California Voter Foundation Logo

Voter Privacy in the Digital Age

Recommendations

This study finds that many states are gathering more data from voters than may be necessary for elections administration, and that voter data is widely disseminated to secondary users, including commercial interests in 22 states, typically without any notice to voters that their information will be shared.

In considering policy recommendations to states for protecting voter privacy in the digital age, we acknowledge the need for elections agencies to collect sufficient information from voters for proper registration and administration. We also recognize that voter lists are a fundamental part of campaigns and elections. The following recommendations to states would achieve improvements in voter privacy while maintaining the integrity of election administration as well as the ability of campaigns to reach voters.

  1. Add notice language to voter registration forms stating that voter information is public record and explaining what secondary uses are permitted. All states that collect Social Security numbers should comply with the Federal Privacy Act and notify voters of the reason for collecting this data. Citizens should have the right to be informed of the implications of disclosing their personal information as a condition of becoming an eligible voter.

  2. Place clear instructions and indicators on voter registration forms that explain which fields are optional and which ones are required. The best way for a form to make this distinction is by putting the word “optional” both in the box for each optional field and in the instructions for those fields. For example, if an individual’s telephone number is optional, the box for the field should read “Telephone number (optional),” with sufficient explanation in the instructions that explain why it is being requested so that the voter can make an informed choice about whether to provide it or not.

  3. Limit collection of data on voter registration forms. For any field that is currently deemed “optional,” state elections agencies should consider whether the particular information is absolutely necessary to administer elections. Information that is not necessary for election administration should be deleted from the form. State voter registration forms should follow as closely as possible the minimal-yet-sufficient standard of the universal application created by the National Voter Registration Act. In light of the federal “Help America Vote Act” requirement directing states to collect a “unique identifier” from voters in the form of their drivers’ license number or the last four digits of their SSN, those states currently collecting voters’ full SSN should reconsider doing so.

  4. Protect sensitive voter data. Voters will be less worried about risks to their personal data if they can be assured sensitive data will not be redistributed to secondary users. The need to protect sensitive voter data will only grow in the coming years as states implement the new data-gathering requirements of the Help America Vote Act. Sensitive data, such as voters’ birthplaces and exact dates of birth, should be redacted from voter lists as well. Seven states completely redact voters’ date of birth, while four states redact voters’ birth day and month from voter lists, a step that enables secondary users to know a voter’s age without knowing the exact date of birth.

    Voters also need assurance that their election agencies are taking adequate steps to protect voter data from unauthorized access, negligence or hackers. Internet-based registration-status or polling-place look-up services can be helpful to voters, but if not set up properly can also undermine voters’ privacy. The Michigan-based Publius model, which uses the voter’s address information to deliver correct polling place information online without actually displaying the voter’s address or other personal data, is one that should be replicated.

  5. Prohibit commercial use of voter lists and voter registration data. Already more than half the states prohibit commercial use of voter lists. Voting is a fundamental right that should not be exploited as a source of commercial solicitation. While the issue of whether news organizations and political data vendors should be classified as commercial users needs further debate, other nonpolitical commercial uses should be prohibited nationwide.

  6. Strengthen enforcement of laws that protect voter data from abuses by secondary users. Policies restricting the duplication or commercial use of voter lists are rendered ineffective if elections agencies do not seriously attempt to monitor list usage and pursue cases of impropriety. Going after some high-profile violators would demonstrate a state’s commitment to enforcing its laws regarding voter lists and may itself serve as a deterrent to improper use. More robust procedures for enforcing restrictions on voter registration data need to be developed and deployed.

  7. Consider applying the Federal Trade Commission’s Fair Information Practices principles to voter registration data. The standards that have come to codify the handling of personal information in Internet and other commercial transactions draw on a simple four-point plan known as the Fair Information Practices principles.40 The four principles are Notice, Choice, Access and Security, and provide a useful framework for a discussion about how to change and improve state voter data practices in ways that enhance voter privacy.

Notice

The Notice principle states that “consumers should be given clear and conspicuous notice of an entity’s information practices before any personal information is collected from them.”41 As described in Recommendation #1, voter registration forms should include notice language to voters.

Choice

The Choice principle “relates to giving consumers options as to how any personal information collected from them may be used for purposes beyond those necessary to complete a contemplated transaction.”42 This principle enables a person to exercise a right to approve or withhold the secondary usage of personal information. The Choice principle as applied to voter data could give voters the ability to choose which type of secondary users they wish to grant access to their data. The Choice principle could also enable voters to specify the way they prefer to be contacted by campaigns. For example, voters could indicate that they would like to receive mail from campaigns but not phone calls or door-to-door solicitations, thus establishing a kind of “Do Not Call” list.

Access

The Access principle gives individuals the opportunity to have reasonable and appropriate access to information held about them, as well as a chance to amend or correct that information.43 For voters, it would mean being able to view their voter registration data, redact optional information if they choose, and change their preferences for whom they permit to use their data and how they want to be contacted. The application of the Access principle could also mean any voter, and not just those with special circumstances, could request their entire voter record be withheld from any secondary users. While this approach can limit the amount of data election agencies disseminate about voters in the future, it does not address data contained in voter lists that have already been disseminated and are in use.

Security

The Security principle “refers to a data collector’s obligation to protect personal information against unauthorized access, use, or disclosure, and against loss or destruction.”44 As discussed in Recommendation #4, protecting the security of voter records requires the government agencies that house them to develop new security procedures that insulate the data from negligence, employee abuse and hackers.

Contents:

Site Map | Privacy Policy | About Calvoter.org

This page was first published on June 9, 2004 | Last updated on January 23, 2012
Copyright California Voter Foundation, All Rights Reserved.