SF must face ‘full audit’ after admitting ‘gap’ in data handling

A DUP MP has said Sinn Fein should face a “full audit” of its data dealings, after its leader admitted there was a “gap in compliance” concerning its handling of voter information.
A satirical cartoon by Brian John Spencer, after SF this week denied ‘data mining’ Facebook accounts, but acknowledged suffering a data ‘compliance gap’A satirical cartoon by Brian John Spencer, after SF this week denied ‘data mining’ Facebook accounts, but acknowledged suffering a data ‘compliance gap’
A satirical cartoon by Brian John Spencer, after SF this week denied ‘data mining’ Facebook accounts, but acknowledged suffering a data ‘compliance gap’

Mary Lou McDonald made the admission on a late night RTE show, after the party had claimed earlier in the week it was in “full compliance” with the rules.

Both Ireland’s information regulator (the Data Protection Commission or DPC) and its UK counterpart (the Information Commissioner’s Office or ICO) have now begun making enquiries about Sinn Fein’s handling of data.

Hide Ad
Hide Ad

Despite initially refusing to say where its data was being stored, party president Ms McDonald went on to disclose that they used to store it in the UK, but had shifted it to a private company in Germany (a move it says was prompted by Brexit).

The party denies allegations that the data had been stored in the USA or Serbia, which are outside the EU.

It has also denied “data mining” people’s personal details from Facebook.

The party’s database is called Abu (which appears to mean ‘forever’ in Irish according to some online translations), and there has been some confusion over exactly what information is in it.

Hide Ad
Hide Ad

Ms McDonald said that the database was comprised merely of the electoral register – a roll of people who have cast votes, and which is open to political parties generally.

But addressing a claim that it also contained information on which parties people are likely to vote for – which goes beyond the information in the electoral register – Ms McDonald said such a system “would not be crossing the line”.

Then during the RTE show ‘Prime Time’ late on Thursday night, Ms McDonald acknowledged that the party had indeed fallen short of some of the requirements on handling data.

Ever since 2018, Irish watchdog the DPC has insisted certain organisations must appoint a designated Data Protection Officer, whose details are lodged with the DPC.

Hide Ad
Hide Ad

RTE presenter Fran McNulty said to Ms McDonald: “You and Sinn Fein have been saying today, and for the past couple of days, that you’ve been compliant when it comes to all of these issues.

“When it [the database] was set up, did you have a Data Protection Officer in the party?”

Ms McDonald replied: “We had a Data Compliance Officer in the party. We now have appointed a Data Protection Officer. We appointed it on foot of our initial correspondence and contact with the Data Protection Commissioner.”

The interviewer said: “Therefore you weren’t in compliance with the legislation! You’ve been saying you were.”

Hide Ad
Hide Ad

The discussion then moved on to the area of Data Protection Impact Assessments.

Ms McDonald said that Sinn Fein had carried out an impact assessment of its database recently – again, “on foot of media stories”.

“But you should carry it out under the legislation before you set it up,” the interviewer said.

“Are you saying tonight you didn’t? That it’s just happened in the last week or so?”

Hide Ad
Hide Ad

Ms McDonald replied: “Yeah, it’s by way of meeting what was a gap in the compliance identified...

“Those two matters have been resolved.”

DUP MP Gavin Robinson said: “A few days ago Sinn Fein stated that their activities were entirely compliant with data protection legislation.

“It is only after significant journalistic questioning and the intervention of relevant agencies both in the Republic of Ireland and Northern Ireland we know that is not the case.

“The ICO here in the UK have been clear in the need to ensure public trust and confidence in the handling of data. Therefore Sinn Fein should submit themselves to, and welcome, a full audit from the ICO into their operations here in Northern Ireland.”

Click here for more from this reporter:

Hide Ad
Hide Ad

——— ———

A message from the Editor:

Thank you for reading this story on our website. While I have your attention, I also have an important request to make of you.

With the coronavirus lockdown having a major impact on many of our advertisers — and consequently the revenue we receive — we are more reliant than ever on you taking out a digital subscription.

Subscribe to newsletter.co.uk and enjoy unlimited access to the best Northern Ireland and UK news and information online and on our app. With a digital subscription, you can read more than 5 articles, see fewer ads, enjoy faster load times, and get access to exclusive newsletters and content. Visit https://www.newsletter.co.uk/subscriptions now to sign up.

Hide Ad
Hide Ad

Our journalism costs money and we rely on advertising, print and digital revenues to help to support them. By supporting us, we are able to support you in providing trusted, fact-checked content for this website.

Alistair Bushe

Editor