This data was collected to determine if a student was allowed to vote for certain roles which require the student to self-identify with a particular characteristic.Lucas Maddalena

Sensitive data relating to students’ self-identification continued to be shared with students running elections on Cambridge Students’ Union’s voting platform months after the issue was originally raised.

Sources have told Varsity that countless students were “effectively outed without even knowing it” because of the 'breach' of sensitive data, which took nine months to resolve.

This data, including information about students’ sexuality, gender, race and disabilities, was made available to students running elections on the platform without the explicit knowledge of the students providing the data.

The data could have been collected during any election on the platform using the self-id system, including in the SU’s main elections in 2021 and 2022, and could be viewed by students running elections for any society that also used the self-id system including J/MCRs and many large societies including the Cambridge University Labour Club (CULC).

This data was collected to determine if a student was allowed to vote for certain roles which require the student to self-identify with a particular characteristic. For example a student is required to identify as LGBTQ+ in order to vote for an LGBTQ+ officer.

The issue was brought to the attention of SU staff in January 2022 by Sam Carling in the SU’s student council. Carling told Varsity that he repeatedly raised the issue at student council and nothing was done to resolve the issue until as late as June.

The system originally allowed societies to change the name of the person holding a role on the SU website from a drop down list of all valid candidates for the position. For positions that required self-id, this list was limited to students who had told the system that they identified with the relevant identity. The solution the SU implemented to prevent students from viewing this information was to remove the ability of students to change the names of listed officials on the SU website entirely. This solution, that is still in place today, would therefore only allow SU staff involved in running elections to access this data.

This solution was only partially implemented initially. Carling, who at the time was serving as Christ’s College JCR President and CULC chair, claims that despite being unable to access this data for the JCR any longer he could still access it for CULC members up until October, when he once again raised the issue at student council.

Fergus Kirman, the student council chair, has told Varsity that he had raised the issue independently with SU staff both after its initial implementation in June and three days before Carling raised the issue at student council in October. On both occasions he was told that the issue had been resolved, despite this not being the case.

This second incident reportedly prompted the SU to report itself to the Information Commissioner’s Office (ICO), the government body tasked with policing data protection.

The body cleared the SU of any wrongdoing as the wording of the SU’s data processing policy stated “volunteers” would have access to the data. SU staff however told the SU democracy committee that it needed to be made clearer to students that their self-id data would be visible to SU staff and students running societies.

Speaking to Varsity, Kirman said: “This was a complete disaster for student privacy. It is essential that students know the full extent of who could access data about them, which they may not have even realised was being stored.”


Mountain View

NUS repeatedly failed Jewish students on antisemitism, damning report shows

He continued: “Nobody acted with bad intentions, but the SU owed it to students to fix the problem when it first arose. Like many other LGBT+ students will, I find it baffling that this happened in the first place and unacceptable that it took nine months to resolve. Students deserve complete transparency and accountability from their SU, including about mistakes like this.”

Carling added: “I am horrified at how this saga was handled, given the sheer number of times I raised the issues involved. When students raise major concerns with our Students’ Union, we have a right to see those efficiently addressed, in an accountable and transparent way - no student should have to repeatedly badger committees and staff like I had to.”

Carling continued: “Not only that, but this data is incredibly sensitive – I can’t even begin to guess how many LGBT+ students were effectively outed without even knowing it because of this breach. It’s clear that there is a major problem in the governance and procedures within the SU that goes far beyond the responsibilities and powers of each elected team of sabbatical officers, who are clearly not to blame for this incident.”

In response to this a spokesperson for the SU told Varsity: “As determined by the ICO, there has not been a data leak at Cambridge SU. This specific issue raised by students has been resolved, and that function has been turned off. The SU did not ignore the request, efforts were made immediately to amend the system based on student feedback, however, we acknowledge this was not resolved as quickly as it should have been.”

They continued: “Our data policy states that we will share data collected with ‘volunteers’, but we recognise that it is not explicit that we will share this data with society officers. We are working to update our policy accordingly to make this clearer. To confirm, this data is not available for students to view.”