Module II > Section II

Data as a Political Asset

As massive amounts of data on individuals are accumulated and used in the political process, it creates significant assets and liabilities for political parties and campaigns. In the race to source and analyse data on voters, members of their audiences, or citizens, campaign groups may purchase data from the commercial sector as well as assemble voter files through in-house data collection and even trade, share or sell their voter data to other campaigns. Political data collected as an asset can also become a liability – for example, when a data breach, leak or another type of exposure of the data occurs.

Assets can be broadly understood as items or goods of value that belong to an individual, company or government. Simply put, an asset has the potential to benefit the entity that owns it. The massive amounts of consumer data that are collected daily, as processes are increasingly moved online, gives political actors unprecedented insights into their voter base.

This information has typically been found in consumer-driven marketing, and the same data brokers are now selling it to politicians. This data can expand on constituent files that contain demographic and personal information of voters, much of the data collected without their knowledge. These databases are incredible resources for helping political actors to obtain or maintain power. Like any other asset, they can be traded, sold, gifted or shared with actors in the same party, or with outsiders.

However, large data sets can also become a political liability. Liabilities decrease the value, wealth or standing of the entity that owns it. Databases are expensive to maintain and require specialised skills within a team. If the data is not properly cared for, the quality can decrease and lose value. Voter data is also just as much a target of malicious hacks and breaches as any other form of data and can be susceptible to leaks, which have the possibility to lessen the value of the data set and hurt the credibility of the party or organisation.

Learn about some of the definitions of tools and technologies used to support data as an asset:

Consumer Data

Consumer Data: Information that will help a service provider, merchant or advertiser better understand the needs and preferences of individual customers or groups of customers.

Consumer data can be gathered from traditional data brokers, like LiveRamp or Experian; from internet platforms, like Meta (and the Facebook ecosystem) and Google (and its services); or from political consultancy firms, like i360.

The types of data being aggregated – from 2.5 quintillion bytes of data – ranges from basic attributes such as age or family size, to small details about a person, like what types of movies they like or the kind of car they drive. It is then used to supplement a candidate, party or campaign's existing data on voters, create new audiences for targeting or infer future voting patterns.

Data sources as advertised by ExperianData sources and how they are implemented as advertised by Experian, Source: Experian ConsumerView Infographic

See for yourself

Have you ever wondered how advertisers, be they commerce or political in purpose, view their 'audiences'?

Acxiom UK's Personicx market segmentation tool "utilises a wealth of demographic, geographical, lifestyle and behavioural information." You can enter a UK postcode into its Segment Lookup to see how the company has categorised individuals, including voters, living in that area. Political parties, candidates and campaigners use these results in order to tailor and target political messaging at voters. The President and CEO of LiveRamp gave a glimpse into the vision of the company:

Our goal is to connect every piece of data with every person on the planet with every available use case that matters... If we can accomplish that, amazing things can happenScott Howe, President & CEO, formerly Acxiom - now LiveRamp

Voter Files

Voter Files: Digital profiles of individual voters that are collected into databases, such as customer relationship management systems, for political campaigning and donation solicitation purposes.

Voter files are often constructed from publicly accessible information as well as proprietary data acquired from outside sources, such as polling, canvassing or other digital profiling techniques.

For example, in Chile, the electoral register is freely accessible and contains information on all Chileans over 17 years of age. While regulations prohibit using this data for commercial uses, there are few other limitations on it.

The value of voter files has increased considerably due to advances in methods for collecting, analysing and utilising vast amounts of personal data. Parties can build their data from four main sources: electoral registers, polls and surveys, party membership registers, online public data or commercial data brokering companies. A voter file system allows campaigners to retain information on their constituents' basic demographics, activities or interactions with the political party, or topical interests. It also allows them to combine and analyse data to create groups within their audience called 'segments' and to create a ranking or score of their likelihood to be for or against certain candidates or policy positions.

Elements of voter files, such as email lists, are also known to be traded, sold or made available between candidates and national and local level parties in some political contexts.

Hear for yourself:

"So if you go to a black market here—and everybody goes there, we go there to to buy our stuff—you will find this database there, on a CD, and it will be like $5 to buy that."

Listen as digital rights activist, Eliana Quiroz, talks about how voter files in Bolivia can be accessed:

Find Eliana's full interview audio and transcript or listen on PeerTube

See for yourself

L2 - a voter data company with a focus on geospatial functionality, for example – has in the past advertised to enhance a campaigns voter files with data modeling using proprietary algorithms and insights into self-reported views on political issues such as:

  • election of conservative judges
  • gay marriage
  • gun control
  • immigration
  • abortion
Screenshot of L2 homepage.L2 advertises millions of records to enhance voter files, Source: Web Archive: L2

Breaches, leaks, and hacks

Breaches, leaks, and hacks: External person or group gains access to sensitive or personal data that should have been secured by the collecting or owning entity.

Voter data can be exposed by a malicious hack, an accidental leak, poorly configured security settings, or the physical theft of hardware. Regardless of the point of exposure, compromised voter data usually includes sensitive and personally identifiable information.

As much as data on voters can be a political asset, it can also be a liability. Hear from an Expert

Listen to cyber security expert, Bob Diachenko, talk about his experience getting in touch after discovering a data breach:

Read the transcript and listen to the entire interview here.

In practice

  • In March 2017, two laptops belonging to Hong Kong's Registration and Electoral Office were stolen during the AsiaWorld-Expo. The hardware contained information about all of Hong Kong's 3.78 million registered voters, including their names, addresses, ID card numbers, mobile phone numbers and the geographic constituencies in which they were registered.
  • NGP access credentials were found as part of the US-based firm Rice Consulting breach. The exposed data was found using an Internet of Things search engine.
Leaked NGP access credentialsA redacted spreadsheet of NGP access credentials as found in the Rice Consulting breach, Source: More than just a Data Breach: a Democratic Fundraising Firm Exposure.
  • In 2016, security researchers Chris Vickery located the Mexican voter roll, containing the personal records of 87 million Mexican voters, in a poorly configured database hosted on Amazon Web Services.

See for yourself

Knowing whether your data or the data held on you by political parties was subject to a data leak, breach or hack is not very straightforward. Specialised websites can help you discover if your email address was caught up as part of a data breach - if the breach becomes public. These include Have I Been Pawned and Firefox Monitor. They, for example, list the Republican Party of Texas as having been part of a data breach which exposed email addresses, names and geographic locations.

Otherwise, an old fashioned search of the web can be a sure source for information on which parties or candidates have been subject to a cybersecurity incident. As of writing, recent examples include a data breach affecting Malta's Labour Party voter list and a ransomware attack targeting the UK's Labour Party.

Reading List

Every voter in Israel just had their data leaked in ‘grave’ security breach, Michael Grothaus, Fast Company, 2020, https://www.fastcompany.com/90462342/every-voter-in-israel-just-had-their-data-leaked-in-grave-security-breach.

The Little-Known Data Broker Industry Is Spending Big Bucks Lobbying Congress, Alfred Ng and Maddy Varner, The Markup, 2021, https://themarkup.org/privacy/2021/04/01/the-little-known-data-broker-industry-is-spending-big-bucks-lobbying-congress.

First published: November 5, 2021Updated: November 26, 2021

Sections for Module 2

More Learning Modules