Spy Blog readers may recall our criticism of US style political campaigning web services "as used to help President Barack Obama get elected":
How sneakily are Blue State Digital tracking NGO political campaign emails ?
Several UK NGO's looked at this technology and chose to make use of it, without using its most privacy endangering features such as the use of hidden "web bug" graphics in HTML emails.
Just in case you thought that the Labour party has somehow changed its penchant for control freakery and mass surveillance, the iPad wielding apparatchiks have now launched a campaign website for the odious Ken Livingstone in his attempt to get re-elected as Mayor of London called http://yourken.org
The social media integrated web based political campaign service which the yourken.org website is using is called NationBuilder.com based in California, USA.
Snazzy integrated political campaign tools - but no privacy
To a political campaign or other non government organisation, this commercial service offers some snazzy tools, setting volunteer activists goals to achieve in terms of organising events or spreading the campaign message. There are blog pages and Google Maps showing where registered supporters are located , with tools to graphically "turf carve your voter file" amongst different local organisers etc. There is integration with Twitter and FaceBook.
All very slick, but all very American when it comes to privacy and data protection - there is none.
NationBuilder.com clearly states in its "privacy" policy that they make routine use of web tracking technologies like "web bugs":
Clear Gifs Information: When you use the Service, we may employ clear gifs (also known as web beacons) which are used to track the online usage patterns of our users anonymously. In addition, we may also use clear gifs in HTML-based emails sent to our users to track which emails are opened by recipients. The information is used to enable more accurate reporting, improve the effectiveness of our marketing, and make NationBuilder better for our users.
Third Party Services: 3dna uses Google Analytics to help understand use of the Service. This service collects the information sent by your browser as part of a web page request, including cookies and your IP address, and their use of it is governed by their Privacy Policy.
No SSL / TLS encryption for registration of Sensitive Personal Data , which is exported to the USA
Although the main NationBuilder.com website does have a working SSL / TLS Digital certificate, presumably so that they can process credit card or other online payments, this feature is totally lacking from the yourken.org website, which handles donations on the main kenlivingstone.com website.
Before even being able to browse the website to see what it it all about, all new visitors are already assumed to be supporters and are asked to fill in a registration form with their Personal Data i.e. home, address, phone and mobile phone, email details, Twitter and FaceBook accounts.
By implication, by virtue of registering for a Labour party political campaign, this Personal Data is being tagged with their presumed political affiliation. Legally this is Sensitive Personal Data defined under the Data Protection Act - there is no excuse for not protecting this in transit with standard SSL / TLS strong encryption.
Simply by accessing http://yourken.org, your computer's IP address and web browser details are logged by both Google Analytics and also by Quantserve, two third party commercial web tracking companies in the USA, through hidden JavaScript and sneaky 1 x 1 pixel sized transparent .gif images which are pulled from the tracking companies web servers rather than from the yourken.org website.
Email Blaster - is a tool for spam, not for responsible political campaigning
The worst aspect of the NationBuilder service is the "Email Blaster" campaign email tool. The NationBuilder website gives advice on creating a "Killer Email Blast" etc. This is email spam marketing rather than proper permission based email.
Just like the Blue State Digital tool we wrote about in 2009, the HTML emails (signed by Ken Livingstone himself, allegedly) sent out by this Email Blaster tool contain hidden "web bug" invisible 1 x 1 pixel graphics, not from Quantserve or Google Analytics, but from london@email-new.labour.org.uk, which is an alias for the NationBuilder.com system in the USA.
If, like most people, this email is read using HTML enabled email software, this "web bug" allows NationBuilder and the Labour Party to track not only whether a recipient has opened the email, but it also tracks other people to whom the "web bugged" email has been forwarded to.
Remember that all such log file tracking information is available, on demand, to US Government agencies, under their PATRIOT Act, or can be freely sold by these commercial US companies.
This is not appropriate for a list of a particular UK political campaign's supporters' home address, phone and mobile phone, email details, Twitter and FaceBook accounts details etc.
The Labour party is welcome to spy on those of its own supporters, who have actually given their prior, informed consent to do this. We suspect, however, that many ordinary Labour party members and supporters will be annoyed, or perhaps horrified, that this is being done to them without such informed prior consent.
We hope that no other UK political party will be tempted to abuse their supporters or potential supporters in this way and that they will shame the Labour party for doing so.
Will NationBuilder.com shut down yourken.org becuase of US trade embargos and sanctions against Fidel Castro and Hugo Chavez ?
NationBuilder.com, based in California, may well be dealing with Labour party social media apparatchiks, but they may be unware of the toxic nature of "Red Ken"s authoritarian political policies and fantasies.
It is possible that NationBuilder.com, which is run by Democrat supporters, or their upstream US based ISPs, could shut down the yourken.org website, because of his sycophantic support for the communist dictators Fidel and Raul Castro in Cuba and the anti-American Hugo Chavez in Venezuela. They could use the excuse of US trade embargo and economic sanctions laws, or they could simply take a moral stand against "Red Ken".
If the Labour party and Ken Livingstone's apparatchiks really cared about Londoners, they would not have outsourced the yourken.org website to the USA and would have employed a local London based company to provide exactly the same sort of social media integrated web campaigning tools, without the odious "web bug" tracking of people without their prior informed consent.
You do realise that Blue State Digital is an American company right?
@ Anonymous - you did actually bother to read the 2009 Spy Blog article which mentions Blue State Digital, right ?
https://p10.secure.hostingprod.com/@spyblog.org.uk/ssl/spyblog/2009/01/26/are-blue-state-digital-tracking-ngo-campaign-emails.html
yourken.org also seems to be "real time" tracking every visitor / volunteer through Yet Another Tracking Mechanism called GoSquared
http://www.gosquared.com
which is actually based in London
Again, no "informed prior consent" has been obtained from the visitors / volunteers.