Constituents report MP to ICO over alleged data-protection breach in Facebook post
Data-protection watchdog ‘making enquiries’ after Conservative Gordon Henderson publishes names and partial addresses of local residents who sent him a letter
A Conservative MP has been reported to the Information Commissioner’s Office after constituents accused him of "naming and shaming" them on Facebook.
Tory MP Gordon Henderson was accused of breaching data-protection rules after he published the names and partial addresses of constituents who sent him a him a letter criticising his call for a "yob" who killed an elderly woman to be given the death penalty.
The letter – signed by local resident Ben Franks and backed by a number of other constituents – included, on a separate page, the names and addresses of those supporting it.
Franks said he had included the addresses to comply with rules that say MPs can only reply to people in their constituency, and had not expected them to be published.
But the Sittingbourne and Sheppey MP made the page of names and partial addresses public in a Facebook post challenging the group.
- ICO ‘making enquiries’ after MPs admit sharing passwords with staff
- GDPR: how did we get here, and what on earth happens next?
- Government considers creating social-media regulator with sanctioning powers
A number of those named in the letter have now told PublicTechnology sister publication PoliticsHome they had reported the MP to the ICO over concerns that he has breached data-protection rules.
One said that they were concerned about "politically motivated" attacks as a result of having their address exposed.
"This has left me worrying for the safety of my expectant wife and young son who are often alone at the property," they said. "Thankfully, no incidents have yet occurred. However, it is difficult to not currently be fearful of a potential politically motivated attack, now that our address has been publicly shared."
The local resident added: "This should not be a worry for someone who has simply supported a letter to an MP expressing an opinion. The breach of my personal data has also left me worried about the potential for identity theft. This is more information than I would ever disclose publicly, and feel that this has left me at a higher risk of having my identity stolen."
Another said that constituents should be able to disagree with their MP without being "publicly named and shamed".
But Henderson fired back on Facebook, saying that as the letter had been described as "open" it was acceptable to publish the list of names and addresses.
He said that it was "quite clear" that some of the constituents did not understand what an open letter was – and even provided a dictionary definition to "help them".
"By posting the open letter on my Facebook page I was simply reflecting the 'open' nature of it," the Tory MP said.
"I did so assuming that all the people listed in the letter understood the implications of supporting such a letter and thought it only fair to them that their views should be shared. However, it now appears I was wrong and some of the signatories did not understand what they were doing. I have therefore decided to take the post down and would urge anybody who is tempted to sign an 'open letter' to think twice!"
An ICO spokesperson said: "We have been made aware of an incident relating to an MP’s social media account and will be making enquiries."
Henderson told PoliticsHome it would not be appropriate to comment while the watchdog looked into the matter.
In a lengthy attempt to find out about the security of government’s software systems, PublicTechnology finds a very uneven approach to transparency and what constitutes sensitive...
The UK has tended to only introduce data-protection laws in conjunction with EU legislation and, according to Ray Walsh from ProPrivacy, the post-Brexit world may see the country prioritise...
A major government-commissioned study found that about half of UK organisations are lacking basic security skills. PublicTechnology talks to the researchers behind it to find out where...
CMA says that all of society will lose out ‘if the market power of these firms goes unchecked’
PublicTechnology talks to Rich Turner about why organisations need to adopt a ‘risk-based approach’ to security – but first make sure they get the basics right
CyberArk's David Higgins explores the cyber risks of hiring independent contractors
CyberArk's John Hurst looks at the true cost of GDPR breaches