The EU is drafting new legislation aimed at preventing a Cambridge Anlytica-type scenario happening in next year’s European Parliament elections.
The Financial Times reports that the European Commission is preparing an amendment to existing party funding rules that would ban data collection à la Cambridge Analytica. The UK-based company mined millions of people’s Facebook data (without their consent), which was allegedly used to influence voters in the US and the UK.
Political groups profiting from such manipulative data practices in Europe could be fined up to five percent of their annual budget according to the current draft the legislation, which has yet to be finalized.
The amendment will only apply to Europe-wide ‘political groups,’ as the European Commission doesn’t have the authority to directly fine domestic political parties. That means loose coalitions as a whole — such as the European People’s Party, Socialists, etc. — would be fined if they were found guilty of misusing personal data for political purposes (e.g. micro-targeting), rather than the domestic political entities that make up the coalitions.
It’s important to note that voter targeting isn’t illegal in the EU, the Commission only wants to make sure that any personal information collected from third parties has been legally obtained with explicit consent of users. This stance shouldn’t come as a surprise after the EU’s big push for GDPR.
Not the only threat
The proposed amendment can go a long way to ensure the integrity of the upcoming European Parliamentary elections in May 2019 by enforcing bans on voter manipulation. However, it doesn’t affect the direct technical threats to the electoral process.
Estonia recently published a report warning about the threat of direct cyber-attacks which could affect the assignment of parliamentary seats, threatening the entire election process.
In an interview with Euractiv, the lead editor of the report, Liisa Past, stated that a coordinated attack could be incredibly harmful to the democratic process and actually obstruct the European Parliament from convening after elections — in addition to possibly dictate the political debate during election campaigns.
Estonia‘s report and the European Commission‘s upcoming amendment show that the EU is acutely aware of the technological threats to democracy. However, the scope of the problem is massive, so I wouldn’t be surprised if the EU will announce more initiatives against misinformation and cyber-threats in the run-up to the parliamentary elections, such as the Code of Practice for internet platforms, set to be formally announced in September.
While these initiatives might be imperfect, we’ll need all the tools we can get to protect our democracy.