred in the United States (Erickson and Howard 2007). These breaches occurred because of administrative errors, accidental posting to websites, insider abuse or theft, missing or stolen hardware, hacker attack, or other types of breach. Most of these incidents have involved private firms. But since 2000 there have been a range of incidents involving the information infrastructure of political parties: websites have been hacked, questionable practices exposed, and voter data has turned up in surprising places. Privacy breaches by political parties are a unique order of security threat and a violation of voter trust. The data held by political parties is explicitly used for political purposes, and thus have levels of detail about policy preferences and ideological perspectives that are much less relevant to the advertisers of consumer goods. Most people are at least aware that data about them is being collected and shared by the advertising industry, but do not fully realize that political actors use, manipulate, and supplement this data. Moreover, most people do not realize the degree to which the world of campaigns, elections, and political discourse is data‐driven, so the shock of a data breach is both in the loss of personal privacy but also diminished faith in publicly supervised political processes. Many citizens may just assume that the public agencies responsible for regulating free and fair elections, financial contributions, and other campaign practices also have purview over political data. Table 1 identifies the most prominent incidents of compromised party data records in the four countries studied here. The table reveals the diverse range of incidents that have attracted the attention of journalists, citizens, and government investigators. Sometimes data about citizens’ political preferences is compromised by accident, whether through an internal breach or because some third‐party provider’s criteria for selling access to data is not well enforced. In the United Kingdom the Conservative party accidentally released member data, and in the United States journalists have been able to purchase data from vendors who did not adequately check references. Sometimes the data is shared with organizations at the discretion of party officials: data on Canadian voters was used by the Tamil Tigers for fund‐raising; data on US voters has been sent overseas for analysis. Perhaps most common are incidents where personal data is misused, or used by political actors who have not been expressly given permission to use the data. Political Parties & Voter Privacy

12

Table 1: Compromised Political Data, 2001‐2008

Canada

Australia

Date February 2005

Organizations Involved Liberal Party, Desktop Marketing Services

May 2007 January 2006

All parties, Telstra Conservative Party

October 2007 February 2009

Conservative Party, CIMS Tamil Tigers

United States

United Kingdom

All parties implicated November 2001

All parties implicated

May 2008

Conservative Party

September 2008

Liberal Party

March 2001 December 2003

Voter.com Aristotle Inc., All parties implicated

September 2004

Republican Party, Voter Vault

May 2006 October 2008 November 2008

Government agencies Government agencies, All parties implicated Presidential Campaigns

Incident Notes Liberals use a database reserved for emergency services and law enforcement political marketing. They acted appropriately, but questions raised about public telephone numbers being used for political telemarketing (Needham 2005; Australian Communications and Media Authority 2005). Changes in Telecommunications law gave parties access to a public number database (Carswell 2007). Conservative member of parliament collects birthday information from passport applications, and sends constituents birthday cards. Subsequently cleared of wrongdoing (Harris 2006). Rosh Hashanah cards were sent to supporters with Jewish‐sounding names (Cheadle 2008; McGregor 2008). Privacy Commissioner report cites how voter data was found in a local office of the Tamil Tigers, evidently being used for political purposes (Brennan 2009; CBC News 2009). Privacy Commissioner report regarding illegal use of public data by parties and exposure of voters to identity theft (CBC News 2009; Spencer 2009). Court case finds the state’s practice of selling electoral registers violates EU rules (BBC News 2001; Dyer 2001). Conservative Party accidentally released private data in three computer files containing names, addresses, telephone numbers, and voting intentions were sent to a radio station and local newspaper—8,500 voters affected (Hodgson 2008). Liberal Party was found in violation of breaching privacy regulations through making robocalls—250,000 voters affected (Carrell 2008; Russell 2008). Failing firm auctions off voter profiles to raise cash—170,000 voters affected (Sanders 2001). Journalists from Wired magazine purchase data online from Aristotle under assumed names and in apparent violation of state laws—data on 2,600 voters was purchased, though voter records 157 million voter were on sale for $25 per 1,000 names (Zetter 2003). Controversy about Republican off‐shoring development work on their voter database (Tynan 2004). Questions about the security of the data (Grossman, Novak, and Roston 2004) . Concern over commercial data being used by the executive branch (BusinessWeek 2006). Data on “Joe the Plumber” extracted from government agencies by political parties (Blade 2008). Obama and McCain’s computers hacked by foreign agents, and Sarah Palin’s personal e‐mail account was hacked by a college student (Newsweek 2008; Glendinning 2008; Stephey 2008).


13

The concerns over voter information used for unintended purposes can be seen in the news coverage of the incidents identified in Table 1. Citizen data is misused by political parties, or abused by third party contractors. Poor data management may expose citizens to security risks, and citizens do not always realize that data about them is being collected and used for political purposes. Citizens report having difficulty finding out what is collected about them, and have a difficult time opting‐out of such datasets. Moreover, citizens are not always aware of how data collected in commercial transactions, which they may have consented to, can make its way into the political sphere, where they are surprised to see it in use.


14

The Comparative Politics of Data Mining The four countries studied here provide interesting points of comparison and contrast. In each section below, we review the important incidents that have garnered the attention of academic researchers, government oversight committees, journalists, and the public. We discuss party policies and practices, and trace domains of public oversight and accountability. In addition, we inspect the websites of political parties for privacy policies, and compare these to archived versions of party websites from five and ten years ago, or as close to these intervals as possible. Finally, we identify some of the strategies that seem to be working well to protect privacy in each country: in particular, we highlight strategies that might be transportable to the Canadian context.

Australia ‐ Policy Evolution From Exemptions To Oversight There is little formal oversight of the activities of Australian political parties when it comes to data management and privacy. Political parties are exempt from the 1988 Commonwealth Privacy Act and the Privacy Amendment (Private Sector) Act 2000 when their activities are “in connection with an election, a referendum, or other participation in the political process.” Because political parties are private organizations, they are also exempt from the Freedom of Information Legislation, which means that they cannot be made to disclose voter profiles at the request of citizens. Ending the exemption was recommended in August 2008 by the Australian Law Reform Commission, and it is currently under consideration by the Rudd government. The major parties start with the raw data on voters (name, address, age, and occupation) provided by the Australian Electoral Commission via an electronic file that is updated each month. By law, parties are “allowed to use that roll, inter alia, for ‘any purpose in connection with an election’” yet the Commonwealth Electoral Act “bans the use of Electoral Commission data for commercial purposes” (Van Onselen and Errington 2004, 1). The Australian Labour Party’s privacy policy in 2009, as indicated on its website, is largely the same as it was in 2004—the year a link to the privacy page appeared on the home page. The party’s policy statement explicitly promises that “personal information provided to the ALP and information collected by the ALP will not be disclosed to any other third party except where legally required.” In addition, the policy informs users that the party’s servers “log some non‐identifying data which is used for statistical purposes.” Similarly, the Liberal party’s privacy policy was not accessible in 2000, but easily found by 2004 and is today Political Parties & Voter Privacy

15

much the same. It explicitly states that “Any and all information collected at this website—including application form content and email addresses—will be kept strictly confidential and will not be sold, re‐ used, rented, loaned or otherwise disclosed to a third party, except where prior written permission is obtained from the individual who supplied the information and to whom the information refers.” Parties have broad latitude when it comes to utilizing voter data, and according to published reports and academic work, they take advantage of this. Both parties have been using databases since the late 1980s (Labor) and early 1990s (Liberal). Parties use data to track issues and trends for strategy and advertising, while representatives use data primarily for direct mail and other targeted communications geared toward swing voters (Van Onselen 2004, 2). Because many of these functions, such as constituent contacts, are the privilege of incumbents, minority parties may be at a significant disadvantage with regard to data on the electorate (ibid.) The Liberal Party’s voter database is called Feedback, while the Labor Party’s is Electrac. Feedback and Electrac are centralized party databases that receive all personal information about voters logged from Member of Parliament (MP) and candidates’ computers—Electrac is compulsory for all party MPs to purchase and use (Van Onselen and Errington 2004). Information comes from a range of sources. Parties start with the publicly available voter roll, which is then supplemented with telephone and address records. Voter profiles are generated through this public information and commercially available databases, and then supplemented with records of phone calls to MP offices, letters to newspaper editors, and community‐ group membership lists. In sum, all communications to the voter from the party office are stored within the database and this is then linked to a database of community organizations, which details groups of potential interest. Most of the data is gathered and stored locally, but aggregated by the central parties. Onselen and Errington offer more details on who may purchase and deploy Feedback and Electrac (2004). Voters are then categorized according to age, occupation, gender, interest in more than 300 public issues, national and local, and their party identification. Typically, voters are catalogued as being weak, leaning, or strong supporters, or undecided. Yet not only do the databases create linkages between Australian voters on the basis of demographics and opinion. Such databases are also the assets that link political parties with international business interests. As one Australian journalist observed in 2004, the databases are the subject of political and corporate interests: The company that operates the Liberal Party’s database, Parakeelia, has connections with the world’s largest processor of consumer data, Acxiom. Registered in 1989, Parakeelia lists Liberal Party heavyweights including Melbourne tycoon Ron Walker, former director and Political Parties & Voter Privacy

16

incumbent candidate for Goldstein Andrew Robb and Gavin Bailey as company shareholders and trustees of the Liberal Party of Australia. Robb is also a director of Acxiom’s Australian‐ based subsidiary. Acxiom sells hundreds of millions of addresses to mass marketers and direct mail companies in the US (Bockmann 2004). Australia is unique among the four countries studied here in that political parties are explicitly exempt from privacy laws. That the law would change, in this respect, is important because it would explicitly mean that political parties must conform to privacy laws. It would not simply mean that the third‐party data providers must conform, or that all organizations in data‐related transactions may be accountable to a broad set of consumer protection regulation, but that parties must conform to privacy laws.

Canada ‐ Preventative Policies, With Industry Self‐Regulation Three particular incidents have garnered media attention in Canada. In 2006, Conservative Party MP Cheryl Gallant sent birthday cards to her constituents using data from passport applications that had been submitted to her office. In 2007, Prime Minister Stephen Harper sent greeting cards to a number of citizens during Rosh Hashanah, bringing the existence of these political databases to wide public attention. In 2009, it came to light that the Royal Canadian Mounted Police had discovered lists of voter names and addresses at the offices of a Tamil Tiger cell. The Tamil Tigers had been classified as a terrorist organization for several years, but the data was being used to help identify potential financial contributors. More recently, media attention has been drawn to sophisticated profiling systems developed by commercial providers such as Environics. These incidents have led some scholars and pundits to advocate for a Canadian Charter of Privacy Rights that would clearly assign rights and responsibilities (Shade 2008). The Liberal and the New Democratic parties both distinguish between constituent service records and voter campaign records, though doing so is voluntary and not independently confirmed. The Conservative Party, by contrast, uses a single database for both activities—the Constituent Information Management System (CIMS). The database not only contains profiles of voters based on public information, but is continually updated by elected officials as they log every constituent contact. This practice is mandated by the Conservative Party, and local party offices pay a fee to the national party for a database of voters in their districts—$2,000 (Turner 2007). Journalistic reports from 2008 suggest that Conservative efforts have grown even more sophisticated. Their efforts now include a database that includes geo‐ and psychographic surveys, polling, and personal contacts. The Party learned from the Liberal Party in Australia and US Republican strategist Mike Murphy (Valpy 2008). Political Parties & Voter Privacy

17

Privacy experts agree that many of these practices are unethical, but probably not against the law.

The Conservative Party website is not well archived, but its current privacy statement indicates that “The Conservative Party does not actively seek to collect the personal information of Canadians. Nor does it collect any personal information about you without your permission.” Elsewhere, however, the statement indicates that “because the Conservative Party is a national organization with a riding‐based membership system, your personal information may also be used by our local riding associations including by contestants for nominations. For example, if you have made a financial contribution, the local riding may contact you to see if you would like to continue your support.” Since the Conservative and Alliance parties merged in 2003, long‐term study of their website privacy policies is difficult. Both the New Democratic Party and the Liberal Party had a comprehensive privacy policy, linked from their home pages, by 2004. The Liberal Party policy promises to use personal information to communicate with citizens about Party activities and information, but not to sell personal information. The NDP offers to hold personal information in strict confidence, and only to share it with “express permission.” During the 2008 election cycle, the Liberal, Conservative, and NDP used an Environics‐developed analytical tool that creates sophisticated neighborhood profiles to target minority communities: The Environics program breaks down voters into 18 groups, including suburban upscale ethnic and urban downscale ethnic, and provides a map of where they live in each of the 308 constituencies. Residents are assigned to a group based on their income level, age, job type, family type, ethnicity, and social values. The program then analyzes the 2006 election results through this lens to understand how much support each party received from each voter group, how large each group is, and where each one lives (Jimenez 2008). Privacy experts agree that many of these practices are unethical, but probably not against the law. There is a commercial privacy law (PIPEDA) that parties are exempt from, but the Liberal Party says it voluntarily adheres to. Political parties are also exempt from the do not call list, and are allowed to call Canadians with whom they have a private relationship at least once, as do survey companies, charities, and newspapers. The privacy commissioner recently released a report suggesting that the way political parties circulate data on voters may put voter privacy at risk. They found that at least one percent of voter lists have gone missing during elections and by‐elections and that Elections Canada collects too much personal information on Canadians, including some teenagers too young to vote. In recent Federal elections, voter lists generated by Canadian government agencies have also been circulated to some 190,000 temporary election workers. Political Parties & Voter Privacy

18

Paper and electronic copies of voter lists are widely circulated to political parties and candidates, who aren’t covered by the same privacy laws that federal employees have to abide by. Indeed, there is no formal mechanism for political parties or candidates through which privacy breaches can be reported to Elections Canada, the privacy commissioner, or a consumer protection agency that might have oversight over third‐ party vendors. In voluntarily following PIPEDA the Liberal Party says that it will show any citizen what information has been collected (the New Democratic Party says it will honor the same request). The privacy commissioner’s report also cited as a best practice a system for reporting data loss or breach, a system that is not currently mandatory.

United Kingdom ‐ Preventative Policies, with Public Policy Oversight In the United Kingdom, there has been a spate of data breach incidents in the news, and a few expressly relating to political data. In response to being found guilty of violating privacy rules because of a pre‐ recorded telephone message sent to 250,000 voters, the Liberal Party announced an internal review of use and retention of data. There are broad exemptions for political parties with respect to the use of data. As such, political parties have sophisticated databases and highly developed processes for micro‐targeting swing voters. The Conservatives purchased Voter Vault from the Republican Party in the United States in 2005. It is a relational database that draws from electoral rolls, census data, and canvassing records to identify probable conservative supporters and swing voters that can be micro‐targeted. There are 400 social characteristics tracked through Voter Vault, and it also includes lifestyle choices, a typology called the “Mosaic System,” used by supermarkets to work out which products to target at shoppers (Watt and Borger 2004). The system graphically presents the odds that a citizen will vote, along with the odds that the voter will cast a ballot for the Conservatives. They track general population social characteristics against survey data on their own members to identify their likely voters, often with a high degree of accuracy. According to Watt and Borger, “In one study of 340,000 people the Tories achieved an 82% success rate in predicting who would vote for them” (2004).” But the usefulness of Voter Vault in the United Kingdom has been dismissed by the Liberal Democrats who are using the same homegrown database that was developed in the 1980s. Party officials believe that their local campaigning strategies are stronger because their data have been endogenously generated by campaigners communicating with constituents, rather than exogenously generated through statistical models of purchasing habits, health records, or other generalized data (McCue 2005). Political Parties & Voter Privacy

19

The Liberals have a database called the Election Agents Record System (EARS) that was developed in the 1980s. The Labour Party has the Excalibur database, and hired Zack Exley—an influential Democratic Party political consultant in the United States—in 2005. In 2007 the Labour Party contracted with Experian to design, build, and manage a new database called Contact Creator that will also handle e‐mail and direct mail campaigns. All three parties use Experian’s Mosaic typology to provide the commercial information on voters. The Labour Party’s website has had a dedicated privacy page since at least 2002, with policies that are consistent with those current. Interestingly, this is one of the few parties with explicit commitments to forbidding data transfer out of the country and offering users the right to remove details at any time. The Conservative Party also developed a privacy page early on and kept it consistent through to the present. There is a detailed list of the ways in which the party collects data. In contrast the Liberal Democrats did not have an accessible privacy policy until 2005. They too commit to not pass data on to third parties, though with many caveats: Any personal information you provide, including your email address, will not be passed on to any third party (other than any contractors or firms working on our behalf), except where you have signed a petition or similar, where the petition will be presented to a third party. We do not keep personal information for longer than necessary. But what procedure guarantees that contractors respect privacy once they have the data? How easy is it to actually petition, and does the party do more than simply present the petition to the contractor? Has the party ever actually destroyed information that was no longer necessary, and is it party members, voters in registration files, or campaign managers who decide when the data is no longer necessary? Direct marketing by political parties is governed by the Data Protection Privacy Act of 1988 and the Privacy and Electronic Communications Regulations of 2003 (PECR). All data handling is expected to comply with the seven principles spelled out below, but promotional contacts face additional restrictions. All marketing communications must allow citizens to opt out. As the Liberal Party learned in 2008 through a legal challenge, there is a distinction between promotional calls and policy calls. For the former, the party needs prior approval from the voter. E‐mail contact is governed similarly, requiring prior consent. This is in contrast with research calls, which are broadly legal according to an advisory opinion of the UK Information Commissioner: Political Parties & Voter Privacy

20

We are aware that political parties do not just communicate with individuals for promotional purposes. A political party can conduct genuine research just as professional market research companies do. Parties should, however, be careful to ensure that such communications are not in reality soliciting support under the guise of research. For example, a telephone call which starts by seeking opinion and then urges support or invites contact with a candidate would be considered as a marketing call and must therefore be conducted in accordance with the PECR. (UK Information Commissioner 2005) A recent ruling found that the sale of public data by local municipalities is governed by the European Convention on Human Rights, and that as a consequence electoral registers cannot be sold for commercial purposes. There are several lessons to be learned from the United Kingdom. For marketing calls, direct prior consent is always required. The 1998 Data Protection Privacy Act (DPPA) lays out eight principles by which data processing must occur. Data must be: 1. obtained for specified and lawful purposes 2. adequate, relevant, and not excessive 3. accurate and, where necessary, kept up‐to‐date 4. not kept for longer than necessary 5. processed in accordance with the subject’s rights 6. kept secure 7. not transferred abroad without adequate protection (UK Office of Public Sector Information 1998). Section 11 of the DPPA requires organizations (including political parties) to stop sending marketing material through post, online, or over the telephone if a citizen explicitly opts out. Of the four countries in this study, the UK policies and practices are the most comprehensive.

United States ‐ Decentralized and Ad Hoc Policy The United States is almost entirely unregulated with respect to the use of private data by political parties and campaigns. Political databases are culled from public information (voter registration, DMV, FEC records) and purchased consumer information (magazine subscription lists, grocery store club cards, credit card data). The availability of public data, however, is determined on a state‐by‐state basis. The California Voter Foundation produced a comprehensive report detailing the public voter information collected by each state and subsequently made available to third parties. At the same time, these laws are generally left unenforced Political Parties & Voter Privacy

21

even when tough restrictions apply. For example, 22 states have laws restricting the purchase or use of voter lists by commercial parties. Yet a Wired magazine exposé found Aristotle, based in Washington, DC, sold lists online to anyone who wanted to buy them. The California Secretary of State created a Voter Privacy Task Force in 2003, the only one of its kind, charged with looking into the risks of potential misuse of this data. California more generally has been at the forefront of protecting data, public and commercial. It had the nation’s first mandatory data breach law. Nonetheless, even in California companies like Aristotle working in a grey area of state law. For example, not only does each state make its own rules governing the use of public data, but even in states that prohibit the commercial use of public data, political purposes have a broad exemption (Alexander and Mills 2004). For example, California courts have held that even though firms like Aristotle are commercial, the ultimate end users of the data are political campaigns, which enjoy broad exemptions from regulatory efforts (Alexander 2009). With the large number of internet users in the United States, there is a plethora of websites that offer citizens voter information. Some of these websites are run by businesses, others by political action groups, and some by “astroturf” groups that are temporary organizations set up by advertising agencies for the purposes of supporting or undermining legislative action. The use of data by these groups is varied and unregulated. For example, during the 2000 election the firm Voter.com offered summaries of candidate positions, updates on campaign news, and information on where to vote. Hundreds of thousands of users completed detailed political profiles that allowed the site to customize news feeds, but when the business failed in 2001, the profiles were auctioned off as one of the company assets. The 1974 Privacy Act governs the use of federal, executive agency data, but enforcement is spread among many agencies. In the last couple of years, there has been concern over the practice of public agencies purchasing private databases in order to circumvent the Privacy Act. The Electronic Communications Privacy Act extended this to computer communications and wiretapping. The Federal Trade Commission handles much of the commercial data security enforcement, but the law does not require that data breaches be reported. The General Accounting Office has compiled reports on data breaches. At the same time, while no political party or campaign organization has reported a breach of data on members, supporters, or citizens, there are several prominent examples of campaign websites being compromised in other ways, details of which are cited below. The Computer Fraud and Abuse Act (CFAA) was passed in 1984 in response to growing political and media attention surrounding the dangers of computer crime. The act criminalized unauthorized access to private computer systems, making it a felony offense when trespass leads to damages over a certain monetary threshold. The CFAA underwent major revisions in 1986 and 1996, and it was further strengthened by the Political Parties & Voter Privacy

22

passage of the USA Patriot Act in 2002. Overall, these revisions have served to make the act more broadly applicable to various kinds of computer crime, while also increasing the punitive response to these offenses. Although political parties, candidates, or special interest groups are not exempt from the CFAA, they are also not subject to any specialized oversight by the Federal Elections Commission (FEC) or the Federal Communications Commission (FCC). An important innovation in the 2008 Presidential Election was the collaboration between MoveOn.org and Catalist, a large data provider, to provide a site called Vote Poke to allow citizens to search for friends and family to encourage voter registration (Stoller 2008). Indeed, in 2008 the Obama and Clinton presidential campaigns—and to a lesser extent the McCain campaign—granted campaign volunteers access to limited profiles of these databases through web‐based systems. Volunteers could see the address, age, and gender of a prospective voter. They could also see the results of previous canvasses. Both the Republican and Democratic parties now have sophisticated national voter databases. The Republican Party was the widely acknowledged leader in prospective voter identification throughout much of the 1990s until 2004, when the Democrats launched two major efforts to improve national voter lists. The Republican voter database is called Voter Vault. It was built for the 2002 elections and compiles state voter information, census data, and group membership information. In 2004 it was reputed to have 168 million names. Like the Democratic voter databases, public information like party ID and zip code census data is coupled with commercially available consumer data on everything from car purchases and entertainment to credit data and magazine subscriptions. It is continually updated by canvassing. Up until 2000 the Democrats did not have a national voter file. For the 2002 elections the Democrats used DataMart and DemZilla. The former was for voter identification, and was reputed to have 300–500 variables from public records like vehicle registration and commercial data like magazine subscriptions. DataMart contained between 158–166 million names, while DemZilla tracked Democratic Party funders and activists. In 2004, this database system was widely seen as out‐of‐date and poorly designed, as well as being not much use on the ground for canvassers. To remedy this, the Democratic National Committee and Catalist, a private firm founded by Democratic political consultants led by Harold Ickes and backed by George Soros, embarked on separate efforts to create voter files. The Voter Activation Network was the web application that became the standardized interface of the database for Democratic party candidates. Through this application, data entered on the ground is sent to the centralized databases. Voting history, political ID, and contact history are aggregated every cycle. Outside groups like Emily’s List in 2004, and now the New Organizing Institute and Analyst Institute develop programs for modeling this data and training organizers. Political Parties & Voter Privacy

23

Catalist is reputed to have compiled 15 terabytes of voter data on 280 million Americans, which includes their voter registration, party affiliation, and issue interests. Four hundred and fifty additional variables culled from commercial sources are then added. Over 90 third‐party organizations subscribe to Catalist’s data. More important, third‐party data providers found interesting ways of merging voter registration files with social network data in such a way to preserve the metadata about links between people, not just variables about people (Ambinder 2008). The largest bipartisan provider is Aristotle, a company frequently the target of investigative journalists (Verini 2007; Zetter 2003; Wayne 2000). It was the primary source of voter data until 2002, when Voter Vault became the first national voter database. A host of outside consultants provide the “predictive analytics” that create models for voter behavior. Candidates both purchase commercial data and private political data as well as have the party’s voter lists at their disposal. They also collect their own data, which they at times share with like‐minded organizations. Obama’s privacy policy, for example, stated that it can share personal data with organizations with a shared political affiliation. The Democratic Party has had a clear privacy statement since 1999. It most clearly applies, however, only to e‐mail addresses, which the party promises not to sell to other organizations. In the early versions of its privacy policy, other data, such as voter files and donor names, were “sometimes sold to or exchanged with other reputable organizations whose mission or goals are similar to ours.” No similar statement (or refutation) appears in the current policy. The Republican Party privacy pages from 2004 and 2009 are comparable: they clearly reserve the right to share information with like‐minded organizations. There are restrictions on what a candidate versus an elected representative can use in terms of databases based on the 1974 Privacy Act, but parties are not under the same restrictions given that they are not considered arms of the state under the law. This has received widespread public attention, and even some calls for a revamping of the law, given President Obama’s extensive database of voter information. “The White House also faces legal limitations in terms of what it can do,” according to the New York Times. “Perhaps most notably, it cannot use a 13‐million‐person e‐mail list that Mr. Obama’s team developed because it was compiled for political purposes. That is an important reason Mr. Obama has decided to build a new organization within the Democratic Party, which does not have similar restrictions” (Rutenberg and Nagourney 2009). Advocates of digital governance, for example, argue that a 21st‐century networked information environment requires more communication with voters, not less, and that in the absence of e‐ mail elected officials will continue to rely on broadcast technologies. The Campaign Finance Act of 1971, enforced by the FEC, prevents Obama from giving his 13 million member e‐mail list away, but allows him to sell it at fair market value to other candidates (Stirland 2008). The Federal Trade Commission (FTC) Political Parties & Voter Privacy

24

intervened when Toysmart.com tried to sell its customer list, including 250,000 names and credit card numbers, after the firm had promised not to do so in a privacy policy. Thus, if a firm holding political data was to attempt something similarly in violation of its privacy policy, the FTC might intervene (Sanders 2001). Franking commissions of the US House and Senate governing how congressional representatives use data for official governance and electioneering activity. There are restrictions placed on the content of messages to constituents, the databases that can be used for communication purposes with respect to email, and content that is permitted to be posted on websites. Political campaigns and parties are exempt from the Controlling the Assault of Non‐Solicited Pornography And Marketing Act of 2003. Six states have passed legislation that precludes robocalls by both commercial and political parties. These laws have withstood constitutional challenges on free speech grounds, and the Supreme Court recently declined to hear a challenge to North Dakota’s law (Norman‐Eady 2006). General rights to privacy are found in the 4th Amendment, which bans search and seizure. Griswold v. Connecticut set a constitutional right to contraception on privacy grounds, creating the contemporary legal precedent on general privacy rights. In the United States, there is a body of case law prohibiting the state from tracking associations among citizens. Yet political candidates are not considered part of the state for these purposes, and there has been no direct test in law over how relevant these precedents would be in the violation of privacy through compromised digital records by a political candidate or party. Theoretically, the rules that separate constituent service data from voter profiling data are designed to prevent the state from building an organizational memory of which citizens are affiliated with or unallied with governing parties (Hoofnagle 2009). Indeed, if gerrymandering refers to the process by which constituent boundaries are deliberately redrawn for electoral advantage and to include or exclude certain constituents, the digital equivalent would be using datasets to help define the constituents most worthy of service or special contact from elected officials (Altman and Klass 2005). Even with the paltry amount of public policy oversight in the United States, there are a few best practices to recommend to other countries. The data‐mining industry is big business and has been unregulated since the first direct mail campaigns of the 1970s. With an estimated 2 million poll workers handling voter registration data during national elections and many firms selling data online, regulating the supply of personal data would be difficult. It seems very prudent to require that the data compiled for the purposes of campaigning be kept separate from the data needed for governance and public service provision. However, for this rule to work well it must be made to extend to the third‐party providers that profit from the combinations and permutations of data that make it difficult to distinguish where data came from. Political Parties & Voter Privacy

25

An Unwanted Issue When public discussions on this topic do arise, there is more concern about security than privacy. In the United States, Kim Alexander argues that there is no political interest in reviewing the kinds of data that voters must surrender to cast their vote. In California, widely considered the leader in regulating the use of political data she reports that there are many uncertainties: “even where commercial use of public data is prohibited, the ultimate user is the campaign. Newspapers are also a gray area. Newspapers get access to this data as well, often to help them find sources” (Alexander 2009). Researchers and journalists in Australia find the same reluctance there. Politicians and staff rarely go on the record about party databases, and when they do they insist that voter databases are for communicating with the electorate more than electioneering and partisan advantage. Yet, according to van Onselen, the reason such databases exist is to allow campaign strategists to tag voters for their voting preference: If it was simply about communicating with your electors, you wouldn’t be interested in that kind of information … But what they are focused on most significantly is definitely tagging voters as being swingers because those are the voters that are increasingly deciding who wins elections in these very, very close and tight marginal seat contests (Lane 2005).

Across all four countries, there is a notable reluctance among elected officials and party leaders to take up the issues of data security and privacy in a comprehensive way. Compared to the other countries in this study, the United States has the most evolved data‐mining industry, and its political consultants have the most nuanced datasets on the attitudes of its citizenry. Interestingly, several of the firms also have direct corporate connections to firms in other countries. Appendix A offers a list of the prominent data vendors, data bases, and websites for obtaining political data. Many of these organizations are referred to in this analysis, and they vary from debt collection agencies with consumer data used for political purposes, to international databases, and software. Some of the organizations and datasets are affiliated with particular parties, and some no longer exist, having being rolled into new databases or bought out by new consulting firms. Some organizations are fairly specialized, offering only “live” e‐mail addresses, data only on wealthy donors, or profiles of committed party members.


26

Analysis: Privacy Practices and Policies of Major Political Parties Privacy concerns have increased in recent years, but so too have the range of ways political parties can make productive use of data. Thus, privacy policies have changed in interesting ways, and by looking at previous iterations, we can see how parties have reacted to both concern and opportunity. In many cases, the state privacy policy only refers to data collected on the website, such as log files and any profile information a user might volunteer. In very few cases is there an easy‐to‐find policy statement on the other kinds of data these political parties may use. In other words, the website privacy policy may have nothing to do with the use of voter registration files, proprietary or third‐party databases. Today, every party has a privacy policy, but these vary and some privacy policies really just serve to remind users that they have no privacy. Table 2 identifies the year in which we first observed a clear link to a privacy policy from the home page of the party webpage, based on archived editions of the website kept at the Internet Archive. In addition, privacy policies are compared on multiple points. Today, political parties face significant security threats from opponents with the skills to compromise party computer systems. In the United States, such threats have come from domestic and international sources. Hacking political websites to redirect users is one of the most common ways of interfering with political information infrastructure. As early as 1998, George W. Bush’s Presidential candidacy website was defaced, and the following year Hillary Clinton’s Senate candidacy website was redirected to a website run by associates of her primary opponent, Rudy Giuliani (People Magazine 1998; Ledbetter 1999). Most recently, in April 2008 Presidential candidate Barack Obama’s website was redirected to Hillary Clinton’s website (Mills 2008). On Election Day in 2000, the Republican National Committee website was hacked to encourage voter turnout for Presidential candidate Al Gore (Alden 2000). Such attacks can occur at all levels of political competition, from races for Los Angeles City Council, to state representative races and Presidential contests (Goldmacher 2008; Wolf 2007; Goonan 2008). Outsiders have interfered with campaign information infrastructures for varied reasons, in varied ways: denial of service attacks have been launched against campaign websites and call centers; candidate policy positions have been edited by outsiders (Arrington 2007; FOX News 2006; Edsall 2006; Baker 2008). In the most recent presidential race, a candidate’s email account was breached, and the websites of both the Republican and Democratic tickets were reportedly hacked by a “foreign entity” interested in obtaining internal policy documents (Vijayan 2008). It is impossible to know how many times voter information has been compromised and to what ends, but these examples illustrate that campaign information infrastructure can become a target for interference. Political Parties & Voter Privacy

27

Most of these incidents are of website defacement and redirection, rather than stolen voter profiles. So while parties rarely confirm when voter profile data is compromised, these incidents confirm that candidate and party websites are not always secure. Table 2 compares the privacy policies of the major political parties in this four‐country study. Along with providing the URL for each party, the table identifies whether or not the organization’s privacy policy is accessible through a front‐page link. Political parties use quite varied terms to describe what they will and will not do with voter data. They can refer, for example, to sharing, selling, renting or disclosing data, but no party has a clear policy on all four of these possible ways of surrendering information about voters. If they fail to state a policy on selling data, does that mean that they do sell it, that they reserve the right to sell it, or that they neglected to develop a policy on selling it? In the complex web of political affiliations, consulting agencies, and hired political guns, what exactly does it mean when a party pledges to not surrender data to a “third party”? Overall, the wide range of terms used in the privacy policies of political parties illustrates the possibilities for subterfuge and opportunities for abuse. If the Liberal Party promises not to sell the data it compiles on its members, might it give such data away? If the Republican Party in the United States says they may be sharing data with like‐minded organizations, do the website users decide which groups are really affinity groups? Would such like‐minded organizations include generous political action committees or corporate actors with shared interests in legislative outcomes? If the Labour Party in the United Kingdom commits to not allow personal data to be transferred outside the United Kingdom, does that mean the other parties without such a policy may allow this to happen?


28

Table 2: Website Privacy Policies of Major Political Parties

Australia

Party Labour (www.alp.org.au) Liberal (www.liberal.org.au) Bloc Quebecois (www.blocquebecois.org) Conservative (www.conservative.ca and www.conservateur.ca) Liberal (www.liberal.ca)

Year of Accessible Privacy Policy?*

Refers only to Website Users?

Can users petition for exclusion?

Sharing only with prior consent?

Policy on Other Data?

..

..

..

..

2001 2001 None

Notes Will not share data. Data “not disclosed to any other third party except where legally required.” Data shared only with “prior written permission” of the individual. ..

United States

United Kingdom

Canada

Will not share data. Data not sold or disclosed “to third parties except as required by the Elections Act.” Will not share, except to local party offices. Does not “sell your personal information to anyone under any 2004 ? ? circumstances.” No statement on allowing unpaid access to affinity groups. New Democratic (www.ndp.ca) Will not share with third parties, except with “express 2004 permission.” Labour (www.labour.org.uk) Does not sell or disclose to “outside organizations or 2000 individuals”; no transfer outside the UK. Users may opt out, right of user access for an administration fee. Conservative Will not sell, share or rent data. The Party claims sole (www.conservatives.com) 2000 ownership of data, with access allowed only with disclosure on the website. Detailed list of the ways data is collected. Liberal Democrats Shared only with contractors or firms working on party’s 2005 (www.libdems.org.uk) behalf. Democratic (www.democrats.org) “The DNC will not sell, rent, or disclose email addresses or other information about persons obtained solely from 1999 members of the online team program when creating their teams.” Republican (www.rnc.org) “We may share your information with like‐minded 1999 organizations.” Note: Websites inspected in January–March 2009. Internet Archive Wayback Machine consulted in the same period. Comparison dates contingent on when dedicated pages appeared or when privacy policy was clearly accessible from home page. As with all uses of the Internet Archive Wayback Machine, comparisons are meant to suggest general content and features, not necessarily an absolute view of what pages looked like. For example, parties have the right to have web pages purged from the archive, and pages are often imperfectly archived. The websites of the Conservative Party of Canada was assessed beginning with records in 2005. * Year of link to privacy policy from the home page. 2005


29

Analysis: Policy Oversight in Four Democracies In an interesting way, the four countries present a spectrum of options available for public policy oversight in this domain. Oversight in the United States is highly decentralized, and indeed inaction at the federal level over the last eight years has prompted states to step in with their own regulatory regimes. Still, these regimes more explicitly cover third‐party data resellers, without creating clear obligations for political parties, candidates, and special interest groups. At the other end of the spectrum is the information commissioner of the United Kingdom, an organization whose very funding depends on the collection of licensing fees from firms making use of data. Such licensing allows the agency to maintain good records on the types of firms operating in the market for political data and the quality of the data. Between these two possibilities—centrally coordinated and largely unregulated—are the privacy commissions in Canada and Australia. Whereas political actors in Australia have until now been made exempt from oversight, at least in Canada the privacy commissioner has reason to expect political actors to use due diligence managing political data. Table 3 compares the organizations for policy oversight along multiple dimensions: the federal‐level agency responsible for oversight; its legal mandate and relative organizational capacity in terms of funding and staffing; whether or not breach reporting is voluntary or required; whether the agency produces public, accessible research; and whether the agency has policy goals or performance metrics that it seems to be achieving, such as a reduction in breaches, improved public knowledge of issues, or successful prosecutions. In Australia, Canada, and the United Kingdom, there is no legal obligation on data controllers to report breaches of security. Only the United States has breach notification laws, but there is no federal standard. The Office of Management and Budget has issued guidance on responding to data breaches for federal agencies. Congress last tried to pass a comprehensive privacy bill that would require some reporting of breaches in 2005.


30

Table 3: Public Oversight of Political Data

Canada

Australia

Oversight Office and Mandate Breach Reporting Requirements Public Research Organizational Capacity Performance Metrics Notes Office and Mandate Breach Reporting Requirements Public Research Organizational Capacity Performance Metrics Notes

United Kingdom

Office and Mandate Breach Reporting Requirements Public Research Organizational Capacity Performance Metrics Notes

United States

Office and Mandate

Breach Reporting Requirements Public Research Organizational Capacity Performance Metrics Notes

Notes Office of the Privacy Commissioner: Independent of executive branch, mandated by Privacy Act of 1988. Oversight of “privacy principles.” Voluntary, though reform of the law is under consideration. No clear research publications on website. Clear data on number of incidents. 62 staff in 2007–2008; budget of 7.3 million AUD (6.4 million CAD) in 2008–2009. High‐quality results, increased community awareness, robust relationships, and a competent workforce. Political parties, and organizations helping with elections, referenda or political participation are exempt. Rules currently being evaluated, with proposal to make breach reporting mandatory. Privacy Commissioner of Canada: Independent of executive branch and mandated by the Privacy Acts. Voluntary. Substantial public information available online. 110 in 2007–2008; budget of 19 million CAD in 2008‐2009. Metrics include number of inquiries, complaints, and website hits, and involvement in public and governmental forums. Ensuring the privacy rights of individuals are protected through compliance activities, research and policy development, and public outreach. Information Commissioner’s Office: Under the direction of the Ministry of Justice, mandated by Data Protection Act of 1984, with additional guidelines. Voluntary. Comprehensive information for citizens, reports on breaches. Collects and publicizes data on privacy breaches. 314 staff in 2007–2008; budget of 16.7 million GBP (30.2 million CAD) in 2008–2009. Goals of educating and influencing, resolving problems, and enforcement. Data controllers must register and pay a fee (35 pounds), the fees from the budget of the ICO along with “grant‐ in‐aid” sponsorship from the Ministry of Justice. Multiple offices: For commercial data it is the Division of Privacy and Identity Protection, Bureau of Consumer Protection, Federal Trade Commission. Government data must be managed by relevant agencies under the 1974 Federal Privacy Act. Required, with conditions, in 36 states. Some state agencies report statistics, but the GAO is the one office that consistently reports on data breaches. No one agency responsible. No comprehensive performance metrics. Most of the policymaking is at the state level. Commercial databases are largely unregulated outside of breach notifications at the state level.


31

Conclusion In important ways these countries vary in terms of privacy norms. In the United States, direct mail and aggressive telemarketing have inured the public to aggressive contact by politicians. Many citizens do not fully understand the degree to which data about them is being collected, merged, and sold. Research suggests that most US citizens do not understand the basic ways to protect their privacy, even though they get upset when their privacy is violated (Fox 2000). In the United States, political parties tend to be less supervised: political candidates are less dependent on political parties in elections than in parliamentary democracies; the campaigns are big‐money events that tend not to be publicly funded; without public funding, campaigns face less public oversight. In Canada and Australia candidates are sometimes required to use—and contribute to—centralized party databases. Citizens are somewhat more informationally literate, and not used to invasive marketing techniques. The tradition of Question Period exposes elected leaders to questions about privacy and data management that elected leaders in the United States can pass off to administrative underlings. In all four countries, journalists are increasingly well informed about information security issues. If political elites make privacy violations an issue against other elites, then privacy violations make news. In other words, having competitive elections and competitive political parties will mean that parties watch each other’s behavior, and will fan the fire of outrage for breaches by political opponents. In the United States, data breaches tend not to become partisan issues. In parliamentary democracies, with accountability practices in the form of shadow ministers, question period, and multiparty competition, these kinds of privacy violations are more likely to come light.

Suggestions for Best Practices New information technologies consistently present legislators with the challenge of regulating issues for which there are no readily apparent legal precedents. Lawmakers are frequently cast as lagging behind technological innovation, as they struggle to catch up with new forms of behavior. Traditional legal concepts such as private property and trespass often become problematic when applied in online contexts (Erickson and Howard 2007). Yet comparative analysis has revealed much about the role of political parties and policy makers in protecting voter privacy. First, candidates, parties, lobby groups, and data‐mining firms have violated the privacy norms of many citizens in all four countries. Second, political parties themselves face relatively few restrictions, and have Political Parties & Voter Privacy

32

developed a wide variety of largely voluntary website policies that rarely extend to the use of voter datasets. Third, there is great variety in the forms of public policy oversight: in Australia the parties are except from oversight; in Canada and the United Kingdom policy oversight is ever more comprehensive; in the United States party behavior is regulated by decentralized government agencies in an ad hoc manner. Each system has a few good features, such that it is possible to identify several best practices from each country. Together, this suite of privacy practices would do much to protect citizens.

Guidelines and Sanctions for Elections Administrators, Poll Workers, and Campaign Staff There are some well‐known ways of making sure that databases of registered voters are accurate, private, usable, secure and reliable. These can be applied whether datasets are publicly held for managing elections or privately held for campaign strategy. Indeed, holding the consumer market for data to the same standards as election administration officials would improve the quality of their commercial product. Yet it is not sufficient to specify guidelines, such as those suggested by the Association for Computing Machinery (Association of Computing Machinery 2006). The US case demonstrates that mandatory reporting of security breaches works well because it forces private actors to raise their security standards, and each breach raises public awareness of privacy issues.

Mandatory Notification of Breaches A notification of breach policy obliges any business or agency that has been the victim of a security breach to notify any parties whose personal information may have been compromised. This is used in the majority of states within the United States. Political actors such as candidates for office, political parties, and special interest groups could be held to the same level of accountability: The company or institution responsible for handling the compromised data must notify potential victims individually, unless the cost of notification exceeds a threshold amount of $250,000, or if the total number of individuals affected is greater than 500,000. In these cases, substitute notification can be made using a combination of e‐mail notification and disclosure to major media outlets. Notification must be carried out: in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law enforcement . . . or any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system. (California Civil Code)

Such a requirement for political parties would raise the pressure on political actors to keep data secure, make it possible to track the flow of data across organizational and international boundaries, make victims aware when they have been put at risk, and make the general public more aware of this issue. Political Parties & Voter Privacy

33

Expanded Party Privacy Statements with Standardized Terminology Parties should be required to develop privacy statements that cover the full range of personal data they manage. Most parties already have well‐developed statements on their websites, detailing varying degrees of protection. Some parties promise not to share e‐mail addresses, but say nothing of the other data they collect. Some parties promise not to share server log files, but say nothing of the credit card data that they have merged with users’ online profiles. Some parties have very simple statements that they reserve the right to use whatever data they can collect, and openly advertise that they share data with whomever is politically affiliated. Regardless of what the policies are, requiring parties to at least address a standardized slate of possible uses involving purchased, public, or user‐generated data about voters would improve democratic transparency. Parties have already voluntarily developed privacy statements on their websites— why not extend this model to cover the back‐end, internal uses of voter data?

Separated of Constituent and Campaign Data To discourage elected leaders or political parties from linking constituent services to voter choice, every effort must be made to discourage officials from merging the two types of data. As a candidate, a political leader should be allowed to collect data on their electorate, so as to make smart choices about how to approach potential voters. As an elected official, there should be no means of rewarding or punishing voters through the range of services offered to constituents. Constituent service data should be distinct from campaign management data, and we recommend independent confirmation the incumbent candidates and political parties are maintaining this separation.

Digital Gerrymandering and the Democratic Deficit Why is it bad to have an open, unregulated market for data about voters? The systems of collecting information about citizens are least transparent in countries with no public policy oversight. As a campaign asset, voter data files can be used for the gain of particular candidates and political parties. The best campaign assets—and the best voter data files—are most often available to wealthy candidates and parties. Minor parties and candidates do not have access to the same intelligence. Well‐financed lobbyists, institutionalized political parties, incumbent candidates, and government agencies have the most to gain in developing large relational datasets. Yet with small minority parties and challenger candidates less likely to have access to the same resources, this hurts competition in the political sphere. Even though the networked technologies have made it easier to collect a vast amount of digital information about people, good data analysis remains costly. This means that data—and knowledge—itself is a form of campaign asset that is most often available to incumbents and large parties. Across the four countries studied here, the minor parties and challenger candidates have consistently less access to voter intelligence. Political Parties & Voter Privacy

34

Moreover, this public policy issue is less likely than others to be addressed, because the interests of political leadership and large data mining firms are closely aligned against industry oversight. Certainly these actors prefer to keep the debate focused on information security rather than rights to privacy. Most troubling for deliberative democracy is the potential for abuse in countries where tracking associations in systematic ways increases the risk that government services will be linked to political affiliations. By blending data on constituent services and voter turnout, political elites and the state can learn more about supporters and detractors. This process might be called digital gerrymandering: using voter registration files and other data to include or exclude citizens from contact by elected representatives. Indeed in the US context, government agencies have often collected data on citizens as related to public services. But there are legal precedents preventing government agencies from tracking the associations and linkages between people—a key feature of the contemporary web 2.0 political campaign. Leaving the exchange of voter data to be governed by the rules of the market means commercializing the private act and civic responsibility of voting. This is not simply an abstract argument about preserving the non‐commercial attributes of electoral systems. In countries with the most open markets for voter intelligence, there have been demonstrable changes in the way candidates and lobbyists campaign, strategize, and win. A political system that permits campaign victories on the basis of good character, good ideas and public consultations is better—more democratic—than one that enables campaign victories on the basis of private consultations with a service industry of experts trading in voter apathy. The unregulated market for voter information commodifies personal histories that we do not control, for trade among actors with the financial resources to acquire and manipulate data. Public discourse suffers whenever political actors segment the population and narrowcast information, because such fragmentation allows them to decide which citizens are not worth engaging in debate. In this way, groups can be strategically excluded from the deliberative process because of some measured evidence that they will be uninterested or opposed to particular policy initiatives. Lobbyists and parties are most interested in identifying the people who will support them on during legislative battles and on election day. They will spend resources engaging with citizens who might lean their way on a given issue, but have demonstrated that they will not spend significant resources engaging citizens who tend not to vote—often the urban poor and ethnic minorities. Why attempt to educate and energize people who have no history of voting, and may seem politically marginal? Data mining allows political actors to identify which citizens can be left unengaged. Political Parties & Voter Privacy

35

Voter registration files have long been treated as a public asset, for use by campaigns, candidates, and elections administrators. In many countries it is illegal for firms to profit from reselling such data, though they do profit from reselling data that can be appended to voter registration files. Merging such data creates new value that cannot be conceptually disaggregated: knowing who supports your cause is less important if you don’t also know who votes. Contemporary political datasets often include information on associations between people, and are sourced from both electronic records and face‐to‐face contact during canvassing, and Web 2.0 social networking applications. Given the recent history of incidents of compromised records and privacy abuses by political parties around the world, it makes sense to develop a few basic regulations. A few of the basic ones, recommended here, would allow us to reward and punish political actors in a way that is not possible with current systems of oversight. Perhaps one of the most important aspects of the democratic deficit caused by unregulated political data mining is that no particular actor can be held accountable for security breaches or privacy violations. Political marketing has an important role in democratic accountability, by presenting public policy options and political candidates in competition to voters. But the data about voters is collected numerous ways, used by varied actors, and bought, sold, or traded by a large cohort of campaign managers, lobbyists, and data management firms. The absence of oversight—ideal for many of these actors—means no public accountability. From the point of view of citizens, data about our demographic and psychographic attributes are largely out of our control. Citizens have few means of opting out of such datasets, and rarely are even aware of how much information is being collected and collated on them. There is a fair amount of excitement about the impact of web 2.0 on political life, with software applications making political leaders accessible in interesting ways, allowing voters interactive opportunities to learn and express themselves, and allowing journalists and academics innovative tools for researching public policy options. Yet few people turn a critical eye toward the impact of data mining on the quality of our political discourse. This report has sought to begin that critique.


36

Appendix: Prominent Vendors and Databases for Voter Information This is not an exhaustive list of firms and databases. Instead, these are the prominent organizations and databases that have received some attention from journalists and academics. The list does not include pollsters, many of whom work to merge data from survey research with voter registration files and other electronic datasets. Australia Avencia (www.avencia.com) Baycorp Management Co (www.baycorp.com.au) Drake International (www.drakeintl.com) Dunn and Bradstreet (www.dnb.com.au) The Lead Generation, Co. (www.lgco.com.au) The List Bank (www.listbank.com.au) Canada CIMS Environics (erg.environics.net) United Kingdom Experian Mosaic (www.appliedgeographic.com) Labour.contact Voter Vault United States Advanced Custom Software Aristotle (www.aristotle.com) Catalist (www.catalist.us) DataMart DemZilla Political Parties & Voter Privacy

37

Digital Consulting Services (www.webdcs.com) IWave.com Map Applications Penn, Schoen & Berland Associates PlusThree Political Media (politicalmedia.com) Strategic Telemetry TargetPoint (www.targetpointconsulting.com) Voter Vault Wealthengine.com Wealthpoint.com


38

References Agre, Philip, and Marc Rotenberg. 1997. Technology and Privacy: The New Landscape. Cambridge, MA: MIT Press. Alden, Chris. 2009. Republican Website Hacked as US Voters Go to Polls (November 7). The Guardian 2000 [cited February 21 2009]. Available from http://www.guardian.co.uk/technology/2000/nov/07/hacking.security. Alexander, Kim. 2009. Personal Communication. Oakland, CA, March 4. Alexander, Kim, and Keith Mills. Voter Privacy in the Digital Age. California Voter Foundation 2004. Available from www.calvoter.org. Altman, Micah, and Gary M. Klass. 2005. Current Research in Voting, Elections, and Technology. Social Science Computer Review 23:269‐273. Ambinder, Mark. 2009. How to Tell Your Votebuilders from Your Mybos, Your Catalists from Your Vans (November 14). The Atlantic Monthly 2008 [cited March 21 2009]. Available from http://marcambinder.theatlantic.com/archives/2008/11/technology_catalist_votebuilde.php. Arrington, Michael. 2009. John McCain's Myspace Page “Enhanced”. TechCrunch, March 27 2007 [cited March 21 2009]. Available from http://www.techcrunch.com/2007/03/27/john‐mccains‐myspace‐page‐hacked/ Association of Computing Machinery. 2006. Statewide Databases of Registered Voters: Study of Accuracy, Privacy, Usability, Security, and Reliability Issues Commissioned by the U.S. Public Policy Committee of the Association for Computing Machinery. Association of Computing Machinery. Australian Communications and Media Authority. 2005. Investigation Finds No Evidence of Misuse of Telephone Number Database. Australian Communications and Media Authority. Canberra, Australia. Baker, C. J. 2009. Senate Candidate Nick Carter’s Website Hacked for Viagra. Powell Tribune, October 28 2008 [cited March 9 2009]. Available from http://blog.powelltribune.com/2008/10/senate‐candidate‐nick‐carters‐ website.html. BBC News. Court Backs Data Privacy Complaint (November 16) [Internet] 2001 [cited March 3, 2009. Available from http://news.bbc.co.uk/2/hi/uk_news/england/1659807.stm Blade, Toledo. 2009. GOP Calls for Inquiry of 'Plumber' Data Breach (October 26). Toledo Blade 2008 [cited March 9 2009]. Available from http://www.toledoblade.com/apps/pbcs.dll/article?AID=/20081026/NEWS09/810260368. Bockmann, Michelle Wiese. 2009. Dark Side of Democracy (August 20). The Australian 2004 [cited March 21 2009]. Available from http://www.australianit.news.com.au/story/0,24897,10501564‐15302,00.html. Brennan, Richard J. 2009. Voter Data Security Questioned. The Toronto Star, February 12 2009 [cited March 21 2009]. Available from http://www.thestar.com/article/586519 BusinessWeek. 2009. The Snooping Goes Beyond Phone Calls. BusinessWeek, May 29 2006 [cited March 21 2009]. Available from http://www.businessweek.com/magazine/content/06_22/b3986068.htm. California Civil Code. Carrell, Severin. 2009. Lib Dems Broke Privacy Rules with 'Cold Calls'. The Guardian, September 25 2008 [cited March 21 2009]. Available from http://www.guardian.co.uk/politics/2008/sep/25/liberaldemocrats Carswell, Andres. 2007. Phone Database Opened to Mps. The Daily Telegraph. Political Parties & Voter Privacy

39

CBC News. 2009. Election Canada May Be Exposing Voters to ID Theft: Privacy Commissioner. (February 12). CBC News 2009 [cited February, 27 2009]. Available from http://www.cbc.ca/canada/story/2009/02/12/voters‐ privacy.html?ref=rss. Cheadle, Bruce. 2009. Commission Drops Probe of Rosh Hashanah Cards (March 6). The Globe and Mail 2008 [cited March 21 2009]. Available from http://www.theglobeandmail.com/servlet/story/LAC.20080306.PRIVACY06/TPStory/TPNational/Politics/. Clark, Roger. 1994. The Digital Persona and Its Application to Data Surveillance. The Information Society 10 (2):77‐92. Dyer, Clare. 2009. Court Challenge to Councils' Sale of Electoral Roles. The Guardian, September 6 2001 [cited March 21 2009]. Available from http://www.guardian.co.uk/society/2001/sep/06/localgovernment1 Edsall, Thomas B. 2006. GOP Official Faces Sentence in Phone‐Jamming. Washington Post, May 17, A10. EKOS Research Associates. 2009. Canadians and the Privacy Landscape. Office of the Privacy Commissioner of Canada 2007 [cited April 22 2009]. Available from http://www.privcom.gc.ca/information/survey/2007/ekos_2007_02_e.asp#section4. Erickson, Kris, and Philip N. Howard. 2007. A Case of Mistaken Identity? News Accounts of Hacker and Organizational Responsibility for Compromised Digital Records. Journal of Computer Mediated Communication 12 (4). FOX News. 2006. Lieberman Accuses Lamont Camp of Hacking Web‐Site. FOX News, http://www.foxnews.com/story/0,2933,207401,00.html Fox, S. 2000. Trust and Privacy Online: Why Americans Want to Rewrite the Rules. Pew Internet and American Life Project. Glendinning, Lee. 2009. Obama, McCain Computers ‘Hacked’ During Election Campaign (November 7). The Guardian 2008 [cited March 21 2009]. Available from http://www.guardian.co.uk/global/2008/nov/07/obama‐white‐ house‐usa. Goldmacher, Shane. 2009. Paul Koretz’s Campaign Site Hacked (August 26). Sacramento Bee 2008 [cited March 21 2009]. Available from http://www.sacbee.com/static/weblogs/capitolalertlatest/014874.html Goonan, Peter. 2009. State Rep. Candidate Says Someone Hacked into Her Website (May 29). The Republican 2008 [cited March 21 2009]. Available from http://www.masslive.com/news/index.ssf/2008/05/state_representative_candidate.html Grossman, Lev, Viveca Novak, and Eric Roston. 2009. What Your Party Knows About You. Time, October 18 2004 [cited March 21 2009]. Available from http://www.time.com/time/magazine/article/0,9171,995394,00.html Harris, Kathleen. 2009. Surprise Put Valley Mp on the Hot Seat. The Ottawa Sun, January 4 2006 [cited March 21 2009]. Available from http://www.ottawasun.com/News/Election/2006/01/04/1378016‐sun.html. Hennenberg, Stephan C. 2004. The Views of an Advocatus Dei: Political Marketing and Its Critics. Journal of Public Affairs 4 (3):225‐243. Hodgson, Martin. 2009. Investigation Launched into Tories' Voter Data Bungle (May 22). The Guardian 2008 [cited March 21 2009]. Available from http://www.guardian.co.uk/politics/2008/may/22/crewebyelection08.conservatives. Hoofnagle, Christopher. 2009. Personal Communication. Berkeley, CA, February 20. Howard, Philip N. 2003. Digitizing the Social Contract: Producing American Political Culture in the Age of New Media. The Communication Review 6 (3):213–245. Political Parties & Voter Privacy

40

———. 2006. New Media Campaigns and the Managed Citizen. New York: Cambridge University Press. Howard, Philip N., John Carr, and Tema J. Milstein. 2005. Digital Technology and the Market for Political Surveillance. Surveillance and Society 3 (1). Hunter, Christopher. 2002. Political Privacy and Online Politics: How E‐Campaigning Threatens Voter Privacy. First Monday 7 (2). Jimenez, Marina. 2009. Parties Get Sophisticated in Bid for Immigrant Vote (October 7). The Globe and Mail 2008 [cited March 21 2009]. Available from http://www.theglobeandmail.com/servlet/story/LAC.20081007.ELECTIONETHNIC07/TPStory/National Lane, Terry. 2005. Keeping Track of Voters (Radio Program Transcript): The National Interest. Ledbetter, James. 2009. Hillary Gets Hacked (July 22). CNN, March 8, 2009 1999 [cited March 21 2009]. Available from http://www.cnn.com/TECH/computing/9907/22/hillary.idg/. Lees‐Marshment, Jennifer. 2002. The Marriage of Politics and Marketing. Political Studies 49 (4):692‐713. McCue, Andy. Election '05: High‐Tech Campaigning Targets Key Voters (April 27), February 27, 2009 2005. Available from http://management.silicon.com/government/0,39024677,39129879,00.htm. McGregor, Glen. Rosh Hashanah Greeting Cards from Conservative Leader Arrive in Mail Slots (September 10) 2008. Available from http://www2.canada.com/ottawacitizen/news/story.html?id=b8d8a07d‐4bb9‐4208‐8e08‐ 2908ec4d5487 Mills, Elinor. 2009. Hacker Redirects Obama’s Web Site to Clinton’s (April 21). CNET, March 8, 2009 2008 [cited March 21 2009]. Available from http://news.cnet.com/8301‐10784_3‐9925006‐7.html Milne, G.R., and M.J. Culnan. 2004. Strategies for Reducing Online Privacy Risks: Why Consumers Read (or Don't Read) Online Privacy Notices. Journal of Interactive Marketing 18 (3):15‐29. Needham, Kristy. 2009. Liberal Party Off One Hook but a Call on Privacy Looms. Sydney Morning Herald 2005 [cited March 21 2009]. Available from http://www.smh.com.au/news/National/Liberal‐Party‐off‐one‐hook‐but‐a‐ call‐on‐privacy‐looms/2005/03/21/1111253958619.html. Newsweek. 2009. Hackers and Spending Sprees (November 5). Newsweek 2008 [cited March 21 2009]. Available from http://www.newsweek.com/id/167581 Norman‐Eady, Sandra. 2006. Application of State Do‐Not‐Call Laws to Campaign Calls. OLR Research Report, http://www.cga.ct.gov/2006/rpt/2006‐R‐0717.htm People Magazine. 2009. Hacked (January 13). People Magazine 1998 [cited March 9 2009]. Available from http://www.people.com/people/article/0,,620471,00.html. Russell, Ben. 2009. Liber Dem's Knuckles Are Rapped over Clegg's 250,000 'Cold Calls' (September 26). The Independent 2008 [cited March 29 2009]. Available from http://www.independent.co.uk/news/uk/politics/lib‐dems‐ knuckles‐are‐rapped‐over‐cleggs‐250000‐cold‐calls‐942812.html. Rutenberg, Jim, and Adam Nagourney. 2009. Melding Obama’s Web to a Youtube Presidency. New York Times, January 25, A1. Sabato, Larry. 1981. The Rise of Political Consultants: New Ways of Winning Elections. New York: Basic Books. Sanders, Edmund. 2009. Planned Sale of Voter.Com's Data Raises Privacy Concerns (March 8). Los Angeles Times 2001 [cited March 21 2009]. Available from http://articles.latimes.com/2001/mar/08/business/fi‐34937. Scammell, Margaret. 1996. The Odd Couple: Marketing and Magic. European Journal of Marketing 10 (11):114‐126. Political Parties & Voter Privacy

41

Shade, Leslie Regan. 2008. Reconsidering the Right to Privacy in Canada. Bulletin of Science, Technology, and Society 28 (1):80‐91. Sides, John, and Andrew Karch. 2008. Messages That Mobilize? Issue Publics and the Content of Campaign Organizing. The Journal of Politics 70:466‐476. Spencer, Christina. 2009. Voter Info Going Missing – Privacy Commissioner Concerned Data ‘Could Fall into Wrong Hands’ (January). Daily Herald‐Tribune 2009 [cited March 9 2009]. Available from http://www.dailyheraldtribune.com/ArticleDisplay.aspx?e=1435065. Stephey, M.J. 2009. Sarah Palin's E‐Mail Hacked (September 17). Time 2008 [cited March 21 2009]. Available from http://www.time.com/time/politics/article/0,8599,1842097,00.html Stirland, Sarah Lai. 2009. Barack Obama’s Privacy Challenge (November 17). Wired 2008 [cited March 9 2009]. Available from http://blog.wired.com/27bstroke6/2008/11/barack‐obamas‐p.html Stoller, Matt. 2008. Dems Get New Tools, New Talent. The Nation, January 24. Turner, Garth. 2009. Nowhere to Hide (October 12) 2007 [cited February 27 2009]. Available from http://www.garth.ca/weblog/2007/10/12/nowhere‐to‐hide/. Tynan, Daniel. 2009. GOP Voter Vault Shipped Overseas (September 24). PC World 2004 [cited March 21 2009]. Available from http://www.pcworld.com/article/117930/gop_voter_vault_shipped_overseas.html UK Information Commissioner. 2005. Promotion of a Political Party. http://www.ico.gov.uk/upload/documents/library/data_protection/practical_application/promotion_of_a_po litical_party.pdf. UK Office of Public Sector Information. 1998. Data Protection Act of 1998. Valpy, Michael. 2009. What the Tories Know About You; Conservatives Are Targeting Canadians Like Never before with Detailed Databases and Profiles of Fictional Voters to Convert (September 12). Globe and Mail 2008 [cited March 9 2009]. Available from http://www.theglobeandmail.com/servlet/story/RTGAM.20080912.welxnpolling13/BNStory/politics/home. van Onselen, P, and W Errington. 2004. Elector Databases: Big Brother or Democracy Unbound? Australian Journal of Political Science 39 (2):349‐366. Van Onselen, Peter. 2004. Political Databases and Democracy: Incumbency Advantage and Privacy Concerns. In Democratic Audit of Australia. Canberra: Australia National University. Van Onselen, Peter, and Wayne Errington. 2004. Electoral Databases: Big Brother or Democracy Unbound. Australian Journal of Political Science 39 (2):349‐366. Verini, James. 2009. Big Brother, Inc, December 13 2007 [cited March 21 2009]. Available from http://www.vanityfair.com/politics/features/2007/12/aristotle200712. Vijayan, Jalkumar. 2008. Report: Obama, McCain Campaign Computers Were Hacked by a ‘Foreign Entity’. CNN (November 5), http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9119221 Watt, Nicholas, and Julain Borger. 2004. Tories Reveal Secret Weapon to Target Voters. Guardian, Saturday 9 October. Wayne, Leslie. 2000. Voter Profiles Selling Briskly as Privacy Issues Are Raised. New York Times, September 9, A10.


42

Whitman, Joshua M, and Joseph W Perkins. 2003. The Technological Evolution of Campaigns: A Look at New and Emerging Practices. In Campaigns and Election: Issues, Concepts, and Cases, edited by R. P. Watson and C. C. Camp. Washington, DC: Lynne Rienner Publishers. Wolf, Brian Z. 2009. Duncan Hunter’s ’08 Web Site Hacked (October 1). ABC News 2007 [cited March 9 2009]. Available from http://a.abcnews.com/Politics/Story?id=3675222&page=1 Zetter, Kim. 2009. For Sale: The American Voter. Wired, December 11 2003 [cited March 21 2009]. Available from http://www.wired.com/politics/security/news/2003/12/61543


43

Political Parties & Voter Privacy: Australia, Canada, the United Kingdom, and United States in Comparative Perspective Philip N. Howard and Daniel Kreiss This work is licensed under the Creative Commons Attribution‐Noncommercial‐No Derivative Works 3.0 United States License. To view a copy of this license, visit http://creativecommons.org/licenses/by‐nc‐nd/3.0/us/ or send a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, Political Parties & Voter Privacy 94105, USA. Design: Hemisphere Design (www.hemisphere‐design.com)

44