Data Security
Introduction
It is vital that the personal data in our care is handled in the most secure way possible. It is therefore important that you help to promote a culture of good practice when it comes to handling personal data within your local party. This can be achieved by making sure that everyone handling data understands the importance of encryption, following the process of download – use – delete and use of safe data sharing methods.
Personal data should be used in Party approved systems whenever possible. These systems store data securely, data is deleted after agreed retention periods, and they support the rights of individuals under UK GDPR.
However, there are times when data needs to be shared outside of the approved systems.
Whenever possible we recommend that you Download – Use – Delete. That is download only the data you need from the approved systems. Use the data as you need. Then when you have finished, delete it.
If, however, you do need to share the data outside one of the approved systems, then the files must be encrypted before sending. You also need to inform the recipient that they also need to Download – Use – Delete. Further detail is explained below.
Encryption
When sending personal data outside of the Lib Dems systems it is absolutely crucial that you encrypt the data first. Full details on how to encrypt personal data can be found here.
Downloading Data
Personal Data should only be downloaded from outside the Lib Dems systems in cases of necessity. If it is necessary to download data, you must follow the process of Download – Use – Delete:
Download
All information we use should be coming from a limited number of sources. For example: Lighthouse for members, Connect for canvassing and Targeted Email / Prater Raines for online email sign-ups.
All of the above provide safe storage for data at rest, which from a data security standpoint is important.
Before downloading anything make sure that you have identified opt-outs and unsubscribes.
Use
When using personal data, there are a few things you need to keep in mind. Firstly, where did it come from and why was it collected. Data should only be used in accordance with the reason specified when first collected. We must respect where we have only gained consent to contact a person about a named campaign.
Secondly, think about who will be seeing the raw data, and whether you absolutely need to share it. For example, a printer obviously needs to see a list of names and addresses to produce a targeted mailing. However, the supporter delivering the same mailing would be unlikely to need that information on a list.
When you have to share data, make sure that any file is encrypted and sent by a secure method of transfer.
By keeping the pool of people accessing and using a data set to a minimum, the risk of a data breach is reduced proportionally.
Delete
Wherever possible the ideal remains not to store data in the first place.
Where there is data you cannot avoid storing on your computer, then the hard drive must be encrypted. Overall it is easier and safer to delete a file from your computer once finished with the data. The same is true for hardcopies.
Once you have finished entering data from a canvass session (for example) the best place for the sheet is in a shredder or secure disposal bin. In no terms should paper displaying any personal data be re-used, recycled whole or put in the rubbish.
If you have a Local Party office, it is advisable to keep on top of how much hard copy data you store and have regular clear outs to ensure you are reducing the risk of personal and confidential information being kept for no reason. Where you work from home, the same principle applies - have regular clear outs and shredding / secure disposal of what you no longer need.
Keeping the Lib Dem data you hold to a minimum, reduces the risk of it being stolen, seen by those who should not have access, used in error or sent to someone it shouldn’t be.
Sharing Data
Sharing Passwords
Passwords for sharing encrypted files should only be used once. In particular you should not re-use a password that you have used to login to any internet accounts.
If you share an encrypted file, you will also need to share the password. You must share the password via a different method from sharing the encrypted file itself. So if you email an encrypted file as an attachment, or send the link to it, the password must not be sent by email. Passwords should instead be sent by text message, phone call, or a secure messaging platform, such as WhatsApp.
Sharing with Email
Sharing files via email is probably the easiest method to share data. Download the data from the approved system. Encrypt the file using one of the methods given in the Encryption Guidance. Attached the encrypted file to your email and send to your intended recipient.
You must send the password for the file by another method than email. For example, you can use text message, phone call or secure messaging platform such as WhatsApp. If you are planning on encrypting the file using Microsoft Office or LibreOffice’s built in encryption, you will need to make sure that the recipient has access to a recent version of that software.
If you use 7-zip for Windows or Keka for Mac, you will need to advise the recipient that they will need to download the appropriate software to open it.
You can simply copy and paste the following text into your email.
“To open the attached file(s), you will need to download either 7-zip for Windows at https://www.7-zip.org or Decompressor for Mac, which is available on the Mac App Store at https://itunes.apple.com/gb/app/decompressor/id1033480833?mt=12.”
You will also need to add:
“I will send you the password separately, but not via email”
Egress Switch
Egress Switch (https://switch.egress.com) is a secure email service used by many councils, in particular to deliver the electoral register to Lib Dem HQ. Unfortunately Egress no longer offers a free service, however for those who still use this service, the following steps should be taken:
1) Once you are logged in, you simply need to click on “New Secure Email” in the menu on the left-hand side of the website.
2) You can then draft an email as normal and add attachments. These do not need to be encrypted, as Egress Switch encrypts them for you.
3) The recipient also needs to have registered for an Egress Switch account to be able to read the encrypted email. You also need to inform them that they need to Download – Use – Delete the data that you have sent them, and not store the data un-encrypted. However this may be a simpler method for them to read data online without having to use encryption software.
Flash / USB / Thumb Drives
Flash, USB or Thumb Drives should never be used to store or share personal data. They have a wide range of insecurities, are easy to lose and often used to spread malware. The use of them for Liberal Democrats Data is prohibited.
Other electronic methods of data sharing
No other methods of sharing personal data electronically are approved by the Liberal Democrats.
Sharing Physical Data
When sharing physical data, for example, canvass lists, membership lists, sign-up sheets. These can obviously be hand-delivered or sent by mail. Ideally when posting by hand, put the print out in a sealed envelope, addressed to the attended recipient, to try to ensure that only that person will be able to see the content.
We suggest that you stress to the recipient that they use the data and then either return it to you or destroy it securely.
Physical copies of personal data should always be shredded before being disposed of or using a secure disposal service.