Leave.EU and Arron Bank’s insurance business face fines totalling £135,000 following an investigation by the Information Commissioner’s Office.
The ICO revealed this morning (6 November) it was intending to fine the two firms £60,000 for a data protection breach during the EU referendum campaign.
The privacy watchdog found that Leave.EU and Eldon Insurance had breached electronic marketing laws by sending one million subscribers emails including marketing for Eldon Insurance services without their consent.
Leave.EU has been fined a further £15,000 after sending 300,000 emails to Eldon Insurance customers containing a Leave.EU newsletter.
Speaking before parliament’s fake news inquiry on Tuesday, Elizabeth Denham, the Information Commissioner, said: “[This] indicates a failure to keep separate the data on insurance clients and Leave.EU data. The disregard for the separation of the data is going to be looked at through an audit.”
Arron Banks was the largest individual backer of Brexit and is now the subject of a criminal investigation over the source of his funding.
In a blogpost announcing the latest findings of the ICO’s investigation, Denham said: “Throughout our enquiries we found a disturbing disregard for voters’ personal privacy by players across the political campaigning eco-system — from data companies and data brokers to social media platforms, campaign groups and political parties.”
Denham is now calling for views “for a code of practice covering the use of data in campaigns and elections. It will simplify the rules and give certainty and assurance about using personal data as a legitimate tool in campaigns and elections.”
Leave.EU and Eldon Insurance did not immediately respond to a request for comment.