The Yellow Peril

A few months ago, I blogged about a session of the House of Common’s Culture Media and Sport Committee where the Chief Executive of Which? talked a bit of nonsense about unsolicited calls. Not to be outdone, the MP for Exeter Ben Bradshaw decided to indulge in a bit of (reported) hogwash of his own. Opining on the interesting  suggestion to ban unsolicited calls altogether, Bradshaw described the idea as “an affront to democracy“. After all, he said, “I am there to help my constituents, but you are saying you want to make it more difficult for me to help them.” I don’t know whether an unsolicited call from Mr Bradshaw – a man who unnervingly resembles Hugh Grant’s mummified remains – is what the fine folk of Exeter really need, but the claim is stupid. If a constituent asks an MP for assistance, any call would be solicited. If a constituent hasn’t asked the MP for help, the MP should leave them alone.

I was inspired by Mr Bradshaw’s comments to do something I have been meaning to do for a long time, and which the faint rumblings of the campaign for the 2015 General Election suggest as a sensible step for anyone. I made a request under Section 11 of the Data Protection Act asking the three main political parties to cease or not to begin processing my personal data for the purposes of direct marketing. In other words, I opted out of receiving any marketing / campaigning / promotional material from Labour, the Conservatives and the LibDems, either at a national or a local level.

So how did they get on?

I deliberately chose the bog-standard national address from the front page of each party’s website and made no effort to find out who in each organisation is responsible for Data Protection or general compliance, just to see what happened. So on the same day (using the nice paper, since you ask), I wrote to ‘the Data Protection Officer’ at each party. It took the LibDems and the Conservatives a day to respond – I think I posted the letters on a Tuesday and I had both of their responses on the Thursday, which is very good. Labour lose some customer service points for needing a follow-up letter to prompt a response, but cannot really be criticised as a) they sent a nice apology for the delay and b) an organisation has no legal obligation to acknowledge a Section 11 request, they simply have to comply with it. All equal so far.

Purely from a blogging perspective, I will admit to being disappointed with both Labour and the Conservatives’ substantive responses. Both were exemplary, doing nothing more than politely agreeing to my request. There was no quibbling, no attempt to nose out a loophole. I expected at least one of the parties to claim that political campaigning isn’t marketing, but neither of the big two took the bait. They even promised to ‘suppress’ my details, meaning that my information will be retained but kept on a suppression list so even if they acquire my data from some survey or other list, I will be flagged as ‘no contact’. It’s entirely possible that they won’t follow through and comply, but it’s a good start. Bit a pain though, as I have a blog to fill and DOING STUFF PROPERLY ISN’T GOING TO HELP ME DO THAT, IS IT? IS IT?

And so, Thank Goodness for the Liberal Democrats.

The letter from the party’s ‘Head of Compliance and Constitutional Support’ contained a fascinating attitude to Data Protection. Firstly, he spelled my street wrong (‘Honeysuckel’ not ‘Honeysuckle’) and the second half of the postcode was completely incorrect (none of the same letters or numbers). The fact that when responding to a member of the public who is raising concerns about data protection, you are so sloppy as to get the address wrong when it’s probably easier to get it right is telling. Secondly, his opening gambit ‘I am afraid there are a number of misunderstandings of the Data Protection Act in your letter‘ is probably red rag / bull territory for someone like me, but it is also not true. He identified no misconceptions about the DPA at all; instead, he went on to quote ICO guidance – ICO guidance and the DPA are very different things and I think it’s remarkable that a ‘Head of Compliance’ doesn’t appear to know that. His point is that Section 91 of the Representation of the People’s Act 1983 gives parties the right to send either one “unaddressed postal communication” or one “postal communication addressed to each elector“. The reference to ICO guidance comes from ‘Guidance for political parties and candidates‘, and as he observed, the ICO guidance does indeed say that Section 91 ‘applies even if the individual has asked you not to contact them‘.

This is interesting. Section 11 of the Data Protection Act does not contain any exemptions or qualifications. It says this:

An individual is entitled at any time by notice in writing to a data controller to require the data controller at the end of such period as is reasonable in the circumstances to cease, or not to begin, processing for the purposes of direct marketing personal data in respect of which he is the data subject.

And that’s all. The unaddressed communication is fine – it will be delivered with the pizza leaflets, but an unaddressed leaflet clearly does not offend Data Protection and I have no argument with it. However, if Section 91 of the Representation of the People’s Act 1983 gives parties an automatic right to send an addressed communication, that appears to be in conflict with my Data Protection rights. DPA says one thing, RPA another. I’m not remotely an expert in the UK constitution versus EU law, but even I know (and a more reliable person reminded me) that generally speaking, where EU and domestic law are in conflict, EU law wins. It’s curious that the ICO line appears to be wrong and their guidance to parties – clearly written with awareness of the conflict – sides against the ICO’s own legislation. For what it’s worth, I think the LibDems and the ICO guidance is wrong. I believe Section 11 takes precedence.

However, even if I’m wrong, the LibDem’s high-handed approach is striking. Their attitude can be paraphrased like this: ‘we know you don’t want to hear from us, but we think our rights trump yours, so tough’. The communication in question – if it comes – will be designed to persuade me to vote Liberal Democrat, and I find it very difficult to reconcile the two ideas. Do I really want to vote for people whose attitude to my rights is so dismissive? Even if the RPA does give the parties an unchallenged right to send marketing to unwilling recipients, what kind of organisation is dumb enough to use that right?

Comments

  1. coppenheim says:

    Have you followed this up with the LibDem contact?

    • The second half of the blog is more or less a paraphrase of a follow-up letter that I sent to the LibDems on 5 October. I have had no response.

  2. Perhaps the LibDems could publicly sign a pledge not to send you any marketing material?

    Oh…

  3. I may have misinterpreted this, but after reading s.91 Representation of the People Act 1983, it appears to relate to Parliamentary candidates’ right to send a communication to a registered elector free of charge i.e. no postage. This is what the entire section refers to, rather than just the right to mail electors ‘full stop’. I would presume (after looking at this section in isolation and having no expertise in this legislation!) that this means they can send a communication to a registered elector, free of charge by arrangement with Royal Mail, but not if the elector has sent a section 11 notice under the DPA.

    • To be honest, that’s how I interpreted it at first – that it was more about right to free postage than anything wider. Given the spin put on it by both the LibDems and the ICO, I ignored that. It’s very interesting that you came to this conclusion; I am convinced that the ICO is wrong.

      • I think the ICO guidance is wrong as well, after reading s.91; I don’t see how it can be interpreted in the way they say – the title of the section is ‘Candidate’s right to send election address post free.’. Perhaps something to raise with the ICO…they have been known to reasses their position on matters before!

  4. I would tend to agree, and considering 2 of the 3 major parties also believe that DPA trumps anything else I’m surprised a normally “pro citizens rights” party would take such a positon. Or is this, to CMiller’s point, another example of the LibDems being fluffy on the outside and crunchy on the inside?

    Have you also completed this task for the likes of UKIP, BNP, Greens etc?

  5. I think CMiller is right – what’s the best way of an incredibly unpopular person like me to get the Information Commissioner to change their wrong guidance?

    • You? Unpopular? Never. I would contact one of the Policy Officers directly (not via the generic ICO email address) to raise your concerns. If they read s.91 properly (with some prompting) I don’t see how they can justify not looking into this further. I have a conference brochure from the ICO DPO Conference 2013 and Iain Bourne is listed as the Group Manager (Data Protection) Policy Delivery in the speaker biographies section – you could try him.

      • I don’t think I have ever offended Iain Bourne, but there’s a first time for everything. That’s a very sensible suggestion and I will contact him today.

%d bloggers like this: