Personal data protection has investigated the use of social media by political organizations for the 2021 parliamentary elections. In an opinion on that occasion, the processing of personal information is discussed in order to delineate target groups and direct marketing to them. The opinion covers the eight political organizations that had members of parliament elected in the elections, and its aim is to investigate whether political organizations have complied with the previous opinion of the Data Protection Authority on the topic in question from March 5, 2020, i.e. in connection with the 2016 and 2017 parliamentary elections. The Data Protection Authority’s examination of the 2021 elections was limited to considerations of transparency on the one hand and proportionality on the other.

In general, political organizations only used parameters of a very general nature, i.e. age range and rough location. One category, ie The coalition, however, stood out, especially with the extensive use of personal profiles based on Facebook’s registration of users’ interests, but also with the use of other types of online behavior information. Then Viðreisn used such information to some extent.

No specific comments were made about the education provided by the political organizations, but generally they published a privacy policy on their website and provided additional information alongside advertisements. As far as the use of online behavior information was concerned, it was believed that the users’ consent had to be obtained and that the responsibility for providing information in connection with it lay not only with the relevant social media, but also with the political organizations themselves that used such information, i.e. the aforementioned two categories.

It was not considered possible to rely on the consent of the registered persons having been given to these two categories in accordance with transparency requirements, but it was also considered that the close nature of the processing in question must be considered. In that respect, as well as the requirement that the use of personal profiles be compatible with democratic values, it was also tested whether proportionality had been observed.

In light of the fact that a solution is still awaited at the pan-European level, which will be important in this context, the Data Protection Authority noted that there was no reason to use the agency’s powers in this regard, but reminded of the importance of complying with the points of view described in the opinion, regardless of which social media was used at any given time.

https://www.personuvernd.is/personuvernd/frettir/alit-a-notkun-stjornmalasamtaka-a-samfelagsmidlum-fyrir-kosningar-til-althingis-2021-aminning-vegna-komandi-kosninga