摘要:Political parties are among the most lax, unregulated organizations handling large volumes of personally identifiable data about citizens’ behavior and attitudes. We analyze the privacy practices of political parties in Australia, Canada, United Kingdom, and United States to assess the current state of electorate data, compare regulatory efforts, and offer policy recommendations. While data has long been a part of political practice, there has been a revolution over the last decade in the opportunities for gathering, storing, and acting upon data. Candidates, parties, lobby groups and data–mining firms collect massive amounts of data. They trade analytical tools, databases, and consulting expertise on a vast and unregulated market. In these practices, political actors routinely violate the privacy norms of many citizens. There are also documented cases of data breeches in all four countries. Meanwhile, political parties face relatively few restrictions on their use of data, and have developed a wide variety of largely voluntary privacy policies that are inadequate. We argue that some straightforward policy oversight would significantly improve the way personal records are handled by political actors.
