Protection of personal data in the context of EP elections

EESC opinion: Protection of personal data in the context of EP elections

The EESC supports the objectives of the Commission proposal and agrees that democracy is one of the fundamental values on which the EU is founded. The EESC recognises that the procedures for the elections of the EP are Member State governed within the EU framework. Enabling the Authority for European political parties and European political foundations (the 'Authority') to impose sanctions is one way of ensuring personal data is protected and not misused for political gain. The EESC supports the additional staffing of the Authority with a view that this staff will be better positioned to work with the national DPAs to ensure that data protection infringements are properly investigated and where found sanctions applied.


Key points

  • In the light of the recent events in 2018 with the Facebook/Cambridge Analytica case concerning the alleged unlawful processing of personal data, the EESC supports the objectives of the Commission proposal and agrees that democracy is one of the fundamental values on which the EU is founded.
  • The EESC recognises that in today’s world technological developments, social media and the storing of personal data by companies throughout the EU are a given and calls for action that protects the citizens of the EU, allows for transparency and the protection of citizens' fundamental human rights.
  • Enabling the Authority for European political parties and European political foundations (the 'Authority') to impose sanctions is one way of ensuring personal data is protected and not misused for political gain. The priority is to ensure the elections are played on a level playing field and no one group can gain advantage from the use of data.
  • The EESC would expect the Authority to look at areas where data infringement might take place and suggest ways to stop this and put checks and balances in place to secure data protection and use of data is within well-defined parameters.
  • To ensure the Authority functions correctly there have to be secure parameters as to its powers and competences. At present, the Data Protection Authorities (DPAs) of the Member States are there to ensure that there is no misuse of data by political parties. The terms of cooperation between the Authority and national DPAs need to be defined properly.
  • The DPAs in many Member States face limited resources and the Commission should consider their funding to enable them to work with the Authority.
  • The EESC supports the additional staffing of the Authority with a view that this staff will be better positioned to work with the national DPAs to ensure that data protection infringements are properly investigated and where found sanctions applied.
  • The EESC recognises that the procedures for the elections of the EP are Member State governed within the EU framework. The EESC also expects that infringements of data protection rules are brought to the attention of the Authority either by the DPAs or by individual parties.