Row explodes over data breach claims in Labour leadership election

Labour’s leadership election has become engulfed in a row over accusations relating to an alleged data breach by the campaign team of frontrunner Keir Starmer.

The Labour Party has reported members of Starmer’s campaign team to the Information Commissioner for allegedly hacking into the membership database, the BBC exclusively revealed on Sunday morning.

Starmer has strongly denied claims that members of his team engaged in “data-scraping” by unlawfully obtaining information from Labour’s Dialogue database – used for phonebanking – to improve their own targeting of potential supporters.

A spokesperson for Keir Starmer’s campaign said: “We categorically reject these nonsensical allegations and are incredibly disappointed that they have been leaked to the media.

“We are still awaiting the party’s formal response to the serious concerns we and others had about access to Labour Party membership data.”

Earlier in the month, HuffPost UK reported that Rebecca Long-Bailey’s campaign had emailed supporters inviting them to phone bank for her – but they had included links to Dialogue, with full access to members’ data.

Leadership candidates are not supposed to be given access to the party’s membership data until after the window for local party and affiliated organisation nominations has closed, which will be on February 14th.

Following the incident that saw emails sent out by Long-Bailey’s team with links to Dialogue, the party suspended its phone banking website. It had been open for any campaign to potentially use.

LabourList understands that the move by Long-Bailey’s team was flagged up with Starmer’s team, which then looked at the campaign emails to investigate the apparent breach of data protection laws.

Starmer’s campaign subsequently wrote to the Labour Party to raise a complaint about the Long-Bailey campaign and/or the party itself breaching data, and then received letters about their own alleged wrongdoing.

Explaining the situation, Starmer’s campaign chair Jenny Chapman told the BBC: “What happened was, another campaign sent out an email to thousands of their supporters saying ‘please follow these links and you can make phone calls on behalf of our candidate’.

“They then proceeded to do that, and found themselves accessing the Labour Party’s phonebank, which obviously the Labour Party isn’t involved in the campaigns and is supposed to be neutral and separate.”

She added: “We looked at it, discovered that that was indeed the case, that which we’d been alerted to. We wrote to the party and said ‘we think there’s something wrong here’.

“And that was really the end of it as far as we were concerned. But we were interested in finding out what had happened, because obviously it’s a very serious breach if that is what was going on.

“The next thing you know, people on our campaign get letters saying ‘actually we think you’ve done something wrong’,” Chapman concluded, adding that the claims against her team were “utter, utter nonsense”.

The BBC has reported that Keir Starmer wrote to the party on Saturday evening and “insisted they were investigating a means of penetrating the database – called Dialogue – with no intention to use it”.

LabourList understands that the party’s tool can track log-ins. Sources say Labour has only reported Starmer’s team because no members of Long-Bailey’s team logged into Dialogue, whereas Starmer’s compliance officer – and another team member – did.

Sources supportive of Starmer have expressed concern that the party’s report to the Information Commissioner alleging a data breach appears to have been leaked to the BBC’s John Pienaar.

“Whoever decided to send these threatening letters to people on the Keir Starmer campaign and then to leak it to the BBC really isn’t doing the Labour party or their preferred candidate any favours here,” Chapman told Pienaar.

Lord Falconer, a minister during Tony Blair’s era, told Pienaar’s Politics that he assumed the move was intended to damage Starmer: “It tells us much more about the sense of the left in Labour losing its grip on the party.”

A Labour spokesperson said: “The Labour Party takes its legal responsibilities for data protection – and the security and integrity of its data and systems – extremely seriously.

“We have written to all leadership candidates to remind them of their obligations under the law and to seek assurances that membership data will not be misused.”

More from LabourList