A CD-ROM that the
Minnesota Republican Party in St. Paul is sending
out to build support for a constitutional amendment banning
same-sex marriage has another purpose: building up a
voter database. And that's stirred up a technological
tempest on the Internet and among Democrats who say
the disc will improperly gather data from people who examine
it on their computers.
Privacy experts say they're concerned that the
GOP won't adequately warn users that it's collecting
the data, and they worry where the information will
end up. But GOP officials said the final version of the CD
that's due to be mailed soon to hundreds of thousands
of Minnesotans will contain a notice that the
information gathered may be used by the party.
The discs contain video clips from Gov. Tim
Pawlenty, secretary of state Mary Kiffmeyer, state
auditor Pat Anderson, and house speaker Steve Sviggum.
They talk about what they consider the dangers of same-sex
marriage and why they believe a constitutional amendment is
needed to ensure marriage remains between one man and
To watch the video, a person has to go to an
Internet site and punch in an ID code that tells the
party who is viewing it. Once the video is going,
viewers are asked questions on subjects like abortion, gun
control, and party preference.
Party officials distributed what they called
test copies of the CDs to the media on Monday. Those
discs contained no disclaimers saying that data was
being collected and transmitted.
Political parties used to collect voter
information by canvassing citizens one by one or
paying for subscriber lists. Minnesota GOP spokesman
Mark Drake said the CD-ROM is just the latest way to collect information.
"It's an ageless part of American politics, and
I don't think it's anything that is particularly a big
deal beyond that it's high-tech," he said. "It's not
different than 30 years ago filling out a voter survey
in your kitchen and then mailing it in." Drake pointed to
recent Internet surveys by the DFL Party and the teachers
union Education Minnesota as similar examples.
But some privacy advocates disagree. They said
someone who fills out a survey on those sites is
knowingly providing the groups with information, while
it's not clear from the Republican CD that the data is being
transmitted back to the GOP or even what other data about
the user is being collected.
Lillie Coney, associate director of the
Electronic Privacy Information Center in Washington,
said the GOP CD should clearly indicate that the
packet is not only a video on same-sex marriage but a tool
to collect voter data. "Anytime the consumer is
providing information to an entity and they're not
aware of how that information is being used or what
purpose the information may be put to, they're at a
disadvantage," she said. Coney also had concerns that the
data could be accessed by a third party.
Christa Heibel, CEO of International
Falls-based CH Consulting, which produced the
discs, said specific firewalls have been developed to ensure
that the voter information is protected.
But she spoke after Minnesota Public Radio was
able to access some of the data that was collected
during testing. MPR discovered that data collected by
the CDs were being sent to a computer server that was not
secured, making personal information in the database
vulnerable to snoopers.
The GOP said the server will be fully secured
when the CDs are mailed. And Heibel said it should be
apparent from the final packaging and other means that
voters will be sharing information with the party.
"The packaging specifically uses the word
'interactive,' the presentation after each of the
questions that we are asking uses the words 'submit'
and 'continue,' and I think the party has been very
up-front about the fact that they are obviously asking for
this information to receive that data back, and they
care about what the voter has to say," she said.
DFL Party spokesman David Ruth called it a
"sneaky tactic" to provide information about the
same-sex marriage amendment while mining for other
State senator Steve Kelley, a leader on
technology issues, said the public should be cautious
whenever asked to submit information to a third party.
"I think with this CD for example, in order to make sure
that their privacy is protected, the best solution is
to throw it in the trash can," he said.
It's illegal for businesses to gather personal
data without giving proper notice about how the
information will be used, how one can limit its use,
and how the data will be secured, said Chris Hoofnagle,
senior counsel for the Electronic Privacy Information
Center in San Francisco.
The rules aren't so clear in politics. "In the
political field, candidates and parties have gotten
away with a lot of practices that would clearly be
illegal if a business did them," Hoofnagle said. "Both
parties are using detailed databases of personal information
that are completely unregulated. And they're not likely to
be regulated, because the politicians themselves would
have to limit their activities in order to do so."