Local councillors and GDPR

[hardestof6]

I wrote an email to some local councillors about a planning issue that is high profile and controversial. I have a connection to the organisation that is making the application. The email contained my personal address and email address.

A few hours later, a different local councillor (who has strong views on the issue) wrote a disparaging comment on Twitter, which made clear he had seen the email.

Is it not contrary to GDPR for councillors to share residents' correspondence without permission?

Not a lawyer but have worked alongside councillors in the context of political volunteering.

I would have thought that when you email a councillor in their capacity as a councillor, you're sending your information to the organisation rather than to that individual, so it can be shared amongst other people within the organisation who need to know about it but not outside of the organisation. Otherwise it would be very difficult for councillors to do any case work. A bit like your medical records - if you tell your doctor something it'll be shared with other people involved in your care.

If you're worried your name has been shared that isn't necessarily the case - someone might have said "I've had a complaint from a constituent about the effect of the development on the lesser spotted badger-vole" and a colleague has gone on an unprofessional Twitter rant about it without actually knowing who you are.

It is normal for residents' concerns to be shared among fellow councillors or in escalating the matter but your personal details should not be passed on without permission.

There is no simple answer to this.

If this councillor has simply been made aware of the content of the email without being told it is from you there is no breach of GDPR.

If whoever disclosed it to this councillor can argue that the disclosure was necessary to provide an appropriate response there is no breach of GDPR.

There may be other reasons why this is not a breach.

Without knowing a lot more it is impossible to tell.

Is it not contrary to GDPR for councillors to share residents' correspondence without permission?

Of course it's not. How would they discuss things if they couldn't talk about their voters views and opinions?

Your opinion isn't pees

Oops

Your opinion isn't personal data.

No Herat, but my address and email address certainly is personal data.

Can you tell from the Tweet if your name and address were included or redacted when the other councillor saw the email?

My name certainly wasn't because they referred to my position directly and, knowing some of the people involved, I very much doubt the other details were. However, that is something I can ask for confirmation of. The aim of my question here was to find out whether it would be a breach assuming the details weren't redacted.

Iirc the sharing itself within the council is not necessarily an issue, the use of it beyond the immediate purpose ie. Identifying you publicly, such as by name, position, location, would be.

Check the GDPR policies of the Council - they should be on their website. This will list what they keep and how they use it. You can make a "Subject Access Request" if you want to find out how your personal data has been used or shared.

Your name and address is publicly available though.

So is your concern that your name was linked to some comments you made?? As in "Mrs hardest from 5 Any Road told me she's against our policy to...."?

I think that would be fair enough in a discussion between councillors. They have a pretty good idea how households vote, so may have marked you down for a house call at the next election if what you said is contrary to their agenda.

Heratnumber7 do you know the first thing about GDPR?

Thanks to others who have posted some sensible advice. Think I have enough now.

GDPR aside, Isn't there a presumption of confidence when dealing with your elected representative(s) ?

I know quite a lot about GDPR actually. Thank you for asking.
Your name and address are not confidential. This information is publicly available in lots of places.
.
Keeping that information in a database when it's not needed is illegal. But talking to another colleague about needing to sway Mrs X at 7 High St around to your party's way of thinking at the next election is not illegal.