The European Parliament has provisionally approved measures to prevent misuse of voters’ personal data in the upcoming European elections.
Negotiators from the Parliament and the European Council informally agreed on the proposed plan, which would impose penalties on political parties which breach data protection regulations in order to tamper with the outcome of the elections. In the wake of multiple high profile cases where voters’ personal data has been misappropriated, sold or used to target political advertising, increased attention is now being paid to the vulnerabilities of data protection systems.
Under the terms of the draft law drawn up by Parliament and Council negotiators, European political parties and foundations which make inappropriate use of voters’ personal data, breach data protection legislation or otherwise attempt to illicitly influence the outcome of the elections would face financial sanctions. The provisions are geared towards insulating the EU’s electoral process from online disinformation campaigns based on misuse of voters’ data.
Once a national supervisory authority becomes aware of an infringement of voters’ personal data protection, it will need to inform the Authority for European political parties and foundations, which will trigger the procedure for verifying infringement of regulations. When a party or foundation is verified to have committed a violation of the rules, it will be subject to a financial penalty.
The proposed measures to protect voters’ personal data were put forward by the European Commission as part of a wider package aimed at guaranteeing free and fair European elections this May. The provisions will form an amendment to the 2014 regulation on the funding of European political parties and foundations.
The deal as agreed by negotiators will now be passed for approval to the Constitutional Affairs Committee in January, then the full Parliament and Council in March, before it can be passed into EU law.