Labour Leaks – Privacy and Labour's donors

R0B at The Standard says that Labour party donors shouldn’t be grumpy with the Labour Party for their lack of respect of privacy principles.  He says:

“ if you are pissed off, please don’t blame some hapless web admin working for Labour, please blame the people who took this information and illegally made it public.”

He’s right of course.  The donors, and the party membership as a whole, shouldn’t blame some “hapless web admin working for Labour”. At the very least it should be General Secretary Chris Flatt or the President Moira Coatsworth.  They are responsible for the systems to ensure the Labour Party meets basic standards of security of personal and Party information. This would never have happened if John Pagani had won the battle for the position of General Secretary.

Labour continue to spin, lie and denigrate without telling the truth. They should remember that I have all the logs and if they don’t come clean, I will. Moira Coatsworth says they can pin it to a National party ip address, I say that is a lie. There are months worth of logs, to pick just one ip address an ascribe it to some sort of conspiracy is farcical and they just look silly doing it.

Let’s be clear there is an onus on every organisation to have a duty of care when dealing with individual’s private information – including their financial and personal details.

At a very basic level the Privacy Act controls how organisations collect, use, disclose, store and give access to “personal information”.

Principle 5(a)(ii) and 5(a)(iii) of the Act applies to the Labour Party and their complete disregard for the appropriate storage of personal information.

An agency that hold personal information shall ensure –

(a) that the information is protected, by such security safeguards as it is reasonable in the circumstances to take, against –

(ii) access, use, modification, or disclosure, except with the authority of the agency that holds the information; and

(iii) other misuse

No hacking took place.  The information was very simply available online. I even tested it with one of my not-so-IT-savvy friends.

Donors to the Labour Party have every right to be angry, but not with me.  The Labour Party failed in their duty of care to protect your information, not me.  If anything I have done a great service to highlight the Labour Party’s inadequacies in their security of information.

I would advise all Labour Party members to complain to the Privacy Commissioner Marie Shroff for a full investigation, and to ensure the Labour Party has appropriate systems in place to protect any information you provide in the future.

I am awaiting legal advice as to how much of the donor list I can legally release. It may well be in full but I need that advice to come through before relasing the list.

What I can tell you is that Labour continues to tell lies. They claim they are contacting more than 18,000 donors. There aren’t that many, there are only 452. Labour can’t be trusted to keep your data secure and they certainly can’t be trusted to tell the truth.

pwning labour

 


THANK YOU for being a subscriber. Because of you Whaleoil is going from strength to strength. It is a little known fact that Whaleoil subscribers are better in bed, good looking and highly intelligent. Sometimes all at once! Please Click Here Now to subscribe to an ad-free Whaleoil.

  • lcmortensen

    It s not principle 5 – it’s principle 1 you should be worried about:

    Personal information shall not be collected by any agency unless—
    (a) the information is collected for a lawful purpose connected with a function or activity of the agency; and
    (b) the collection of the information is necessary for that purpose.

    So that means you have breached the Privacy Act yourself – if my personal details were on that list, then you would have no lawful purpose to collect them for.

    You’ve also breached Section 249(1) of the Crimes Act 1961:
    Every one is liable to imprisonment for a term not exceeding 7 years who, directly or indirectly, accesses any computer system and thereby, dishonestly or by deception, and without claim of right,—
    (a) obtains any property, privilege, service, pecuniary advantage, benefit, or valuable consideration; or
    (b) causes loss to any other person.

    Dishonestly – yes. Without claim to right – yes. Seven years in prison – enjoy you porridge.

    • lcmortensen

      Oh, and for “Address for Service” for Cameron Slater – anyone can get that from the electoral roll.

    • lowercaseusername

      Negatory – Whaleoil is not an ‘agency’.

      Point two; A SQL line of code is not dishonest. The intent is to merely grab data from a database. If that’s all WO has done, then he hasn’t dishonestly or deceptively done anything.

    • gaskranken

      Property, privilege, service, pecuniary advantage, benefit, valuable consideration sounds just like a party in Downtown Brown’s orifice

  • alex Masterley

    Lawyer are you LC?
    Doubt it.

    • lcmortensen

      No – I am not a lawyer. I’m just reading what is said off the Legislation website

  • Wise move Cam. The Left can be a vindictive bunch, as the commenter above displays.

    PS – It was nice to see Eddie show his/her true colours yesterday with a bit of the beneficiary-bashing that he/she so condemns the Right for. Their hypocrisy is breathtaking after all the back-slapping they’ve done over The Hollow Men, Wikileaks and the Sarah Palin e-mail theft.

    • gaskranken

      Hollow Men, that’s right…I vivdly recall the crowing and the guffawing when Don had inadvertently remain logged on when he should have logged off and tried to claim the parlimentary email system had been hacked, pffhh as if….

      They were full of it, mocking poor old Don about lax security standards, now there’s an irony.

      The only reason anyone should be worried about being outed from this data base is living with the embarrassment of having given money to Goof-E in a moment of weakness.

  • tooright

    lc – you should stick to the forklift andf keep the day job.

    From what I’ve seen there was no computer system to access or data to collect either dishonestly or by deception. Whale was walking down the road and saw the labour library was open. Strolled in and read the reports that were helpfully arrayed on the shelves in subject folders. He took a few copies of the ones he liked – using the copy function in the library.

    Seems they were happy to have him as he visited several times. Arraently it’s a broad church as the National party visited too – according to the labour president they left their IP behind – whatever that is! You’d think Moira would give it back if she knew who left it.

    Cheers Cam – your scoop is brilliant. Goofs flight back will a long one.

    • gazzaw

      Goof’s flight home will seem longer still seeing as he has probably had to pay for this one himself.

  • Pingback: The power of the Whale | mydeology | mydeology()

33%