×

Our award-winning reporting has moved

Context provides news and analysis on three of the world’s most critical issues:

climate change, the impact of technology on society, and inclusive economies.

Data firm broke Canadian privacy laws with involvement in Brexit, U.S. campaigns -probe

by Reuters
Tuesday, 26 November 2019 22:13 GMT

AggregateIQ Chief Operating Officer Jeff Silvester takes part in a news conference in Ottawa, Ontario, Canada, April 24, 2018. REUTERS/Chris Wattie

Image Caption and Rights Information

Canadian data firm AggregateIQ broke privacy laws with some of the work it did for a leading pro-Brexit group and a number of U.S. political campaigns, according to an official probe

By David Ljunggren

OTTAWA, Nov 26 (Reuters) - Canadian data firm AggregateIQ broke privacy laws with some of the work it did for a leading pro-Brexit group in Britain and a number of U.S. political campaigns, according to a report of an official probe released on Tuesday.

Daniel Therrien, the federal privacy commissioner, along with Michael McEvoy, his counterpart in the province of British Columbia, said AggregateIQ (AIQ) had not done enough to ensure it had the authority to disclose British voter data.

"Canadian organizations operating globally... must ensure they understand and comply with their legal responsibilities in Canada, even when they are operating in foreign jurisdictions," McEvoy told a news conference.

AIQ was hired in 2016 by Vote Leave, which wanted Britain to leave the European Union, to draw up Facebook Inc advertisements aimed at potential voters. AIQ, based in British Columbia, used data gathered online by Vote Leave, which it disclosed to Facebook.

The privacy commissioners found Vote Leave had not explained to respondents that their information might be shared with Facebook, and AIQ failed to make sure it had the right to use the information.

"When the company used and disclosed the personal information of Vote Leave supporters to Facebook... it went beyond the purposes for which Vote Leave had consent to use that information," the commissioners' report said.

"(This) contravened British Columbia and Canadian privacy laws," it added.

The report added that AIQ should make sure it complied with Canadian privacy laws in the future.

AIQ Chief Operating Officer Jeff Silvester said in an email that the firm had already implemented all of the commissioners' recommendations.

The report expressed similar concerns about lack of consent regarding some of the work AIQ had done on campaigns in the United States for Strategic Communication Laboratories, the parent of political consultancy Cambridge Analytica.

Facebook came under pressure last year after revealing that the personal information of up to 87 million users, mostly in the United States, may have been improperly shared with Cambridge Analytica.

In April, Therrien concluded in a separate probe that Facebook committed serious contraventions of privacy law and failed to take responsibility for protecting the personal information of citizens.

Therrien reiterated that he planned to go to court in a bid to force Facebook to correct its privacy practices.

(With additional reporting by Moira Warburton in Toronto; Editing by Bill Berkrot and Dan Grebler)

Our Standards: The Thomson Reuters Trust Principles.

-->