This article is from the source 'guardian' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at https://www.theguardian.com/politics/2018/sep/29/tory-conference-app-flaw-reveals-private-data-of-senior-mps
The article has changed 12 times. There is an RSS feed of changes available.
| Version 1 | Version 2 |
|---|---|
| Tory conference app flaw reveals private data of senior MPs | Tory conference app flaw reveals private data of senior MPs |
| (35 minutes later) | |
| A major flaw in the Conservative party’s official conference phone application made the private data of senior party members including cabinet ministers accessible to anyone that logged in as a conference attendee. | A major flaw in the Conservative party’s official conference phone application made the private data of senior party members including cabinet ministers accessible to anyone that logged in as a conference attendee. |
| Images posted to social media showed people logging in as Boris Johnson, Michael Gove and others, revealing personal information including their mobile phone numbers. | Images posted to social media showed people logging in as Boris Johnson, Michael Gove and others, revealing personal information including their mobile phone numbers. |
| The personal phone numbers and private details of Gove, Johnson’s real number and seemingly every person who registered to attend the Tory conference were accessible including diplomats, dignitaries and party members. | |
| The Information Commissioner’s Office, the independent authority which upholds information rights in the public interest, said it would be making inquiries about the breach and added that “organisations have a legal duty to keep personal data safe and secure”. | |
| Under the EU’s general data protection regulation (GDPR), organisations must notify the ICO within 72 hours of becoming aware of a personal data breach, if it could pose a risk to people’s rights and freedoms. | |
| The app’s privacy policy states that it “complies with … the European Union’s General Data Protection Regulation (GDPR).” | |
| The data breach could open the Conservative party to fines and an ICO investigation. | |
| Once logged into the app, users were able to both amend and make the personal details of prominent MPs public, with Twitter users claiming Johnson’s picture had been briefly changed to one featuring a pornographic image. | Once logged into the app, users were able to both amend and make the personal details of prominent MPs public, with Twitter users claiming Johnson’s picture had been briefly changed to one featuring a pornographic image. |
| Gove’s picture was changed to Rupert Murdoch, his previous employer at the Times. | Gove’s picture was changed to Rupert Murdoch, his previous employer at the Times. |
| Anyone could log in as any attendee by providing an email with no password. Many MPs had registered with their public parliamentary email addresses, making it simple for any member of the public to access their mobile number. | Anyone could log in as any attendee by providing an email with no password. Many MPs had registered with their public parliamentary email addresses, making it simple for any member of the public to access their mobile number. |
| Commentators said the flaw raises questions over the ability of the government to harness technology to solve issues around the Irish border and customs checks. | Commentators said the flaw raises questions over the ability of the government to harness technology to solve issues around the Irish border and customs checks. |
| Aren't the Torys trying to convince us they can use technology to solve the Irish Border and Custom Checks on mainland...? 🤣 😂 | Aren't the Torys trying to convince us they can use technology to solve the Irish Border and Custom Checks on mainland...? 🤣 😂 |
| The breach enraged senior ministers. One Whitehall source described the error as “fucking ridiculous”. Anger was aimed at Brandon Lewis, the Tory party chairman, whose duties include overseeing the conference. | The breach enraged senior ministers. One Whitehall source described the error as “fucking ridiculous”. Anger was aimed at Brandon Lewis, the Tory party chairman, whose duties include overseeing the conference. |
| Lewis was due to unveil the new app in a speech on Sunday as part of a wider set of measures in an attempt at overhauling “the oldest and most successful political party in the world”. | |
| The party’s first “interactive” conference app allows rank and file members to provide feedback during cabinet ministers’ speeches, among other functions. | |
| It also contains a list of events taking place at the conference including ‘Rise of Tech Giants and Data Capitalism’ and a panel discussion on ‘GovTech and the Future of Public Service Delivery’. | |
| Labour said that the mishap raised questions around national security and recommended the Tories provide basic computer training to its members. | Labour said that the mishap raised questions around national security and recommended the Tories provide basic computer training to its members. |
| “How can we trust this Tory government with our country’s security when they can’t even build a conference app that keeps the data of their members, MPs and others attending safe and secure?” said John Trickett, the shadow Cabinet Office minister. | “How can we trust this Tory government with our country’s security when they can’t even build a conference app that keeps the data of their members, MPs and others attending safe and secure?” said John Trickett, the shadow Cabinet Office minister. |
| “The Conservative party should roll out some basic computer security training to get their house in order.” | “The Conservative party should roll out some basic computer security training to get their house in order.” |
| A Momentum spokesperson criticised the “staggering incompetence” of the Conservative party and cited the success of its own in-house app during the Labour party conference this week. | A Momentum spokesperson criticised the “staggering incompetence” of the Conservative party and cited the success of its own in-house app during the Labour party conference this week. |
| “This sums up the Tories, staggeringly incompetent and out of touch with the modern world,” they said. “They can’t even build a basic conference app without a huge data breach, and it’s terrifying that they’re in charge of the tech that runs our hospitals, schools and airports. | “This sums up the Tories, staggeringly incompetent and out of touch with the modern world,” they said. “They can’t even build a basic conference app without a huge data breach, and it’s terrifying that they’re in charge of the tech that runs our hospitals, schools and airports. |
| “Our conference app was built by a team of volunteers for next to no money, and I’m sure they’d be happy to give the Tories a few tips for next year.” | “Our conference app was built by a team of volunteers for next to no money, and I’m sure they’d be happy to give the Tories a few tips for next year.” |
| Guardian columnist Dawn Foster was among the first to notice the flaw and swiftly raised the alarm on Saturday. | Guardian columnist Dawn Foster was among the first to notice the flaw and swiftly raised the alarm on Saturday. |
| “The Tory conference app allows you to log in as other people and view their contact details just with their email address, no emailed security links, and post comments as them,” she tweeted. | “The Tory conference app allows you to log in as other people and view their contact details just with their email address, no emailed security links, and post comments as them,” she tweeted. |
| “They’ve essentially made every journalist, politician and attendee’s mobile number public. Fantastic.” | “They’ve essentially made every journalist, politician and attendee’s mobile number public. Fantastic.” |
| It's let me login as Boris Johnson, and just straight up given me all the details used for his registration pic.twitter.com/fLNC06azx7 | It's let me login as Boris Johnson, and just straight up given me all the details used for his registration pic.twitter.com/fLNC06azx7 |
| The app, created by an Australian firm called Crown Comms, was updated and the login function removed after concerns were raised with the party. | The app, created by an Australian firm called Crown Comms, was updated and the login function removed after concerns were raised with the party. |
| The Conservative party has been contacted for comment. | |
| Listen / | Listen / |
| Walking the Brexit tightrope at Labour conference – Politics Weekly | Walking the Brexit tightrope at Labour conference – Politics Weekly |
| Sorry your browser does not support audio - but you can download here | Sorry your browser does not support audio - but you can download here |
| and listen https://flex.acast.com/audio.guim.co.uk/2018/09/26-51111-gdn.pol.180926.podcast.mp3 | and listen https://flex.acast.com/audio.guim.co.uk/2018/09/26-51111-gdn.pol.180926.podcast.mp3 |
| Sorry your browser does not support audio - but you can download here | Sorry your browser does not support audio - but you can download here |
| and listen https://flex.acast.com/audio.guim.co.uk/2018/09/26-51111-gdn.pol.180926.podcast.mp3 | and listen https://flex.acast.com/audio.guim.co.uk/2018/09/26-51111-gdn.pol.180926.podcast.mp3 |
| Conservatives | Conservatives |
| Privacy | Privacy |
| Data protection | Data protection |
| news | news |
| Share on Facebook | Share on Facebook |
| Share on Twitter | Share on Twitter |
| Share via Email | Share via Email |
| Share on LinkedIn | Share on LinkedIn |
| Share on Pinterest | Share on Pinterest |
| Share on Google+ | Share on Google+ |
| Share on WhatsApp | Share on WhatsApp |
| Share on Messenger | Share on Messenger |
| Reuse this content | Reuse this content |