09/02/2020 14:45 GMT

Keir Starmer Campaign Denies It 'Hacked' Into Labour Membership Database

Case referred to information watchdog. But party facing its own questions after HuffPost UK report.

Barcroft Media via Getty Images

Labour has been plunged into a bitter row over the security of its membership details after Keir Starmer’s leadership campaign was reported to the UK’s data watchdog for alleged hacking.

The allegations, described as “utter nonsense” by the Starmer campaign, were made by party officials against two of his staff in a formal submission to the Information Commissioner’s Office last week.

Allies of the Labour leadership frontrunner believe the claims are part of an attempt to distract from revelations last week that the party itself had failed to safeguard access to its 500,000-plus members in the contest to replace Jeremy Corbyn.

HuffPost UK had revealed that Labour’s ‘Dialogue’ online phone-banking system, which gives any member the ability to ring any fellow party member across the country, was still up and running despite strict rules on access to membership lists during the leadership contest.

Full lists of party members are only meant to be accessible to each leadership campaign from February 14, once candidates have met required nomination thresholds from local parties and affiliates.

Starmer, Long-Bailey, Lisa Nandy and Emily Thornberry are all vying to replace Corbyn with the winner due to be announced on April 4, and the ability to mobilise and lobby individual members is seen as crucial to the election’s outcome.

Starmer team members are accused of “data-scraping”, effectively ‘hacking’ information from a membership database to target their efforts to drum up support.

But Starmer wrote to the party on Saturday night to flatly deny any wrongdoing by his team members. It is suggested that staff were instead trying to highlight weaknesses in the party’s security of access to the membership.

Jenny Chapman, the ex-Labour MP who is chairing Sir Keir’s campaign, said no-one on the team had the “capacity” to hack into any of the party’s databases and “they wouldn’t do it anyway”.

“It’s a very serious accusation and that is why I am here to defend it,” she told BBC Radio 5live’s Pienaar’s Politics. “This isn’t even a situation where you say ‘some over-enthusiastic young volunteers may have done it’. It didn’t happen.”

A spokesperson for Keir Starmer’s campaign added: “We categorically reject these nonsensical allegations and are incredibly disappointed that they have been leaked to the media.

“We are still awaiting the party’s formal response to the serious concerns we and others had about access to Labour Party membership data.”

The Dialogue phonebank tool, which is designed to allow activists to canvass the public and to mobilise fellow party members during general and local election campaigns, was suspended last week.

The move came after HuffPost revealed that that both Momentum and the Rebecca Long-Bailey campaign had last weekend shared links and spreadsheets giving access to parts of the Dialogue database for marginal constituencies.

The Long-Bailey campaign insisted it had “no plans” to use Dialogue and that the anomaly had arisen because old WhatsApp and Facebook groups used during the last election had been included in a reworked version of a Momentum-backed campaign tool.

The ‘Rebecca for Leader’ campaign has since unpublished the Whatsapp groups.

Both the Starmer and Long-Bailey campaigns insist it is the responsibility of Labour HQ to restrict any access to its membership lists in line with rules for the leadership race agreed by the ruling National Executive Committee (NEC).

Following the revelations, Chapman told BBC Radio 5 Live that the Starmer campaign wrote to demand answers on the Dialogue access.

“And we thought that was the end of it as far as we were concerned. And the next thing you know, a couple of people on our campaign get letters saying ‘actually we think you have done something wrong’.

“Labour members want a fair contest. Whoever decided to send these threatening letters to people on the Starmer campaign and then leak it to the BBC are not really doing the Labour Party or their preferred candidate any favours.”

Labour said it had written to Sir Keir and his three leadership rivals to “remind them of their obligations under the law and to seek assurances that membership data will not be misused”.

“The Labour Party takes its legal responsibilities for data protection - and the security and integrity of its data and systems - extremely seriously.”

It is understood that party general secretary Jennie Formby wrote to all candidates following HuffPost’s report and the party is still conducting a thorough investigation.

A source said that during the investigation, “separate matters” came to the party’s attention and as a result and it decided it had a statutory obligation to report it to the Information Commissioner.

In a new and controversial move, candidates also have to pay a £5,000 ‘administration’ fee for access to the lists of party members and trade union and other affiliates.

In theory, all eligible campaigns will from next Friday be entitled to receive lists of members and supporters (affiliated and registered) containing names, telephone numbers and postal addresses.

However, all candidates will now have to provide the party’s HQ with specific information about the technical and organisational measures they have in place to ensure that membership data will be stored and processed lawfully and securely.

One party source told HuffPost that when Dialogue was originally devised in 2017, it was intended to make the party more compliant with data protection rules by allowing activists the ability to ring up voters without knowing their individual phone numbers.

But just weeks before the 2019 election, the party decided to add a new ‘functionality’ to include access to not just individual voters but individual Labour party members too. The aim was to improve the ability to mobilise activists in key seats for the election campaign.

However, it appears that the party failed to switch off the party membership functionality, despite its own rules forbidding access to the member database during the leadership contest until February 14.