Latvian authorities introduce Data Processing Guidelines for political parties amidst pre-election period

Since political parties fall under the definition of a data controller as per the General Data Protection Regulation (hereinafter – GDPR), the Data State Inspectorate (hereinafter – DSI) together with the Central Election Commission have prepared guidelines on data processing during the pre-election period. 

The guidelines must be applied not only to this general election, but also to future national elections of the European Parliament and the elections of local municipality governments.

The aim of these guidelines is to provide practical information on how to comply with the provisions of the GDPR when engaging the voters in any campaigning activities. 

The document explains the regulation through applicable examples and contains comparisons of acceptable as well as unacceptable execution of these requirements. Political parties must comply with Article 6 of the GDPR and act in alignment with the law to maintain transparency, integrity, and other general principles of data protection. The guidelines serve as a reminder of these fundamental conditions but also turn to some case-specific scenarios.

For example, it is stated that it is forbidden for political parties to share the data with any social media platforms without duly acknowledging the intention to do so beforehand. Moreover, when providing this data to any social media platform, the political party would automatically become a co-controller and share the responsibility regarding its protection with the social media company. 

Processing of special categories of personal data as foreseen by Article 9 of the GDPR is also highlighted in the guidelines, since personal data regarding a person’s political opinions is likely to be obtained in the pre-election efforts. The DSI emphasizes that the collection of this data creates risk for potential discrimination and therefore additional protective mechanisms should be implemented by the parties.

The document finishes off with a concise overview on when and how the political parties can turn for help. The DSI is the national institution overseeing the compliance and providing assistance if and when necessary. With concern regarding the usage of personal data for political gain growing within the democratic society, guidelines such as these could act as a safeguard instrument for both the voters and the political actors involved.