Connect with us


Data audit of UK political parties finds laundry list of failings



In a finding that should surprise no one, an audit of how UK political parties are handling voter information has surfaced a damning lack of compliance with data protection rules across the political spectrum — with parties failing to come clean with voters about how individuals are being invisibly profiled and targeted by parties’ digital campaigning machines.

“Political parties may legitimately hold personal data belonging to millions of people to help them campaign effectively. But developments in the use of data analytics and social media by political parties mean that many voters are unaware of how their data is being used,” the Information Commissioner’s Office (ICO) warned today.

“All political parties must be clear and transparent with people about how their personal data is used and there should be improved governance and accountability,” it goes on to say in the report.

“Political parties have always wanted to use data to understand voters’ interests and priorities, and respond by explaining the right policies to the right people. Technology now makes that possible on a much more granular level. This can be positive: engaging people on topics that interest them contributes to greater turnout at elections. But engagement must be lawful, especially where there are risks of significant privacy intrusion – for instance around invisible profiling activities, use of sensitive categories of data and unwanted and intrusive marketing. The risk to democracy if elections are driven by unfair or opaque digital targeting is too great for us to shift our focus from this area.”

Despite flagging risks to democratic trust and engagement the regulator has chosen not to take enforcement action.

Instead it has issued a series of recommendations — almost a third of which are rated ‘urgent’ — saying it will carry out a further review later this year and could still take action if enough progress isn’t made. 

“Should our follow-up reviews indicate parties have failed to take appropriate steps to comply, we reserve the right to take further regulatory action in line with our Regulatory Action Policy,” it notes in the report which also includes  warm words for how “positively” parties have engaged with it on the issues. 

The ICO also says it will update its existing guidance on political campaigning later this year — which it notes will have wider relevance for (non-political) campaigners, pressure groups, data brokers and data analytic companies.

It has previously put out guidance for the direct marketing data broking sector as part of its follow up to the Cambridge Analytica Facebook data misuse scandal.

From Cambridge Analytica to ‘must do better’

The data audit of UK political parties was instigated by the ICO after the Cambridge Analytica scandal drew global attention to the role of social media and big data in digital campaigning.

In an earlier report on the topic, in July 2018, the ICO called for an ‘ethical pause’ around the use of microtargeting ad tools for political campaigning — warning there’s a risk of trust in democracy being undermined by a lack of transparency around the data-fuelled targeting techniques being applied to voters.

But there was no let up in the use of social media targeting before or during the 2019 UK general election, when concerns about how Boris Johnson’s Conservative Party was using Facebook ads to harvest voter data were among the issues raised.

The ICO report is determined to spare parties individual blushes, however — it’s only summarized ‘aggregated’ learnings from its deep dive into wtaf the Conservative Party; the Labour Party; the Liberal Democrats; the Scottish National Party (SNP); the Democratic Unionist Party (DUP); Plaid Cymru; and United Kingdom Independence Party (UKIP) are doing with people’s data.

Nor is the regulator handing out the marching orders, exactly.

“We recommended the following actions must be taken by the parties”, is the ICO’s preferred oxymoronic construction as it seeks to avoid putting any political noses out of joint. (Not least those belonging to people in government.) So it’s opting for a softly, softly ‘recommend and review’ approach to trying to clean up parties’ dubious data habits

Among its key findings are that political parties’ privacy notices are falling short of required levels of transparency and clarity; don’t have appropriate lawful bases for the data they’re processing in all cases, and where they’re claiming consent may not be obtaining this legally; aren’t being up front about how they’re combining data to profile voters, nor are they carrying out enough checks on data suppliers to ensure those third parties have legally obtained people’s data; aren’t putting proper contractual controls in place when using social media platforms to target voters; and are not staying on top of their obligations so as to be in a position to demonstrate accountability.

So quite the laundry list of data protection failings.

The ICO’s recommendations to political parties are also hilariously basic — saying they must:

  • undertake an information audit or data-mapping exercise to help find out what personal data they hold and where it is;
  • conduct a review to find out why they are using personal data, who they share it with and how long it is kept, by distributing questionnaires to relevant areas, meeting directly with key business functions and reviewing policies, procedures, contracts and agreements;
  • document their findings in writing, in a detailed and meaningful way.

Insert your own face-palm emoji as you imagine the chaotic evil underlying those bullet points.

“We recognise that achieving effective transparency to the UK adult population is challenging,” the ICO notes in a section of the report on transparency requirements, adding that its earlier report recommended “wider, joined-up approaches should be also taken to raising awareness of how data is used in campaigning”.

It adds that it will continue to work with the Electoral Commission on this recommendation.

The explosive growth of digital ads for UK political campaigning is quantified by a line in the report citing Electoral Commission data showing 42.8% of advertising spending by campaigners was on digital advertising in 2017, compared to just 1.7% in 2014.

So the use of social media platforms — which the report notes were used by all parties for political campaigning — is chain-linked to the troubling lack of transparency being called out by the regulator.

“Social media was used by all parties to promote their work to people who may be interested in their values. The majority was delivered via Facebook — including their Instagram platform — and Twitter. Where political parties were using audience choice tools, we had concerns with the lack of transparency of this practice,” the ICO writes. “Privacy information did not make it clear that personal data of voters collected or processed by the party would then be profiled and used to target marketing to them via social media platforms.

“A key recommendation made following our audits was that parties must inform individuals and be transparent about this processing, so that voters fully understand their personal data will be used in this way to comply with Article 13(1)(e) of the GDPR. For example, parties should tell voters that their email addresses will be used to match them on social media for the purposes of showing them political messaging.”

“Due diligence should be undertaken before any campaign begins so that parties can assure themselves that the social media company has: appropriate privacy information and tools in place; and the data processing they will be doing on the party’s behalf is lawful and transparent, and upholds the rights of individuals under data protection law,” it adds.

The report also discusses the need for political parties to fully understand the legal implications of using specific data-fuelled ad-targeting platforms/tools (i.e. before they rush in and upload people’s data to Facebook/Twitter) — so they can properly fulfil their obligations.

To wit:

When parties look to use a platform’s targeting tools, both the party and the platform itself should clearly identify the circumstances where joint controllership exists and put measures in place to fulfil those obligations. They must assess this on a case-by-case basis, irrespective of the content of any controller or processor arrangement. Joint controllership may exist in practice, if the platform exercises a significant degree of control over the tools and techniques they use to target individual users of their service with political messages on behalf of the party.

Article 26 of the GDPR specifies the requirements for joint controller situations. Parties should agree and fully understand who is responsible for what. This means they must work with any social media platform they use to make sure there are no gaps in compliance, and ensure they have appropriate contracts or agreements in place. They should also undertake in-life contract monitoring to ensure that the platforms are adhering to these contracts.

In the report, the ICO describes the data protection implications involved in joint controller situations as “complex”, adding: “We recognise that the solutions to the issues… may take more time to resolve and will require more guidance for all the actors involved.”

“Since our audits, we understand that some steps have been taken by social media companies within their revised terms and conditions of service for digital advertising,” it adds. 

The report also includes a passing mention to ongoing regulatory scrutiny of Facebook’s ad platform in Ireland under EU law — focused on concerns that the use of Facebook’s ‘lookalike audiences’ for targeting voters may not comply with the bloc’s GDPR framework.

Information commissioner, Elizabeth Denham, has previously suggested the tech giant will have to change its business model to maintain user trust. But Ireland’s data protection agency has not yet issued any GDPR decisions related to Facebook’s business.

“In the wider ecosystem, the ICO also recognises that there are still other matters that need to be addressed about the use of personal data in the political context,” the regulator writes now. “These include some of the issues set out in the report it made to the Irish Data Protection Commission (IDPC), as the lead authority under GDPR, about targeted advertising on Facebook and other issuing [sp] including where the platform could be used in political contexts. The ICO will continue to liaise with the technology platforms to consider what, if any, further steps might be required to address the issues raised by our Democracy Disrupted report. This will be of relevance to the parties’ use of social media platforms in future elections.”

Lyron Foster is a Hawaii based African American Musician, Author, Actor, Blogger, Filmmaker, Philanthropist and Multinational Serial Tech Entrepreneur.

Continue Reading


The UK approves the BioNTech/Pfizer COVID-19 vaccine for emergency use



The UK government has approved the BioNTech/Pfizer vaccine against COVID-19 for emergency use, following the recommendation of the national medicines regulator.

The UK is the first country to approve the vaccine for widespread use — paving the way for some of the most “high risk” citizens, such as elderly care home residents and front-line healthcare workers, to get the jab before the end of the year.

The BBC reports that the UK’s Medicines and Healthcare Products Regulatory Agency (MHRA) has said the vaccine is safe to be rolled out from next week. Though it’s not yet clear exactly who will get the first doses.


The request for emergency authorization was submitted by BioNTech and Pfizer to the MHRA last month — as well as to regulators in Australia, Canada, Europe, Japan and the U.S., none of which has yet given the go ahead.

In a statement, Albert Bourla, chairman and CEO of Pfizer, described the Emergency Use Authorization in the U.K. as “a historic moment in the fight against COVID-19”.

“This authorization is a goal we have been working toward since we first declared that science will win, and we applaud the MHRA for their ability to conduct a careful assessment and take timely action to help protect the people of the U.K.,” he said. “As we anticipate further authorizations and approvals, we are focused on moving with the same level of urgency to safely supply a high-quality vaccine around the world. With thousands of people becoming infected, every day matters in the collective race to end this devastating pandemic.”

The UK approval is based on trial data, including a worldwide Phase 3 clinical study carried out by BioNTech/Pfizer  which demonstrated an efficacy rate for the vaccine of 95% and raised no serious safety concerns.

The vaccine was also shown to be effective both in participants who had not previously contracted the SARS-CoV-2 virus and those who had — based on measuring efficacy seven days after the second dose.

Efficacy was also reported as consistent across age, gender, race and ethnicity demographics, with an observed efficacy in adults age 65 and over of more than 94%, the companies said.

UK prime minister Boris Johnson tweeted the news of the formal authorization this morning — writing that the vaccine will “begin to be made available across the UK from next week”. A second tweet anticipated how vaccination in general will “ultimately” enable a return to economic life as usual.

The UK has ordered 40M doses of the BioNTech/Pfizer vaccine, or enough vaccine for 20M people (as it requires two doses), though it will take time for the country to receive all the doses ordered.

“The delivery of the 40 million doses will occur throughout 2020 and 2021, in stages, to ensure an equitable allocation of vaccines across the geographies with executed contracts,” the companies wrote in a press release.

“Now that the vaccine is authorized in the U.K., the companies will take immediate action to begin the delivery of vaccine doses. The first doses are expected to arrive in the U.K. in the coming days, with complete delivery fulfilment expected in 2021,” they added.

The UK’s National Health Service is gearing up for what NHS chief executive, Sir Simon Stevens, described as “the largest-scale vaccination campaign in our country’s history”. Per the BBC, some 50 hospitals are on standby and vaccination centers in venues such as conference centres are also being set up.

In comments to journalists this morning, health secretary Matt Hancock said 800,000 doses of the virus will be available next week, with the bulk of the rollout coming in the new year. “We’ll deploy it at the speed that it’s manufactured,” he added.

Hancock said priority for the first batch of jabs will be given to “the most elderly” and people in care homes, including their carers. “Then essentially it comes down the age range. NHS staff are also high on that priority list, and also the clinically extremely vulnerable… those that are particularly vulnerable to coronavirus,” he added.

“The Emergency Use Authorization in the U.K. will mark the first time citizens outside of the trials will have the opportunity to be immunized against COVID-19,” said Ugur Sahin, M.D., CEO and co-founder of BioNTech in a supporting statement. “We believe that the roll-out of the vaccination program in the U.K. will reduce the number of people in the high-risk population being hospitalized.

“Our aim is to bring a safe and effective vaccine upon approval to the people who need it. The data submitted to regulatory agencies around the world are the result of a scientifically rigorous and highly ethical research and development program.”

One remaining question is how long the vaccine’s protection lasts. Given how quickly the BioNTech/Pfizer vaccine has been developed — in a matter of months — there’s no long term data available to answer that yet.

The same is true of COVID-19 vaccine candidates being developed by other companies.

Continue Reading


Spotify launches ‘2020 Wrapped’ with new features including quizzes, badges and, yes, stories



Spotify is today launching its 2020 Wrapped personalized experience — the company’s popular year-end review of users’ favorite artists, songs, genres, and podcasts. This year, however, Spotify is making a few changes. For starters, Wrapped will be exclusively available on mobile for Spotify users, while a web experience will offer a version of Wrapped for non-Spotify users for the first time. To reflect Spotify’s continuing investment in podcasts, Wrapped will also this year include a deeper look into users’ podcast listening habits. And it will include new features, like in-app quizzes, a “Story of Your 2020” dedicated to users’ top song of the year, new Wrapped badges, personalized playlists, customization options for social sharing, and other additions.

The feature will launch in the Spotify mobile app for iOS and Android in global markets to give users their year-end insights. But non-users will get a taste of Wrapped with a web version, where Spotify will share its broader global listening trends, including the most-streamed artist, top three podcasts, and other popular music insights.

Image Credits: Spotify

Spotify on Tuesday had shared some of these trends, noting that Puerto Rican rapper Bad Bunny had claimed the top spot with more than 8.3 billion streams in 2020. The top three podcasts, meanwhile, were The Joe Rogan Experience, TED Talks Daily and The Daily.

This year, podcasts got more detailed in Spotify Wrapped, as well. Though the feature had included podcast insights in prior years, this aspect of the experience is being expanded in 2020 to include added metrics, like how many minutes users spent listening to podcasts in 2020 and the most “binge-worthy” podcasts of the year.

Image Credits: Spotify

A new in-app quizzes feature, meanwhile, will allow users to guess before the trends Wrapped reveals. These quizzes will let Spotify listeners guess which were their top podcasts, top artists and even what decade’s songs they streamed the most. Users will also be able to see what new genres they discovered during the year.

Image Credits: Spotify

Stories, naturally, will make an appearance in this year’s Wrapped, too. The company was recently spotted as testing a Stories feature in its app — a continuation of tests Spotify began last year with Storylines and again in January 2020, when it first began to allow influencers to post Stories to introduce their playlists. Now, those influencers also include musicians themselves, according to the latest tests.

In Wrapped, Spotify is introducing “Story of Your 2020,” which shows your top song from the year from its first stream to its 100th stream and several milestones in between.

Image Credits: Spotify

Premium users will gain access to new badges this year based on how they listened. Some will earn the “Tastemaker” badge, if their playlists gained followers; others will earn a “Pioneer” badge for listening to songs first, before they hit 50,000 streams. The third badge, “Collector,” will be awarded to those who added some number of songs to their playlists this year.

Image Credits: Spotify

Along with Wrapped, users will get access to three new personalized playlists. One, called Your Top Songs, features users’ favorite tracks from the year. Missed Hits, meanwhile, will recommend popular songs in 2020 that you didn’t listen to, but Spotify thinks you would like. And for listeners in the U.S., U.K., Ireland, Australia, New Zealand, and Canada, a third playlist called On Record will introduce a mixed media experience that highlights users’ top 2020 artists.

As always, a big part of Wrapped is the social sharing component. This year, users will be able to personalize their Wrapped sharing card by picking from among four color choices before posting it to Facebook, Instagram, Snapchat or Twitter.

2020 Wrapped arrives today on iOS and Android. Later today, Spotify will also roll out its Wrapped creator experience for podcasters and artists.

Continue Reading


Monzo, the U.K. challenger bank, picks up additional £60M in funding



Monzo, the U.K. challenger bank now with more than 4.8 million customers, has closed another £60 million in funding, priced the same as and effectively an extension of the its previous top-up round in June.

This saw Monzo valued by private investors at around £1.2 billion, marked by industry observers as a down round because it was lower than the upstart bank’s previous — perhaps overheated — valuation before the Coronavirus pandemic skewed leverage in favour of investors or forced a legitimate fintech market correction, depending on your perspective.

The new funding comes from a clutch of new backers including Deliveroo and Stripe investor Novator, Kaiser, and TED Global, as well as existing investor Goodwater. They join the likes of Y Combinator, General Catalyst, Accel, Passion, Thrive and Stripe, who all re-invested earlier this year.

It means Monzo has raised £125 million in funding since COVID-19 struck (an additional £5 million was quietly added during the last top up), and this current extension will be seen as good news for the bank as it looks to continue growing and increasing revenue lines beyond interchange fees.

To that end, Monzo shared some latest numbers with TechCrunch. In addition to approaching 5 million customers overall, it now has more than 60,000 business users — up from 25,000 signups in March — and more than 100,000 customers across its paid-for current accounts, Monzo Plus and Monzo Premium.

Adds Monzo CEO, TS Anil, in a statement given to TechCrunch: “We’ve raised £125 million this year, achieved strong organic growth and are now nearing five million customers, all while becoming the most switched to bank in the U.K. and the top rated for overall service. This news demonstrates the confidence that both our customers and investors have in Monzo”.

Meanwhile, it has been a challenging time for Monzo, as it, along with many other fintech companies, has had to weather the coronavirus crisis and resulting economic downturn. This included utilising the U.K. furlough scheme and subsequently making around 80 employees redundant in the Summer. In addition, there was a round of U.S. layoffs and the shuttering of its Las Vegas-based customer support office.

Like some other banks and fintechs, the coronavirus crisis has resulted in Monzo seeing customer card spend reduce at home and (of course) abroad, meaning it is generating less revenue from interchange fees.

Separately, in May, Monzo co-founder Tom Blomfield announced internally that he was stepping down as CEO of the U.K. challenger bank to take up the newly created role of president. He was replaced as U.K. CEO by then U.S. CEO Anil, who also joined Monzo’s board in replacement of Bloomfield.

Continue Reading