Misuse of Facebook data

London-based company Cambridge Analytica is accused of having used the Facebook data of millions of voters without their permission to target them through personalised political advertisements during the US elections. This has prompted Parliament President Antonio Tajani to invite the Facebook CEO to the Parliament.

"I am deeply concerned by allegations that Cambridge Analytica harvested information from Facebook accounts without user consent, exposing key ethical issues surrounding the accountability and responsibility of powerful digital platforms,” said Tajani. “This incident is more than a breach of data, it's a breach of trust that can threaten the very functioning of democracy.”

“I have invited Mark Zuckerberg to the European Parliament to provide explanations, as we have a duty to safeguard citizens' rights and ensure that they are informed, especially with regards to sensitive issues like data protection."

What Parliament can do

On Wednesday 17 April, MEPs will discuss whether the European laws are an effective shield against personal data abuse and election manipulation following revelations about abuse of Facebook data by Cambridge Analytica.

In addition to holding a debate, other options are also open to Parliament, should MEPs decide to do so. MEPs could adopt a resolution calling on the European Commission to propose measures to tackle the misuse. Parliament may also opt to set up a temporary committee to look into the allegations and possible measures.

What Parliament has done to protect privacy

Parliament has always insisted on the need to reconcile security with the need to safeguard privacy and personal data. It has adopted resolutions addressing the use of passenger name record (PNR) data for the prevention and prosecution of terrorist offences and serious crime, data mining and the need to protect private information in a digitised world.

MEPs have paid special attention to EU-US data transfer rules, calling in 2014 for the suspension of the Safe Harbour privacy principles, and in 2017, raising concerns about surveillance activities by US electronic communications service providers, calling on the Commission to conduct a proper assessment of the EU-US Privacy Shield for data transferred for commercial purposes.

Upcoming legislation

The revelations about the misuse of Facebook´s data emerged as the EU prepares for the entry into force of the General Data Protection Regulation in May. It sets new rules for companies operating in the EU and gives people more control over their private information. The legislation includes the right to know when personal data has been hacked and the right to object to profiling.

The Parliament also wants to step up protection for people using electronic communications by reforming the e-Privacy directive (2002). The proposal seeks to ensure high standards of privacy, confidentiality and security in electronic communications tools such as Messenger, WhatsApp and Skype.

MEPs suggest setting stricter limits on data processing, ensuring that data can only be used for the purpose for which the user has given consent and guaranteeing that meta-data - information about numbers called, websites visited, and geographical location - is treated as confidential and cannot be passed on to third parties.