Justice Ministry Probing Massive Leak of Voter Information From Likud Election App

The leak, via the Elector app, included information about all of Israel’s more than 6 million voters

Prime Minister Benjamin Netanyahu Netanyahu speaks on his cell phone, Nov 2012
Moshe Milner, GPO

The Justice Ministry on Monday began investigating a massive leak of voter data caused by an election campaign app used by Likud. The ministry’s probe follows a Haaretz report on the leak, which has seen the names, ID numbers and addresses of the entire registry of more than six million Israeli voters, disclosed publicly.

Inspectors from the ministry’s Privacy Protection Authority were sent to the offices of Elector, the maker of the app, to look into suspicions that the information was leaked by the company’s servers and to determine if the mishap constituted a legal violation. The ministry said that the inspection was ordered because of “suspicions of violations of the Privacy Protection Law and the Privacy Protection Regulations (Data Security), following information on the leak of the voter’s registry” and that the Privacy Protection Authority was working to prevent further data leaks.

Responsibility for proper use of the voter rolls “lies first and foremost with the parties,” the ministry said, adding that they “could be held criminally or civilly responsible in the event of violations of the Privacy Protection Law’s provisions.” Two other parties, Shas and Yisrael Beiteinu, also use the Elector app.

The cybersecurity department of the State Prosecutor’s Office is also involved in the inspection at Elector. If the Privacy Protection Authority decides that privacy laws have been violated, it will also  decide whether to pursue criminal or civil prosecution. Deliberate violations of the law are punishable by a maximum of five years’ imprisonment.

Political parties in Israel are provided with voter rolls prior to elections. They are required to protect the information and may not copy the registry or provide the information to outsiders. They are also required to delete the data following the election in a manner that makes it impossible to restore. The information that Likud uploaded to the Elector app included voters’ full names, ID numbers, gender and addresses, and in some instances included telephone numbers and other personal details.

Likud has had difficulty in the past with data security. Its database of registered party members was leaked online and data used in the party’s internal primary election was also hacked, permitting outsiders to make changes to the database.

In the most recent leak through the Likud Elector app, however, information on all of the country’s voters – and not only those affiliated with Likud – was reportedly compromised. The party has not yet provided a response.