NationBuilder was used to process citizen voting data before the upcoming European elections. The company and software have been used by organizations for years, but the EDPS has been concerned it data processed by the company are in line with data protection rules. Parliament has been using NationBuilder to process data around public engagement in an effort to boost voting interest ahead of the election. The software was used through the thistimeimvoting.eu portal. EDPS has been investigating the relationship since February and says it was acting on the basis of other controversies that have befallen NationBuilder. The website collected personal data from more than 329,000 people interested in the EU election campaign — data that was processed on behalf of the parliament by NationBuilder. During the probe, the regulator found the EU parliament had gone against rules regarding how personal data can be used. “The issue EDPS had was with the Parliament’s lack of awareness of the extent of the processing being carried out by third parties and the lack of prior authorisation, by Parliament as data controller, provided in advance of the processing,” an EDPS spokesman told us.
European Laws
Interestingly, the European Union has clamped down hard on tech companies. Most recently, Microsoft’s data management on the continent was under scrutiny. Those companies may argue if the EU can’t keep its own house in order it should not be targeting others. EDPS would likely counter by saying chasing down the parliament shows its regulations function. “The EDPS is still investigating with the European Parliament and received additional evidence. We are now completing our analysis of that evidence, and we anticipate closing the investigation in the near future.”