The Justice Ministry has sent a letter to Prime Minister Benjamin Netanyahu's Likud stating that they are facing fines due to a security breach in the Elector app and the leaking of confidential information of millions of voters in the March election, Haaretz has learned.
The Privacy Protection Authority sent a similar letter to opposition party Yisrael Beiteinu, as well as to Elector, the company that developed the app. The parties and the company must respond to the claims in the letter by the end of October, before the authority takes administrative enforcement action, imposing fines that could reach tens of thousands of shekels.
LISTEN: How COVID killed Bibi’s legacy and resurrected his archrival
Israeli political parties receive personal details of voters before the elections and commit to protecting their privacy, as well as not to reproduce the registry, not to provide it to a third party, and to permanently erase all the information once the election is over. Likud uploaded this information to the Elector app, including voters’ full names, ID numbers, genders and addresses, and in some instances included telephone numbers and other personal details. Yisrael Beiteinu, as well as the Shas party, also used the app ahead of the March election.
According to information obtained by Haaretz, as well as Noam Rotem and Ido Kenan of the Cybercyber podcast, a vulnerability in the application allowed for anyone to easily download the entire voter registry – and all the information within it.
In the letter, the authority explained that the parties are responsibility for the breach, even if they are not to blame for it, because the law requires them to protect the confidentiality of voter registries. Legal counsel for Likud and Yisrael Beiteinu are expected to argue in their defense that in hiring the Elector company, which was regarded as professional and trustworthy, they fulfilled their duty to protect the confidentiality of the registries.
In August, Haaretz reported the intention of the Privacy Protection Authority to fine Likud and Elector. The authority’s decision sets a precedent because never before has a political party been fined for a voter registry information leak. The authority's investigation focused on breach of the Privacy Protection Law and the Election Law, which holds political parties responsible for protecting the confidentiality of the voter registeries transferred to them by the Interior Ministry.
- Likud expected to be fined for privacy leaks in its election app
- Likud election app is like coronavirus for Israel's security, ex-Mossad chief says
- App used by Netanyahu's Likud leaks Israel's entire voter registry
The Israel Police are continung to investigate whether anybody took advantage of the security breach to download the voter registries, but have not found evidence of this taking place. The registries contain personal information, including addresses, of all Israeli citizens, including army officers, judges, lawyers and senior defense officials.
The app also contained personal information submitted by active Likud members regarding the political viewpoints of citizens. Although the app was breached, as far Haaretz has been able to determine, there is no evidence that the registries or information about peoople's political ivews were downloaded from the app.
Likud used Elector in the months preceding the last election in March. Prime Minister Benjamin Netanyahu, in his opening remarks at a rally held in Hadera about a month before the election, mentioned Eli Revivo and Elector repeatedly. Lod Mayor Eli Revivo was, at the time, Likud’s campaign manager and responsible for promoting use of the app at Likud rallies. At every Likud rally before the election, several minutes were devoted to explaining how to download the app and how to enter the information into it that Likud was interested in.