The Victoria firm, linked to a major global political data scandal and found to have breached Canadian Privacy laws, is speaking out. Aggregate IQ ‘s COO Jeff Silvester says they did not know they did anything wrong when using certain data for political tools — used by groups to target and sway voters in the Brexit leave campaign and political elections in the U.S. and Canada. “There is no case law, or no findings by either of the commissioners on anything related to what we are doing,” said Jeff Silvester. But both B.C. and Canada’s privacy commissioner concluded that AIQ used the personal information of millions of people around the world, and some of that data had been obtained without proper consent. That violated local privacy laws, as data firms working in the province must obtain proper consent. Some of that data was exposed in a data breach, conducted by a cyber security group. READ MORE: Victoria’s AggregateIQ firm breached Canadian privacy laws Some of the data was found to have been scraped from Facebook without consent by Cambridge Analytica— a firm that was at the centre of a political data scandal. “We were relying on [Canadian laws] as it was written and as we interpreted it because there were no examples of anything else,” said Silvester. “We made sure they had the proper authority to do what they were doing in those jurisdictions.” Silvester says they never directly dealt with the improperly obtained data, as they did not know data provided to them was sourced from it. But some disagree, accusing the company as acting as political manipulators, to push specific political agendas. “We just want to make sure people can have those tools to communicate, share their positive vision for the future and vote for them… we help our clients to get their message out in the most effective or efficient way,” said Silvester. “All Advertising is persuading… what we do is we try to help our clients to share their message in a transparent way…. everyone can see every add our clients have posted… we don’t do anything hidden behind the scenes or anything like that… but we help them share their message with the people who might be interested in looking.” The company says they have already implemented the two recommendations from the commissioners: to delete all data not needed for current business or legal means, and to ensure all data in the future is obtained with consent. The company plans to continue work from Victoria, but cannot disclose current clients. “We have worked all over the world, often in the United States sometimes here in Canada… people also know we have also worked in the U.K.,” said Silvester. Officials say the firm:
- failed to ensure appropriate consent for its use and disclosure of the personal information of voters.
- did not take reasonable steps to ensure that consent obtained by its international clients was valid for its practices in Canada.
- did not take reasonable security measures to protect personal information, leading to a privacy breach in 2018.