mike watkins dot ca : Member information is... private.

Member information is... private.

Apparently my party’s strategy for rebuilding David Emerson’s reputation rests solely on attacking critics of Harper’s decision to subvert democracy through the brazen overnight political reformulation of David Emerson.

I am guilty as charged. I am a critic. How could I not be?

The real question is why aren’t more Conservatives – many of whom I know to be passionate democrats – openly criticizing what Harper and Emerson began conspiring to do (through middleman John Reynolds) less than 24 hours after the last ballot was counted.

The latest tactic – could this be Sandra Buckler’s handiwork (I do not know, just asking a question…) – is to play loose with the facts and spread some minor personal information to journalists. Tsk tsk tsk, if one is going to attack, at least get the attack accurate.

Via a talking points memo, someone connected to the party tried to undermine my credibility – as if anyone needs credibility in order to legitimately criticize the Harper-Emerson affair – by providing to a number of journalists inaccurate, but personal, party membership information.

There’s a couple of problems with that approach, not the least of which is that a number of journalists found the attack lame and childish and ignored it altogether.

More importantly, disclosing personal information collected on any Conservative Party member, or any elector period, is a) against party regulations, and b) against Canadian law.

For the uninitiated, the Conservative Party maintains a huge data warehouse on party members and… voters in general, in a system called CIMS. The system was originally developed, as I understand it, for the Ontario provincial Progressive Conservative Party. When I was National Chair, Technology, for the Progressive Conservative Party of Canada, I had received a briefing on the system. At the time I noted how comprehensive, and expensive, it was. We federal “PC’s” couldn’t afford it then, but another federal party could.

Through some sort of purchase or lease program, the Canadian Alliance bought into the software, and thanks to the merger of the CA and PC, CIMS is used to this day to manage membership and voter information for the Conservative Party.

CIMS is secure. Highly secure. In order to access CIMS data, one must sign all sorts of forms swearing to give up one’s first born, or big toe if childless, if one uses information for purposes not intended. Audit trails in CIMS make it possible to identify anyone who accessed a record. Access to the system is over a secure virtual private network, and that subsystem will also have its own logs and audit trail.

Since its so secure, you can imagine why I might be startled to find out that journalists have access to some of my membership data – data which can only come from CIMS. It might be very interesting to review the audit trail and see who in the party has accessed my records since, say, February 6th. Where could such an inquiry lead to, I wonder?

It wouldn’t sit well with the public if the party or the Prime Minister’s office were to be found disclosing personal party member information to anyone, much less the press. Not only would such an act violate the CIMS user agreement (PDF):

INFORMATION CONTAINED IN CIMS IS CONFIDENTIAL. UNAUTHORIZED USE OR DISCLOSURE OF IT MAY BE PROHIBITED BY FEDERAL LAW INCLUDING THE CANADA ELECTIONS ACT. CIMS USER ACKNOWLEDGES AND AGREES THAT ACCESS TO CIMS IS GRANTED ON THE BASIS THAT THE USER WILL NOT PROVIDE ACCESS TO UNAUTHORIZED PERSONS TO ANY INFORMATION CONTAINED IN CIMS, AND WILL NOT DISCLOSE THEIR USERNAME AND PASSWORD TO ANYONE ELSE.

… but such disclosure would most certainly violate the Canada Information Personal Information Protection and Electronic Documents Act and very probably violate similar provincial legislation. Perhaps even more importantly, a breach of confidentialty with respect to membership data is a serious issue for other members to consider, and if such a breach were to be confirmed, and made public, could undermine membership recruitment and donation efforts, as well as voter support in future elections.

Clearly someone leaked my membership data. I wonder who? No doubt there’s an enterprising journalist out there interested in following that one up. Thanks.