Tech

Don’t expect Tories to be punished for data breach

Another day, another data breach.

Less than 24 hours after Facebook admitted 50 million users had been exposed to hackers, the Conservative Party Conference discovered a flaw on its app, which allowed anyone to pick up the email addresses and phone numbers of attendees.

Both times I had the same reaction: shocked, yet not surprised.

Shocked, because this is an extremely basic error, with potentially serious consequences.

The data leaked wasn't that intimate – like medical records, say, or home addresses – and these are public people whose details are often available.

But the importance of personal data depends to some extent on the importance of the person, and the individuals made accessible here included some of the most senior in the country.

Image: The phone numbers of MPs including Boris Johnson were publicly accessible

When Russian agents hacked the US Democratic Party in 2016, the breach came after Hillary Clinton's campaign chair clicked on a link in an "reset your password" email.

If a hacker can send the chancellor a link on WhatsApp, that's a risk that deserves to be taken seriously.

Yet, despite this, it was hard to feel any surprise. Partly because political parties are among the worst offenders when it comes to data protection regulation but also because data hacks, leaks and breaches have become the new normal.

Our most intimate details – everything from where we work to how long we sleep – are piling up like silt, ready to be dug into by whoever comes along.

For that reason, there is little chance that this incident will merit the fines of up to £17m now possible under the new GDPR regulation.

The Information Commissioner's Office has said it is investigating, but, as one senior lawyer told me: "The reality is that nothing will happen."

Even if the ICO had the appetite or resources to deal with every data leak that came along – which it doesn't – there are far worse incidents occurring nearly every day. We shrug, roll our eyes, and move on.

So the real questions raised by this incident are not legal, but political.

More from Conservatives

With the Conservatives pushing hard to regulate the internet, promoting massive collection of data and challenging technologies such as encryption which could keep it safe, what does it mean when they can't safeguard their own delegates?

That's a question worth texting straight to every member of the cabinet.

Original Article

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *