ILITA Issues Guidance to Political Parties on Safeguarding the Registry of Voters

In advance of the upcoming general elections in Israel, the Israeli Law, Information and Technology Authority (ILITA – the Israeli privacy regulator) has published guidelines regarding the duties of political parties in safeguarding personal information that they obtain and collect. The guidelines address personal information in the Registry of Voters as well as personal information pertaining to the parties’ members.
The Registry of Voters (voter roll) is an official directory that lists all Israelis entitled to vote in the elections for the Knesset (the Israeli parliament). All parties are entitled to receive a copy of the Registry on CD, but may only use the Registry information for the purpose of election and contacting voters. The parties are prohibited from using the information for any other purpose, and may not share it with third parties. Once the elections are over, all parties must return the CD and irretrievably delete all copies of the Registry data they may have.
Regulatory supervision procedures that ILITA conducted in previous elections revealed that parties had misappropriated the information and failed to properly safeguard the data. Parties had allegedly integrated the Registry in their IT systems and delivered information from the Registry to unauthorized third parties.
ILITA’s newly published guidelines also underscore the parties’ duty to safeguard their directory of members. ILITA opined that before giving others access to this directory, the parties should take into consideration and be cognizant of their members’ right to privacy over their political opinions. The guildeines also require that the parties mitigate concerns that personal information will be handed over to unauthorized persons, who might use it for purposes other than the purpose defined by the party. Source: Israeli Ministry of Justice – Media, Spokesperson and Publicity Unit.