Key Takeaways
- A separatist‑linked group called The Centurion Project published an app containing the names and addresses of nearly three million Alberta electors, triggering a major privacy breach.
- The leaked data exposed individuals at risk, including a woman fleeing intimate‑partner violence who had to relocate her children under urgent circumstances.
- Edmonton city councillor Aaron Paquette confirmed his office is assisting the affected woman and has heard from others whose safety has been compromised.
- Prime Minister Mark Carney labelled the breach “deeply concerning” and urged Elections Alberta and the RCMP to act swiftly and thoroughly.
- Elections Alberta obtained a court injunction that forced the app’s removal and is investigating how the group acquired the voter list, which was legally provided to the Republican Party of Alberta last summer.
- Provincial law restricts the use of such voter lists to fundraising, recruitment, and communication with electors; any other use is prohibited.
- The incident underscores vulnerabilities in the handling of electoral data and highlights the need for stronger safeguards to protect citizens’ privacy and democratic integrity.
Overview of the Privacy Breach
In early May 2026, Elections Alberta announced that it was investigating The Centurion Project after the group released a mobile application that displayed the names and residential addresses of almost three million electors in Alberta. The data set mirrored the official voter list that Elections Alberta distributes only to elected officials, political parties, and party officials for strictly regulated purposes such as soliciting donations, recruiting members, and communicating with voters. The app’s publication represented a clear violation of provincial statutes governing the use of voter information and sparked immediate concern about the potential misuse of personal data.
How The Centurion Project Obtained the List
Lawyers representing Elections Alberta told the injunction hearing that investigators had determined the database published by The Centurion Project matched the voter list legally supplied to the Republican Party of Alberta—a pro‑independence party—during the summer of 2025. At the time of the hearing, it remained uncertain whether the Republican Party had passed the list to The Centurion Project or if the separatist group had acquired the information through another channel. Regardless of the pathway, the exposure of such a comprehensive registry raised serious questions about data‑security protocols within political organizations and the oversight mechanisms governing the distribution of voter rolls.
Immediate Impact on Victims
The leak had tangible, harmful consequences for individuals whose private information was now publicly accessible. One case highlighted by Edmonton city councillor Aaron Paquette involved a woman who was attempting to escape an intimate‑partner violence situation. After her address appeared on the published list, she faced heightened risk of being located by her abuser. Paquette reported that the woman had to break her lease, secure new housing, and relocate her children over a single weekend—a process fraught with stress, financial strain, and fear for her family’s safety. The councillor emphasized that the woman’s experience was not isolated; he had heard from numerous other constituents whose personal safety had been jeopardized by the breach.
Councillor Aaron Paquette’s Response
Representing Edmonton’s Dene ward, Paquette voiced deep concern and anger over the incident, describing it as a grave violation of privacy with real‑world harms. He stated that his office had advised the affected woman to contact police and had helped her navigate the emergency relocation process. Beyond direct assistance, Paquette used the situation to call attention to the broader issue, urging those unaffected to recognize the devastating impact such breaches can have on vulnerable populations. He emphasized that any misuse of personal data, regardless of how many times it has occurred before, constitutes a serious wrongdoing that demands accountability.
Prime Minister Mark Carney’s Statement
Prime Minister Mark Carney entered the discourse on the weekend following the breach, issuing a statement that labelled the alleged privacy violation “deeply concerning.” He expressed confidence that Elections Alberta and the Royal Canadian Mounted Police would conduct a thorough and expeditious investigation to identify the root causes and pursue appropriate actions against those responsible. Carney also stressed the necessity of continual vigilance to safeguard Canadians’ rights and preserve the integrity of democratic institutions, framing the breach as a threat not only to individual privacy but to the public trust underpinning the electoral process.
Elections Alberta’s Investigation and Legal Action
In response to the app’s release, Elections Alberta swiftly sought judicial intervention. A judge granted an injunction ordering The Centurion Project to shut down the application, which the group subsequently complied with. The injunction hearing revealed that investigators were examining how the separatist group obtained the voter list, including whether the Republican Party of Alberta had improperly shared the data or if another avenue had been exploited. Elections Alberta affirmed its commitment to uncovering the full chain of custody and to enforcing any violations of provincial election law, which strictly limits the use of voter rolls to legitimate political activities.
Legal Restrictions on Voter List Use
Under Alberta’s Election Act, voter lists may be distributed only to elected officials, political parties, and party officials, and their use is confined to three specific purposes: soliciting donations, recruiting party members, and communicating with electors. Any other utilization—such as publishing the data for public consumption or facilitating harassment—constitutes a breach of the law. The alleged actions of The Centurion Project therefore not only endangered individuals but also represented a clear contravention of these statutory safeguards, prompting calls for stricter enforcement and possibly revised guidelines governing the handling of sensitive electoral information.
Broader Implications for Privacy and Democratic Integrity
The incident has reignited debate over the protection of personal data in the political sphere. While voter lists are essential for legitimate campaigning and party activities, their sensitivity necessitates robust security measures and clear accountability mechanisms. The breach demonstrates how insufficient oversight can enable malicious actors to weaponize publicly funded information, putting vulnerable citizens at risk and eroding confidence in electoral institutions. Stakeholders—including policymakers, election agencies, and political parties—are now urged to reassess data‑handling protocols, invest in stronger cybersecurity defenses, and consider penalties that deter future misuse of voter information.
Conclusion and Call to Action
The alleged privacy breach by The Centurion Project serves as a stark reminder that the mishandling of electoral data can have immediate, harmful effects on individuals’ lives, particularly those already facing violence or intimidation. The swift response from Elections Alberta, the condemnation from Prime Minister Carney, and the advocacy of local officials like Aaron Paquette all highlight a collective recognition of the gravity of the situation. Moving forward, it is imperative that authorities not only apprehend those responsible but also implement systemic reforms to prevent similar incidents, ensuring that the democratic process remains both transparent and respectful of every Canadian’s right to privacy.