The Oxford University Labour Club (OULC) breached data protection rules by making the email addresses of subscribers to its mailing list public, in a newsletter email sent last night. At least 100 email addresses were leaked, less than a week after the Oxford University Conservative Association (OUCA) made a similar blunder.
Some recipients of the email claimed to see no other email addresses, whilst others report seeing over 100, a discrepancy likely due to emails being sent out in staggered batches to different students.
The breach is likely against the law, due to General Data Protection Regulations (GDPR) declaring that email addresses must be treated with confidentiality and kept private.
In addition, it contravenes the SU’s handbook on data protection, which says that clubs and societies are to use Bcc (Blind Carbon-Copy) in all mass emails.
In response to the breach, OULC co-chairs told The Oxford Student, “We apologise for this sleight of hand, we’ll ensure it doesn’t happen again. If anyone has been personally affected please drop us an email”.
Image Credit: Mohamed Mahmoud Hassan