The BC Green Party strongly believes that all organizations must diligently protect the privacy and confidentiality of personal information. For these reasons, I want you to be aware of a review our staff recently conducted of our past relationship with a Victoria-based technology company, AggregateIQ (“AIQ”). Our primary concern was the possible misuse of BC Green Party data, which AIQ had access to.
We have determined that there is no evidence to suggest that any BC Green Party data was misused, but being transparent with you about the concerns that led to our review is important to us.
In January 2016, AIQ started work on a new voter contact database and website for our party. By August of that year, we determined that the project was not meeting our priorities and we ended our relationship with AIQ. In recent weeks, AIQ has been increasingly named in the media for its ties to a British company, Cambridge Analytica, which is alleged to have misused personal information and data, as well as contravened political finance rules in the United Kingdom. These allegations concerned us, because we take the security of your personal information very seriously.
AIQ was given access to our existing voter database under the terms of a non-disclosure agreement (“NDA”). The NDA bound AIQ to keep BC Green Party data private and confidential, as well as delete that data at the end of the relationship. We did not have any concern for the security and integrity of BC Green Party data during the course of our working relationship with AIQ, which ended in August 2016. The allegations we are seeing in the media, however, are serious. That’s why we determined a review was prudent and necessary to ensure the security of party data.
In the course of our review, we:
- Reviewed documents and correspondence between the party and AIQ, including the NDA;
- Consulted with the Office of the BC Privacy Commissioner for support and recommendations;
- Requested and received written confirmation from AIQ that all BC Green Party data was destroyed in August 2016.
Although political parties are not required to disclose concerns or reviews such as this, particularly when those reviews do not reveal anything improper, we felt it was important to let you know about the actions we are taking to ensure a high standard for the protection of your personal information.
We will continue to improve our policies and procedures regarding the protection of personal information. For example, over the course of this review, we learned that staff changes since 2016 made it more difficult for us to determine the specifics of the work done by AIQ. To prevent this in the future, we are hiring an IT staff person whose responsibilities will include clear documentation of the details of work by third-party contractors who are granted access to our data.
If you would like more information regarding the review of the work done by AIQ, please reply to this email. You can also contact our Privacy Officer at firstname.lastname@example.org.
BC Green Party