Political parties have been warned they will be breaking the law if they collect email addresses and phone numbers to send unsolicited text messages or emails during the general election campaign.
The Data Protection Commissioner has written to the parties to caution them about communicating with individuals by text, email or phone.
Commissioner Billy Hawkes said today he had received “numerous complaints” about such contacts from parties and candidates during previous election campaigns. The June 2009 local election campaign generated a "large number" of such complaints.
“In many cases, the individual had no previous contact with the political party or candidate and was concerned at the manner in which their details were sourced,” a statement from the commissioner said.
Subsequent investigations revealed that contact details were obtained from sources such as sports clubs, friends, colleagues and schools.
Mr Hawkes said obtaining personal data in such circumstances would constitute a breach of the Data Protection Acts, as there would be no consent from the individual for their details to be obtained and used in this way.
“In the interests of good relations with the electorate, I urge parties and candidates to abide by these simple guidelines in the course of the forthcoming election,” he said.
Mr Hawkes said parties should not attempt to obtain or use contact information from third parties.
They should also avoid sending electoral messages to persons other than those – such as party members – who could “reasonably be assumed to consent to receipt of such messages”.
Mr Hawkes said candidates should, in their own interest, not do something which would either generate complaints to his office, or otherwise annoy people and not encourage them to vote for the candidates.
The Data Protection Acts place certain restrictions on direct marketing. The restrictions do not apply to direct mailing carried out in the course of political activities by a political party or its members.
This permits candidates to send letters and leaflets to anyone on the Register of Electors.
Fine Gael’s relaunched website was recently the subject of at least one complaint to the commissioner’s office.
The party had been collecting phone numbers, email addresses, IP addresses and constituency location information from people submitting comments about politics and the country’s future.
The database was subsequently hacked and the personal information of some 2,000 members of the public was taken from the site and sent to the media.
Gardaí and the Data Protection Commissioner are investigating the breach. The FBI was also notified, because the hacked website had been hosted in the US.
The website was offline for about several days following the hack but has since been restored.
Data protection consultant Daragh O'Brien of the firm Castlebridge Associates welcomed the commissioner's statement. He noted this Friday marks international Data Privacy Day.
Mr O'Brien said all political parties should use this as an opportunity to reaffirm their commitment to the fundamental principles of data privacy and data protection, as set out not just in Irish legislation but in our treaty obligations under the Lisbon Treaty.
"Beyond politics, I would ask all organisations to take the opportunity presented by Data Privacy Day to examine how they are capturing and using personal data and ensure that staff have the necessary skills and training to ensure that risks to personal data privacy are being managed proactively. Personal data is a valuable asset that is given to you on trust.”