Repubblika requests police investigation into massive data leak

Tista' taqra bil- Malti.

Rule of Law NGO Repubblika has written to the acting Police Commissioner requesting that a police investigation is launched into the massive data leak which came to light on Wednesday in the Maltese press.

On Thursday, Times of Malta reported that the massive cache of data has originated from Partit Laburista and it shows the voting preference of a majority of the population.

The information includes some 337,384 people and lists their names, addresses, ID card details, phone numbers and their voting preference.

In its letter, Repubblika called on the police to preserve the evidence related to the case and to launch an investigation into possible crime through the unauthorised collection, storage and use of data.

“We ask you to take all the necessary measures to investigate the serious allegations, to collect and identify the potential criminal activity in question and to investigate the relation of the people involved with the political parties,” Repubblika President Professor Vicki Ann Cremona said.

The Data Protection Commissioner launched an investigation into the alleged breach by the IT company. The massive cache of data includes the ID numbers, names, addresses, gender, phone numbers and dates of birth of over 300,000 voters.

On Thursday Newsbook.com.mt revealed that the same IT company C Planet Solutions operated a system for the law firm SZA where Parliamentary Secretary Stefan Zrinzo Azzopardi was a partner prior to being appointed as junior minister.

One of the results yielded when searching online for the company, was a link which led you to the internal system of the law firm, including access to their pending bills and their client list, as well as access to their employee and administrator usernames and unencrypted passwords. These credentials allow any member of the public who discovered this system, through Google or another search engine, to log in and view the firm’s live operational database, including bills for legal work sent to clients, as well as other personal data on thousands of clients and litigants, going back as far as 2014.

Partit Laburista insists it has always abided by the law

In a statement Partit Laburista said that the party’s internal IT system is not the same one as the one which was leaked online and operated by C Planet Solutions.

The party said that it had its own internal system which is in house and has no connection to the system run by Philip Farrugia, the director of C Planet Solutions and brother-in-law to Parliamentary Secretary Stefan Zrinzo Azzopardi who formerly served as a PL President.

“The Electoral Commission is obliged to share updated electoral registries with the political parties to ensure that the electoral process is a transparent one,” Partit Laburista’s statement reads. The data is available only to the two major parties according to the Labour Party.

“This means that the data of which the PL is in possession is according to law. The party has always been cautious when handling data before the GDPR laws were enacted as well as after in accordance to the law of the country.”