The Greens posted online confidential and personal information of their members and supporters, in breach of the party’s own internal rules.
Tens of thousands of names, phone numbers, addresses and other sensitive information have been made available online and can be accessed through the party’s website.
It is not clear how long the information has been available online. CBC was alerted on Tuesday to possible concerns about the Greens’ data. Access to the Google Drive document containing the information was closed Thursday after CBC contacted the party.
A privacy expert said posting personal information online was a breach of trust.
“Difficulty,” said Ann Cavoukian, the director of Toronto Metropolitan University Privacy by Center of Design Excellence and former Information and Privacy Commissioner of Ontario.
“I’m sorry, I find it so appalling that the Greens are posting this information, and making it available to the public.”
Posting unsecured personal information online is against the Greens Privacy rules. On its website, the party promises voters that it will take “safeguards” against the unauthorized use, disclosure, loss or theft of their information.
CBC found no credit card or financial information in the files — but the names, addresses, zip codes, phone numbers, dates of birth, internal documents of -matches and training videos were all available for viewing and downloading. The information was stored in the cloud in Google Drive.
It is not clear how long the data has been available online. The folders and files were dated July 2022.
CBC has seen spreadsheets labeled “Voter List” belonging to former 2020 Green Party candidates Dylan Perceval-Maxwell, Andrew West, Amita Kuttner, David Merner, Glen Murray, Judy Green, Courtney Howard and Annamie Paul.
Former Green Party Leader Annamie Paul attends The National’s Face to Face hosted by Rosemary Barton on September 14, 2021. (Evan Mitsui/CBC)
Paul won[dikit-tellieqag[all-vanta;;Hijarriżenjatsenawarawarataqbidapolitikainternadwarit-tmexxijatagħhaIr-reġistrutal-votantitagħhakienfih26000linjata’informazzjonidwaril-votantimetatpoġġafuql-internet
Xi informazzjoni mill-kampanja ta’ Dimitri Lascaris, li spiċċa t-tieni fit-tellieqa ta’ quddiem tal-2020, ġiet ukoll maqsuma online.
Il-Ħodor imblukkaw l-aċċess
Il-partit immedjatament illimita l-aċċess għall-Google Drive tagħhom wara li CBC ikkuntattja lill-Ħodor.
Il-partit spiċċa fl-2022 bir-ritorn tal-eks chairwoman Elizabeth May u kap eżekuttiv ġdid, Kevin Dunbar. Fi stqarrija, Dunbar qal li l-partit kien “jirrevedi bla heda” is-sistemi interni u l-websajt tiegħu.
“L-informazzjoni li qed tirreferi għaliha qatt ma kienet maħsuba biex tkun fid-dominju pubbliku u issa tneħħiet,” qal fl-istqarrija.
“Nieħdu s-sigurtà tad-dejta bis-serjetà u diġà bdejna investigazzjonijiet dwar kif daħlet f’żona pubblika tal-websajt tagħna.”
Il-“Scoper the Organizing Toolbox” tal-Ħodor ipprovda aċċess għal informazzjoni sensittiva u personali li tappartjeni lill-membri u l-partitarji tagħhom. (Screenshot/www.greenparty.ca)
Il-membru tal-Partit tal-Ħodor barrani, Saul Bottcher, ra ftit mill-informazzjoni personali tiegħu stess nixxew onlajn. Bottcher offriet għall-partit dwar il-politika, ir-reviżjonijiet tas-sħubija, u kampanja ta ‘tmexxija.
Telaq mill-partit wara li hu u rapport intern tal-partit komplut is-sena l-o[ra li eks membru tke//a permezz ta’ pro/ess difettu].
Bottcher called this privacy breach “serious,” but not surprising given the party laid off staff when it struggled financially in 2021 and 2022.
“People are overwhelmed and it’s impossible to keep everything on the same level,” Bottcher told CBC News. “So it was inevitable that mistakes would be made.”
Elections Canada calls for stricter rules
Although the party violated their privacy policy, they likely did not violate federal law. This is because federal information and privacy laws do not apply to federal parties.
And while Canada’s election law requires political parties to develop privacy policies, they don’t have to pay penalties for violating those policies.
In a recent report, Chief Electoral Stéphane Perrault said that political parties should fall under the Act on the Protection of Personal Data and Electronic Documents, or PIPEDA — federal law that governs how the federal private sector collects, uses, and discloses information.
“Elections Canada continues to believe that applying these privacy principles to political parties is the best approach,” Perrault said in the report.
As it is, he added, “there are no provisions that oblige them to actually take measures to protect personal data.
“Furthermore, there is no monitoring mechanism in place to monitor whether parties actually comply with the content of their policies.”
Green Party Leader Elizabeth May visits the University of Waterloo on 17 September 2019 to talk about personal data protection. (Kate Bueckert/CBC)
Then-federal privacy commissioner Daniel Therrien found in 2021 that lawmakers “refused” to place her political organizations under federal information and privacy laws.
May herself said that political parties should “play by the rules”.
Many political parties maintain databases of voter information. Voter interactions are used by party staff to collect and store voter information and share it with their organizational teams and headquarters.
Along with sensitive voter information, the Green Party has openly released a series of video tutorials on how to turn voter interactions into data collection opportunities.
In one of these videos, volunteers are told that candidate door-knocking or advertising campaigns, fundraising, email subscriptions, and Zoom webinars are opportunities to gather information about the -voters.
Voter data collected by Greens staff is fed into the party’s internal GVote platform. It can then be compared to the electoral roll to target potential supporters. Many other political parties are doing the same.
This is not the first time that the Greens have released the personal details of voters. 2019 the party Removed similar training videos from Google Drive containing voters’ personal information. The party apologized.
