OTTAWA — The electoral fraud committed by someone with access to the federal Conservative Party’s database of voter information has prompted calls for political parties to be held accountable for any misuse or loss of the thousands of pieces of data they collect about Canadians.
Last Thursday, in a ruling overshadowed by the Senate expense scandal, Federal Court judge Richard Mosley found that electoral fraud had occurred in several ridings during the 2011 election. The judge pointed the finger at the Conservative Party’s database CIMS, the Constituency Information Management System, and said it was the source of information used by somebody to engage in voter suppression tactics, including phone calls to non-Conservative voters telling them their polling station had been moved.
The CIMS contains names, phone numbers, voting intentions and policy preferences on hot button issues. The federal Liberals and the NDP maintain similar stockpiles of information, but the Conservative database is widely regarded as the most comprehensive.
The so-called “robocalls” case, which was brought by the Council of Canadians on behalf of voters in six ridings, raises questions about who should be held accountable if the databases MPs and political parties build are compromised — willingly or unwillingly, said Duff Conacher, the founding director of Democracy Watch.
“There should be requirements in terms of protecting access to it and if a breach occurs and it is shown that it didn’t meet those requirements, then the party should be liable,” Conacher said.
B.C. Civil Liberties Association policy director Micheal Vonn said political parties should be brought under the oversight of the Privacy Commissioner, who should be allowed to investigate abuses and sanction offenders.
“(Politicians have) actually carved out a rule-free zone around federal political parties and their use of data,” Vonn said. “Other than the criminal law or torts, there are no statutes that govern. (Political parties) are outside of privacy regimes. And we have to question why that would be?”
Mosley said he could make no finding of direct involvement in the electoral fraud by the Conservative Party, any Conservative candidates or individuals with Tory ties. However, he ruled the fraud was committed by “a person or persons currently unknown” who had accessed the Conservative database.
Asked about the database breach, Conservative Party spokesman Fred DeLorey said: “We take security very seriously.”
He refused, however, to elaborate on the CIMS’ safeguards. Sources have told HuffPost, however, that the CIMS’ safeguards include passwords for need-to-know access and tracking of individual accounts.
In a recent report, Marc Mayrand, head of Elections Canada, called for political parties to be subject to privacy principles outlined in existing privacy legislation. The chief electoral officer also recommended that political parties be liable for the misuse or loss of voter information they collect unless they can show they exercised due diligence.
Elections Canada spokesman John Enright said the nature of the precise sanctions and penalties have yet to be determined and that recommendations would come in Mayrand’s second report, which would be released some time before the 2015 election.
That’s too far off to influence any of the Conservative government’s proposed changes to the Canada Elections Act. Those changes were supposed to be tabled earlier this spring but the government yanked its own bill at the last minute for unexplained reasons.
“We’re taking the time to get it right,” said Cory Hann, spokesman for Democratic Reform Minister Tim Uppal.
In his ruling, Justice Mosley said the Tories had engaged in “trench warfare” to prevent the case from being heard. (The Conservative Party had tried repeatedly to get the case thrown out and accused the Council of Canadians of trying to overturn election results it didn’t like.)
The opposition picked up on this part of the judge’s decision and accused the Conservative government of trying to block the court proceedings “by any means.” Uppal told the House of Commons Monday that the judge had upheld the election results because of a lack of evidence. He pledged to bring forward amendments to the elections law in the “not too distant future.”
In drafting the government’s proposed changes, Uppal’s office has never contacted Elections Canada or Mayrand directly to ask for advice.
Privacy Commissioner Jennifer Stoddart has highlighted the gap that exists between political parties and other federal and private-sector privacy requirements, but she’s stopped short of calling for parties to be included in federal legislation. Stoddard and assistant commissioner Chantal Bernier have said it is “up to Parliamentarians to determine how these issues could best be addressed.”
Stoddard, however, has stated repeatedly that Canada’s privacy laws are outdated. Last week she called for stronger enforcement powers, such as financial penalties when circumstances warrant.
“It is increasingly clear that the law is not up to the task of meeting the challenges of today – and certainly not those of tomorrow,” she said in a statement.
Vonn said the problem right now is that the Privacy Commissioner can only make recommendations. “It boils down to stern words and what we want to know is that the problem is going to be corrected and that you actually have rights,” Vonn said.
There needs to be penalties, she added.
“A federal political party could get my information and do anything with it,” she said. “Clearly what the robocalls scandal has pointed to is that there is no oversight of what is happening with information that is collected by federal parties.”