OTTAWA—Parliament needs to address political parties’ ability to operate outside the Canada’s privacy safeguards, the federal privacy watchdog says.

Currently there are no rules governing how political parties collect and use sensitive personal information about Canadians, such as political beliefs, family composition, and financial information.

Privacy Commissioner Daniel Therrien has argued for the need for oversight into parties’ data activities. But Therrien isn’t arguing just for oversight — he wants some basic rules.

“There are no rules governing how much information political parties can collect, how political parties can use that information, with whom they can disclose that information,” Therrien said in an interview with the Star last week.

“All of these rules that apply to government departments, or to private organizations, which are basic privacy safeguards, (they) do not apply to political parties.

“And that is simply an important gap that has to be addressed.”

The Star reported on Sunday that a House of Commons committee is considering looking into how political parties use data harvested from millions of door-to-door interactions, fundraising drives, and other interactions with citizens.

Very little is known about the extent of parties’ data operations. All three major parties — Liberals, Conservatives and the NDP — have either recently overhauled their database programs or are in the process of doing so.

At the recent Liberal party convention in Winnipeg, senior staff close to Prime Minister Justin Trudeau told the crowd of party faithful how data helps drive their successful election campaign.

“Some of us had the pleasure of spending time debating every metric, from eyeballs on Facebook versus YouTube videos, to ratios to door knocks to phone calls, from radio ad buys against TV ad buys, and which baseball game more Canadians might be watching,” said Katie Telford, Trudeau’s principle secretary, in May.

“We spent our days and many nights talking about numbers and turning each one of them into a meaningful element of the campaign.”

While the metrics Telford listed may not include private information, her speech illustrated just how central data and analytics have become to modern Canadian elections. The Conservatives early mastery of this side of politics, through their Constituent Information Management System (CIMS), was credited as one of the reasons the party stayed in power for almost a decade.

The New Democrats, too, have developed a new database system called “Populus,” which tracks basic information about citizens but also interest in specific political issues.

But all of these data operations are running with, at most, voluntary privacy policies and practices with no independent oversight or governing rules.

Therrien said that the kind of information collected by parties is among the most sensitive information Canadians hold.

“Data about political affiliation or political views is, of course, quite sensitive,” Therrien said.

“If you look at the most sensitive personal information that can be collected, you have health data, political beliefs, this would rank right up there in terms of the sensitivity of the information.”

Loading... Loading... Loading... Loading... Loading... Loading...

It’s not only internal misuse that’s a danger, the privacy commissioner said. The recent hack of the Democratic National Committee in the United States, reportedly by Russian state-sponsored hackers, shows national politics and political parties need to be extremely careful about cybersecurity. And if it could happen in the United States, it could happen in Canada.

“I’m sure (parties) make some effort to safeguard this information, but it is vulnerable to hacking for sure,” Therrien said.

Successive privacy commissioners have done everything they could to move the issue forward, Therrien said, and it remains up to parliamentarians to “actually do something about it.”