UK government under scrutiny after app data gaffe - Mobile World Live

UK government under scrutiny after app data gaffe

02 OCT 2018

An official UK government app came under fire after users were able to access personal information of senior party members, potentially putting it in breach of EU data laws.

BBC News reported the ruling Conservative Party’s official conference app, most recently used for an event in the city of Birmingham, allowed attendees to access details of MPs including phone numbers.

Users were able to login as an MP by second-guessing email addresses, which was typically a public parliamentary account, and accessing their personal details without the need for a password.

Once logged in, a user could also amend personal profiles, with at least two high profile members of the government having their accounts vandalised. Users were also reportedly able to access personal details of other people attending the event.

Australia-based CrowdComms, the company behind the app, released a statement apologising for the error, which it said was rectified within 30 minutes.

The UK Information Commissioner’s Office also said it would be investigating the issue, stating “organisations have a legal duty to keep personal data safe and secure.

Newspaper The Guardian noted the breach could run foul of the EU’s General Data Protection Regulations (GDPR), which the app’s privacy policy states it is compliant with.



Kavit Majithia

Kavit joined Mobile World Live in May 2015 as Content Editor. He started his journalism career at the Press Association before joining Euromoney’s graduate scheme in April 2010. Read More >>

Read more