Leave.EU faces big fine over data law breaches

News
By Alan Martin
published

Information commissioner reveals Leave.EU was fined a total of £75,000 for “serious breaches”

The Union Jack and the European flag with a diagonal tear spitting the apart.

The information commissioner, Elizabeth Denham, has revealed large fines for data misuse in the run-up to the EU referendum in 2016.

As explained on the commissioner's website, a move has been made to fine two companies a total of 135,000. Both Leave.EU and the Eldon Insurance company owned by the Brexit-backing Aaron Banks were fined 60,000 apiece for "serious breaches" of laws dictating electronic marketing. In addition, Leave.EU received an extra 15,000 fine for sending 300,000 emails to Eldon customers promoting Brexit.

"More than one million emails were sent to Leave.EU subscribers over two separate periods which also included marketing for GoSkippy [the trading name for Eldon] services, without their consent. This was a breach of PECR regulation 22," the report reads.

What is the Information Commissioner’s Office (ICO)?

"We have issued a preliminary enforcement notice to Eldon Insurance under s40 of the DPA1998, requiring the company to take specified steps to comply with PECR regulation 22. We will follow this up with an audit of the company."

The report leaves the door to further action, with other investigations ongoing. "We are investigating allegations that Eldon Insurance Services Limited shared customer data obtained for insurance purposes with Leave.EU," the report reads, adding that the ICO is "still considering the evidence in relation to a breach of principle seven of the DPA1998 for the company's overall handling of personal data."

It isn't just the Leave side under investigation, though. "We are still looking at how the Remain side of the referendum campaign handled personal data, including the electoral roll, and will be considering whether there are any breaches of data protection or electoral law requiring further action," the report reads. "We investigated the collection and sharing of personal data by Britain Stronger in Europe and a linked data broker. We specifically looked at 11 inadequate third party consents and the fair processing statements used to collect personal data."

Amidst these words for those on both sides of the referendum battle, the ICO also highlighted the activities of Cambridge Analytica, writing that the company would be facing a "substantial fine for very serious breaches of principle one of the DPA1998" had it not already gone into administration following the scandal.

Alan Martin
Alan Martin

After a false career start producing flash games, Alan Martin has been writing about phones, wearables and internet culture for over a decade with bylines all over the web and print.

Previously Deputy Editor of Alphr, he turned freelance in 2018 and his words can now be found all over the web, on the likes of Tom's Guide, The i, TechRadar, NME, Gizmodo, Coach, T3, The New Statesman and ShortList, as well as in the odd magazine and newspaper.

He's rarely seen not wearing at least one smartwatch, can talk your ear off about political biographies, and is a long-suffering fan of Derby County FC (which, on balance, he'd rather not talk about). He lives in London, right at the bottom of the Northern Line, long after you think it ends.

You can find Alan tweeting at @alan_p_martin, or email him at mralanpmartin@gmail.com.