If an Electoral Registration Officer (ERO) wrongly supplies the details of an elector who has opted out of the open register, this could constitute a breach of the Data Protection Act. In those circumstances, The Electoral Commission would advise an ERO to immediately speak to their local authority’s Data Protection Officer (or an equivalent officer) and/or directly contact the Information Commissioner’s Office. Depending on the circumstances it could potentially constitute a breach of the ERO’s official duty. An ERO guilty of any act or omission in breach of their official duty – without reasonable cause – is liable on summary conviction to a fine not exceeding level 5 on the standard scale.
The Commission’s guidance to EROs makes clear that the details of any elector who has asked to opt out of the open register must not appear in the open register.
It also highlights that an ERO is a data controller with statutory responsibilities under the Data Protection Act, and links to the data protection principles produced by the Information Commissioner’s Office, as well as other sources of guidance for local authorities on data handling, including the Local Government Association and the Society of Information Technology Management (SOCITM).