Anyone with a burner account could access the entire data root file.
In the spring of 2026, a separatist-linked organization in Alberta quietly obtained the personal records of nearly 2.9 million voters — names, addresses, phone numbers — and built a campaign tool from the data with apparent ties to American political figures. The breach, which went uninvestigated until a journalist forced the question, has laid bare how thinly protected the foundations of electoral democracy can be, and how easily the ambitions of domestic movements may become instruments of foreign destabilization. Canada now confronts a reckoning familiar to other democracies: the moment when the machinery of participation becomes the machinery of vulnerability.
- A separatist group accessed Alberta's entire voter database through a system so poorly secured that anyone with a burner account could download 2.9 million records — and Elections Alberta initially saw no grounds to investigate.
- Nearly 600 people viewed the data before a court order shut it down, leaving domestic violence survivors, judges, journalists, and activists exposed to anyone who may have copied the file.
- The group behind the breach, the Centurion Project, claimed its campaign software had been presented to Donald Trump's White House — raising alarms that Alberta's independence movement is being shaped by foreign political interests.
- Security experts warn that Russia, China, and the United States are all running influence operations targeting Alberta's separatist movement, mirroring the destabilization tactics documented in Ukraine before its invasion.
- The RCMP and Alberta's privacy commissioner are now investigating, but experts and the journalist who broke the story say the damage to public trust and personal safety may take years to fully surface.
In March, a journalist received a tip that Alberta's complete voter database — nearly 2.9 million names, home addresses, and phone numbers — had been obtained by a separatist-linked organization called the Centurion Project, with virtually no security protecting it. When she reported this to Elections Alberta, the body initially found no grounds to investigate. A month later, it obtained a court order to shut the database down.
The Centurion Project emerged from Alberta's intensifying independence movement. Its organizer, Emmott Kelsey, described the group's data-driven campaign app as so advanced it had been presented to Donald Trump's White House. To power the app, organizers drew on Alberta's official voter list. One key figure, David Parker — a veteran political organizer with ties to Tucker Carlson and a prior record of elections violations — was present at an April demonstration where a volunteer's screen displayed the home address and phone number of former premier Jason Kenney. An NDP member filed a police report.
The breach has created genuine fear. Elections Alberta acknowledged that Albertans were 'unhappy, scared and anxious,' noting the particular danger for domestic violence survivors, law enforcement officers, journalists, activists, and judges whose addresses are now potentially in malicious hands. Kenney said he is hiring a lawyer. 'This has been a real wake-up call,' said the journalist who first reported the story.
What makes the breach especially alarming is its broader context. Researchers have documented covert influence campaigns from Russia, China, and the United States targeting Alberta's independence movement. A former RCMP intelligence manager warned that the voter file, if stored without proper protections, could be captured by American data brokers subject to weaker privacy laws. A University of Regina researcher drew a direct parallel to pre-invasion Ukraine, where a spike in narratives questioning national sovereignty preceded military conflict — the same language now used about Canada by American officials.
Elections Alberta has called on the provincial government to amend existing laws. The RCMP and Alberta's privacy commissioner are now involved. Whether the damage — to voter privacy, electoral integrity, and public confidence — can be repaired remains an open question.
In March, a journalist received a tip that should have alarmed every election official in Canada. A separatist-linked organization called the Centurion Project had obtained Alberta's complete voter database—nearly 2.9 million names, home addresses, and phone numbers—with virtually no security protecting it. Anyone with a burner account and no credentials could access the entire file. When the journalist reported this to Elections Alberta, the provincial election body said there were no reasonable grounds to investigate. A month later, Elections Alberta obtained a court order to shut the database down.
The breach has exposed a vulnerability at the heart of Canadian democracy and raised urgent questions about who controls voter information and what they might do with it. It has also illuminated a troubling pattern: the convergence of domestic separatist ambitions, far-right political organizing, and what security experts describe as a coordinated effort by foreign powers to destabilize the country.
The Centurion Project emerged from Alberta's intensifying independence movement. In recent months, separatist activists have pushed harder for a provincial referendum on secession. The group's organizer, Emmott Kelsey, unveiled what he called a revolutionary data-driven campaigning tool. During an online meeting with supporters, he claimed the underlying software was so advanced that it had been presented to Donald Trump's White House. "And we're kind of the guinea pigs with it," he said. To populate the app, the organizers needed data—lots of it. They found it in Alberta's official voter list.
One of the key figures behind the Centurion Project is David Parker, a veteran Alberta political organizer with deep ties to the separatist movement and connections to US far-right figures including Tucker Carlson. Parker has previously faced substantial fines from Elections Alberta for voting law violations. When Elections Alberta investigated how the voter list ended up in the Centurion Project's hands, it discovered the data had originally been provided legally to the Republican Party of Alberta, a fringe right-wing party, and then improperly shared. Parker has denied using that list, claiming instead that the database came from a third party. But during an April 16 demonstration of the Centurion Project's database to volunteers, Parker displayed the home address and phone number of Alberta's former premier Jason Kenney. An NDP member present at the event filed a police report.
The breach has created genuine fear. Elections Alberta noted that nearly 600 people accessed the voter list, which it described as "incredibly confidential." The organization acknowledged in a statement that Albertans were "unhappy, scared and anxious," and pointed to the particular vulnerability of domestic violence survivors, law enforcement officers, journalists, activists, judges, and marginalized communities whose addresses are now potentially available to malicious actors. Former premier Kenney said he is hiring a lawyer and warned that the breach could affect vulnerable populations for years. "This has been a real wake-up call to the risks that we're playing with here," said Jen Gerson, the Alberta-based journalist who first reported the breach. "People are very angry and they're very scared."
What makes this breach especially alarming to security experts is the broader context in which it occurred. The Trump administration has signaled support for Alberta's separatists and has threatened to subjugate Canada. Researchers have documented covert influence campaigns targeting Alberta's independence movement from Russia and China, alongside AI-generated disinformation. Patrick Lennox, a former manager of criminal intelligence for the RCMP's federal policing programs in Alberta, warned that if the voter file was stored without proper protections, it could be captured by American data brokers governed by less stringent privacy laws than Canada's. "Since Trump came back into power, he has destabilized that democracy to the point where I don't think you can legitimately call it a democracy any more," Lennox said. "And I worry that's exactly what the play is in Alberta."
Brian McQuinn, co-director of the Centre for Artificial Intelligence, Data, and Conflict at the University of Regina, drew a parallel to pre-invasion Ukraine, where researchers documented a spike in narratives questioning the country's sovereignty—the same language now being used about Canada by American officials. "The Americans would like us to be as weak as possible," McQuinn said. "A separation movement that harms us in negotiations is obviously really important." The Centurion Project's underlying software is based in the United States, and its developers did not respond to requests for comment. Elections Alberta has called on the provincial government to amend existing laws to prevent similar breaches. The investigation continues, with the RCMP and Alberta's privacy commissioner now involved. What remains unclear is whether the damage—to voter privacy, to electoral integrity, and to public confidence in democratic institutions—can be repaired.
Citações Notáveis
Anybody with a burner account and no credentials could then access the file and potentially download information from it.— Jen Gerson, Alberta-based journalist who reported the breach
Since Trump came back into power, he has destabilized that democracy to the point where I don't think you can legitimately call it a democracy any more. And I worry that's exactly what the play is in Alberta.— Patrick Lennox, former RCMP criminal intelligence manager
A Conversa do Hearth Outra perspectiva sobre a história
Why does a voter list matter so much? It's public information, isn't it?
Technically, yes, but the way it's protected matters enormously. A voter list in the hands of election officials is one thing. In the hands of a political campaign with minimal security, it's another. Nearly 600 people accessed this database. Anyone could pull up your address, your phone number, your voting information.
But the Centurion Project says they were just trying to organize voters. Isn't that what campaigns do?
They do, but there's a difference between persuasion and surveillance. When you can access someone's home address without any credentials, without any trace, you're not just campaigning—you're creating a vulnerability. Especially for people like domestic violence survivors or judges whose safety depends on their address being private.
The article mentions foreign interference. How does a voter list breach connect to Russia or China?
It's about leverage and destabilization. If a foreign power has access to Canadian voter data, they can target disinformation campaigns more precisely. They can identify vulnerable populations. They can amplify divisions. And in this case, there's also the question of whether American actors are involved—the software is US-based, the Centurion Project has ties to Trump's circle. A voter list in the wrong hands becomes a tool for breaking a country apart.
So Elections Alberta should have investigated immediately when the journalist reported it?
That's the bitter irony. The journalist reported it in late March. Elections Alberta said there were no reasonable grounds to investigate. A month later, they got a court order and shut it down. By then, the damage was done. And Elections Alberta itself says the provincial government weakened its investigative powers last year.
What happens now?
The investigations continue. But the real question is whether Canada can secure its electoral infrastructure before the next election. Right now, it's not clear that it can.