As campaigns ramp up for candidates, political parties and super PACs, it is time for politicians to think about the privacy, security and sensitivity of the information their donors and constituents entrust to them. The nation has been alarmed by data collection practices in the public and private sector, including those of the NSA. Now candidates must examine their own practices. Digital data is the lifeblood of the economy but it is being exploited daily by cyber-criminals and state sponsored actors placing America at the crossroads of a trust meltdown, underscoring the need for candidates to walk the talk and put voters and their privacy at the forefront.
While politicians have been successful in obtaining “carve outs” from anti-spam and related legislation, based on a preliminary review OTA believes most consumers would be surprised at the liberties being taken with their data when they donate or volunteer to help a candidate. Even though the language of many candidates’ privacy policies may disclose they share personal information broadly with others (other candidates, organizations, campaigns, groups or causes that THEY believe have similar political viewpoints, principles or objectives), my question is: how many consumers actually realize this or read it?
In this post-Snowden era with its increased anxiety regarding industry privacy practices, including those of Google, Facebook, Apple, Microsoft and others, it is time to realign data privacy to consumer expectations. OTA calls for greater disclosure on collection, use, retention and sharing as well as the ability for consumers to opt out (or ideally opt in) of all such sharing.
It’s time to move beyond outward facing messages to a recognition that it is each candidate’s duty to protect and be a steward of the data and personally identifiable information voters entrust to them. Make respect for consumers and their privacy part of your political platform. Complete a self-audit to see whether your campaign or candidate can make the grade. OTA has resources, tools and guidance available to help candidates understand and implement best practices to help keep their sites, messaging and data safe.
- Do you restrict data sharing to only third parties necessary to support your campaign and do they commit to hold all such data in confidence?
- Do you honor a donor’s request to unsubscribe from your mailing lists and remove their data from your database?
- Is your privacy policy accessible via a link on the footer of every page, date stamped and are its updates archived?
- Do you disclose and respect a user’s browser “Do Not Track” setting?
- Can a reader comprehend your privacy policy? Can you rewrite your privacy policy as a short layered notice; challenge yourself to write a short layered policy under 500 words that is written for the consumer vs. attorneys?
- Is your policy multi-lingual and/or localized in the primary language of your constituents?
- Are you prepared for a data breach? Do you have an incident readiness plan?
- Are your email servers configured to help protect consumers from spear phishing and forged email?
- Are you adhering to best practices to help protect and secure data or are you following in the footsteps of Wyndham Hotels?
- If you were a business would you be able to pass muster with the FTC or California Department of Justice?
Let’s work together in a bi-partisan effort to respect voters’ data and their privacy. For more information and resources on how sites can adopt trustworthy best practices see the annual Online Trust Audit and methodology. OTA is here to help!