Political parties and others have been urged to put appropriate safeguards in place to protect information collected from voters.

The Privacy Commission highlighted the importance of the handling and use of personal information by organisations involved in political campaigns.

The commission said the process must be compliant with the Personal Information Protection Act 2016 which came into effect on January 1.

In a statement, the commission said: “The latest digital technologies and communication tools, such as social media and commercial marketing techniques, have changed political campaigning.

“Political campaigning has become increasingly sophisticated, with campaigners trying to understand their potential voters in order to convey their political messaging to them effectively.”

It said transparency about such tools helped voters make informed choices.

The commission said understanding how political parties and campaigners use voters’ personal information when deploying digital technologies was essential to the electorate’s trust as well as the democratic process and the rule of law.

The commission said canvassing by political groups entailed door-to-door visits.

It also meant visits to public locations and conversations about topics important to voters.

It noted that the practice presented “a number of privacy-related challenges”.

The commission added: “Individuals may choose to release their personal information with people doing door-to-door canvassing, but there is no obligation on individuals to do so.

“Personal information does not necessarily include all information that individuals share during a face-to-face chat.

“But it does cover any information relating to them which is, for example, recorded electronically, written down and kept on file, or added to a database or structured filing system.”

The commission said instances of mishandling personal information, including sensitive details through e-mail were frequent, but could be prevented.

It said: “Simple steps such as using the blind carbon copy line will reduce risk that information is misused.”

The commission said any information from an individual obtained before the legislation came into effect was deemed to have been obtained with his or her consent.

However, it said such consent could be withdrawn.

The sender of such communications should inform the recipient of their identity and provide them with an “easy-to-use” way of opting out of further messages.

“In practice, individuals should be able to withdraw consent as easily as they would give it,” the commission said.

• Individuals’ Guide to Pipa is available at https://www.privacy.bm/