A petition against the Likud party has laid bare one of the largest and most compromising leaks of Israelis’ personal information in the nation’s history, and accused the ruling party of brazenly violating privacy laws in its re-election push.
The petition, filed Thursday, accuses Likud of using its access to the official Central Elections Committee voter registry to create a database of all voting-age Israelis that it then made available to its grassroots activists through the publicly available app Elector. The app is intended to enable political parties to conduct real-time data-crunching on election day, showing vital ground-game information on individual voters, polling stations (including rates of support for a party by station) and regions. But a flaw in the app’s web interface gave “admin access” to the entire database, allowing anybody to access and copy the Israeli voter registry, along with additional information gathered by Likud about hundreds of thousands of voters.
The exposed database includes the full name, sex, home address and in many cases cellphone number and responses to political polling for 6.5 million Israeli adults.
The latest leak is Likud’s second major voter privacy debacle in five months, but is far wider than the previous incident. The business journal The Marker reported on September 9 that it had managed to access Likud’s voter database (Hebrew link) ahead of the September 17 race, including information the party had recorded on each Israeli’s relationship to the ruling party. Over 600,000 people were listed as “not supportive.”
The fresh leak came in two parallel tracks, one accidental and one intentional.
As first reported in the Seventh Eye, an Israeli investigative website focused on the media industry, the Elector app’s web version was sloppily written, allowing anyone using a simple browser to obtain high-level access to the full database.
Someone visiting the Elector website on a standard browser like Google’s Chrome could right-click their mouse on the page and select “View page source.” The revealed source code for the website contained a link to the “get־admins־users” page, which the prospective hacker simply had to visit in order to find, out in the open, the passwords of “admin” users — those with authorization to manage the database.
Using the usernames and passwords of admins, one could log into the site with full access to the entirety of the database, including the most up-to-date information available to the Central Elections Committee for all Israeli adult citizens. The database also included information collected through the Likud campaign’s incessant SMS survey effort, which solicited and then recorded the reported political preferences of users.
According to Ran Bar-Zik, a programmer at the Ramat Gan office of Verizon Media who reported on the leak to Israel’s cyber headquarters, “every intelligence agency, foreign government or even commercial company can now obtain this information on every individual in Israel.
“I’ve seen many leaks in my time,” he told the Calcalist business journal over the weekend. “But I’ve never seen a leak as absurdly incompetent and as damaging as this one.”
But that was just half the problem. There was a second, entirely intentional leak, according to the petitioners.
The Likud campaign has spent weeks publicizing access codes to the app across the party’s social media accounts and activist networks in a bid to mobilize its grassroots to collect information that would help it target voters on election day. That effort effectively granted access to the database to countless individuals who were not directly permitted to view the information.
It is not clear if there were any limits to users’ ability to obtain information from the database using the Likud campaign’s access codes.
According to the app’s Google Play Store page, Elector was updated on Thursday, the same day the petition was filed to the Central Elections Committee, to limit the number of daily searches a user was permitted to make from the database.
Under election privacy laws, political parties are allowed to access the voter registry, but not to pass on the data to a third party. The petition, filed by attorneys Shahar Ben-Meir and Yitzhak Aviram, and accompanied by research into the app from experts in the field, claims that Likud’s handing over the database to Elector, which hosted it on its own servers, amounts to an egregious violation of the law.
In a Hebrew-language YouTube video, Tzuriel Yemin, the programmer behind the Elector app, bragged that its capabilities include copying the voter database to an external location for safekeeping. The video was taken down Thursday, but the Seventh Eye retained a copy from its reporting, which it then uploaded to YouTube itself.
While the Elector website was fixed after the leak was discovered, the exposure of information through the mobile app to unvetted Likud grassroots activists continued unabated over the weekend, with campaign events and Facebook pages urging users to download and use the app to find information on potential voters in their area and social circles.
The petition says the Shas party has also made use of the app in similar ways, as the two parties’ campaigns have been coordinating their efforts.
Likud first employed Elector in Netanyahu’s December 26 primary race against rival Gideon Sa’ar. It has since been used by Labor party MKs and by the Yisrael Beytenu party as well.
On Sunday, Central Elections Committee head Supreme Court Justice Neal Hendel ordered all concerned parties, including Likud, Shas, the company that made Elector, Attorney General Avichai Mandelblit and the Justice Ministry’s Privacy Protection Authority, to respond to the petition by Wednesday.
Experts said there is no way to know who obtained the information contained in the database, either in September or before Thursday, when Elector fixed the exposed website and limited access through the mobile app.