The company from which Labour bought the personal data of more than a million individuals during the 2017 election has been fined £140,000 by the Information Commissioner for a “serious contravention” of the Data Protection Act.
The Information Commissioner’s Office ruled that Lifecycle Marketing Mother and Baby Ltd (LCMB), trading as Emma’s Diary
“…contravened DPP1 by selling the personal data of more than 1 million individuals to the Labour Party for use in the Labour Party’s general election campaign in 2AL7 without informing those individuals that it might do so, As a result, LCMB processed that personal data unfairly and without satisfying any processing condition under Schedule 2 DPA.”
The ICO found:
In May 2017, LCMB supplied 7,065,220 records to Experian Marketing Services under a data supply agreement listing the Labour Party as Experian’s client. The data supply agreement specified the delivery date for the data as 5 May 2017…
Each record comprised the following personal data: name of parent, household address, the presence of children up to 5 years old and date of birth of both mother and child. The records thus comprised the personal data of both mothers and young children. LCMB obtained that personal data via its online registration on its website and via an offline registration form.
Experian, apparently acting as an agent or processor on behalf of the Labour Party, loaded those records onto a database it hosted for the Labour Party to assist the Labour Party with a direct marketing mail campaign for the general election in 2017. LCMB told the Commissioner that the records it supplied would have helped the Labour Party send political marketing communications to people with young children about, for example, Labour’s intention to protect Sure Start centres. This was done in the constituencies for 106 parliamentary seats.
According to LCMB, the records it disclosed were deleted by Experian following the general election on B June 2017. In its letter to the Commissioner of 30 January 2018, LCMB told the Commissioner that “All data supplied agreed to be contacted via the postal channel and by 3rd party marketers and the usage of the mums’ data is fully outlined within or Privacy Policy,” It transpired, however, that this was not the case.
A Labour spokesman says the party will no longer be using the company and will be reviewing how they purchase their data. Labour they insist bought the data in good faith. There is no indication the party itself has broken the law.
“We welcome the ICO’s report. The Labour Party holds data from a variety of sources, like all UK political parties. We have neither bought nor used Emma’s Diary data since the 2017 general election and we will be reviewing our approach to acquiring data from third parties in light of the ICO’s report.”
Labour MPs have been tweeting about the ICO report on Facebook data breaches all day. Oddly none have mentioned the above finding. Sure Carole Cadwalladr will be splashing on this for the Observer this weekend…
The Tories start the election campaign with a 16 point lead over Labour, who in-turn will find solace from being 9% clear of the Lib Dems. 
As the Chequers meeting gets underway a new poll reveals voters will turn away from the Tories if they fail to implement Brexit. According to the data from BMG Research commissioned by Change Britain:
