Data as a Political Asset

Assets can be broadly understood as items or goods of value that belong to an individual, company or government. Simply put, an asset has the potential to benefit the entity that owns it. The massive amounts of consumer data that are collected daily, as processes are increasingly moved online, gives political actors unprecedented insights into their voter base.

This information has typically been found in consumer-driven marketing, and the same data brokers are now selling it to politicians. This data can expand on constituent files that contain demographic and personal information of voters, much of the data collected without their knowledge. These databases are incredible resources for helping political actors to obtain or maintain power. Like any other asset, they can be traded, sold, gifted or shared with actors in the same party, or with outsiders.

However, large data sets can also become a political liability. Liabilities decrease the value, wealth or standing of the entity that owns it. Databases are expensive to maintain and require specialised skills within a team. If the data is not properly cared for, the quality can decrease and lose value. Voter data is also just as much a target of malicious hacks and breaches as any other form of data and can be susceptible to leaks, which have the possibility to lessen the value of the data set and hurt the credibility of the party or organisation.

Learn about some of the definitions of tools and technologies used to support data as an asset:

Consumer Data

Consumer data can be gathered from traditional data brokers, like LiveRamp or Experian; from internet platforms, like Meta (and the Facebook ecosystem) and Google (and its services); or from political consultancy firms, like i360.

The types of data being aggregated – from 2.5 quintillion bytes of data – ranges from basic attributes such as age or family size, to small details about a person, like what types of movies they like or the kind of car they drive. It is then used to supplement a candidate, party or campaign's existing data on voters, create new audiences for targeting or infer future voting patterns.

Data sources and how they are implemented as advertised by Experian, Source: Experian ConsumerView Infographic

See for yourself

Have you ever wondered how advertisers, be they commerce or political in purpose, view their 'audiences'?

Acxiom UK's Personicx market segmentation tool "utilises a wealth of demographic, geographical, lifestyle and behavioural information." You can enter a UK postcode into its Segment Lookup to see how the company has categorised individuals, including voters, living in that area. Political parties, candidates and campaigners use these results in order to tailor and target political messaging at voters. The President and CEO of LiveRamp gave a glimpse into the vision of the company:

Voter Files

Voter files are often constructed from publicly accessible information as well as proprietary data acquired from outside sources, such as polling, canvassing or other digital profiling techniques.

For example, in Chile, the electoral register is freely accessible and contains information on all Chileans over 17 years of age. While regulations prohibit using this data for commercial uses, there are few other limitations on it.

The value of voter files has increased considerably due to advances in methods for collecting, analysing and utilising vast amounts of personal data. Parties can build their data from four main sources: electoral registers, polls and surveys, party membership registers, online public data or commercial data brokering companies. A voter file system allows campaigners to retain information on their constituents' basic demographics, activities or interactions with the political party, or topical interests. It also allows them to combine and analyse data to create groups within their audience called 'segments' and to create a ranking or score of their likelihood to be for or against certain candidates or policy positions.

Hear for yourself:

"So if you go to a black market here—and everybody goes there, we go there to to buy our stuff—you will find this database there, on a CD, and it will be like $5 to buy that."

Listen as digital rights activist, Eliana Quiroz, talks about how voter files in Bolivia can be accessed:

Find Eliana's full interview audio and transcript or listen on PeerTube

See for yourself

L2 - a voter data company with a focus on geospatial functionality, for example – has in the past advertised to enhance a campaigns voter files with data modeling using proprietary algorithms and insights into self-reported views on political issues such as:

• election of conservative judges
• gay marriage
• gun control
• immigration
• abortion

L2 advertises millions of records to enhance voter files, Source: Web Archive: L2

Breaches, leaks, and hacks

Voter data can be exposed by a malicious hack, an accidental leak, poorly configured security settings, or the physical theft of hardware. Regardless of the point of exposure, compromised voter data usually includes sensitive and personally identifiable information.

In practice

• In March 2017, two laptops belonging to Hong Kong's Registration and Electoral Office were stolen during the AsiaWorld-Expo. The hardware contained information about all of Hong Kong's 3.78 million registered voters, including their names, addresses, ID card numbers, mobile phone numbers and the geographic constituencies in which they were registered.
• NGP access credentials were found as part of the US-based firm Rice Consulting breach. The exposed data was found using an Internet of Things search engine.

A redacted spreadsheet of NGP access credentials as found in the Rice Consulting breach, Source: More than just a Data Breach: a Democratic Fundraising Firm Exposure.

• In 2016, security researchers Chris Vickery located the Mexican voter roll, containing the personal records of 87 million Mexican voters, in a poorly configured database hosted on Amazon Web Services.

See for yourself

Knowing whether your data or the data held on you by political parties was subject to a data leak, breach or hack is not very straightforward. Specialised websites can help you discover if your email address was caught up as part of a data breach - if the breach becomes public. These include Have I Been Pawned and Firefox Monitor. They, for example, list the Republican Party of Texas as having been part of a data breach which exposed email addresses, names and geographic locations.

Otherwise, an old fashioned search of the web can be a sure source for information on which parties or candidates have been subject to a cybersecurity incident. As of writing, recent examples include a data breach affecting Malta's Labour Party voter list and a ransomware attack targeting the UK's Labour Party.